More Information:

Security Advisories That Affect BIOS:

• Intel-SA-00307 – Escalation of Privilege, Denial of Service, Information Disclosure
  • Summary: A potential security vulnerability in CSME subsystem may allow escalation of privilege, denial of service, and information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability.
  • Severity: HIGH
  • CVEID: CVE-2019-14598
    Description: Improper Authentication in subsystem in Intel® CSME versions before 12.0.49, 12.0.55, 13.0.21, 14.0.11 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
    CVSS Base Score: 8.2 High

Security Advisories that don’t affect BIOS:

• INTEL-SA-00273 - Intel® Renesas Electronics® USB 3.0 Driver Advisory
• INTEL-SA-00336 - Intel® SGX SDK Advisory
• INTEL-SA-00339 - Intel® RAID Web Console 2 (RWC2)
• INTEL-TA-00340 - Intel® Manycore Platform Software Stack (MPSS)
• INTEL-SA-00341 - Intel® RAID Web Console 3 (RWC3)

List of affected motherboard products

• C7B360-CB-M
• C7B360-CB-MW
• C9Z390-CG
• C9Z390-CG-iW
• C9Z390-CGW
• C9Z390-PGW
• X11SCA
• X11SCA-F
• X11SCA-W
• X11SCQ
• X11SCQ-L
• X11SCV-L
• X11SCV-Q
• X11SCZ-F
• X11SCZ-Q
• X11SWN-E
• X11SWN-H
• X11SWN-L

Additional Resources

• Intel Security Advisory Intel-SA-00307
  • CVE-2019-14598