CVE-2019-11137

Name of the Vulnerable Software and Affected Versions Intel(R) Xeon(R) Scalable Processors (affected versions not specified) Intel(R) Xeon(R) Processors D Family (affected versions not specified) Intel(R) Xeon(R) Processors E5 v4 Family (affected versions not specified) Intel(R) Xeon(R) Processors E7 v4 Family (affected versions not specified) Intel(R) Atom(R) processor C Series (affected versions not specified)

Description The issue is related to insufficient input validation in system firmware, which may allow a privileged user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.

Recommendations For Intel(R) Xeon(R) Scalable Processors, consider restricting local access until a fix is available. For Intel(R) Xeon(R) Processors D Family, restrict local access to minimize the risk of exploitation. For Intel(R) Xeon(R) Processors E5 v4 Family, limit privileges for local users as a temporary mitigation measure. For Intel(R) Xeon(R) Processors E7 v4 Family, avoid using the system with elevated privileges until the issue is resolved. For Intel(R) Atom(R) processor C Series, restrict access to sensitive information to prevent potential disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.