CVE-2019-11157

Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access.

Published: 2019-12-16 Last update: 2024-11-21 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2019-11157 is rated Moderate Risk (40.8/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.19%). Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2019-11157

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-04-21 0.32% 0.19% -0.14%
2 2026-02-03 0.35% 0.32% -0.03%
3 2026-01-25 0.35%

Full EPSS history (18 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2019-11157

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
6.7 3.1 MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Click to expand
Attack vector (AV:L)
They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:H)
They need powerful rights—admin, root, or similar—before this pays off.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:H)
They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
 0.8 5.9 [email protected]
4.6 2.0 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P Click to expand
Access vector (AV:L)
Requires local access to the target system.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
 3.9 6.4 [email protected]

Weakness enumeration for CVE-2019-11157

OS Trackers for CVE-2019-11157

vendor priority summary link
ubuntu medium CVE-2019-11157 medium priority: Ubuntu including 1 source packages (intel-microcode), 6 status rows across 6 suites (bionic, disco, eoan, trusty, upstream, xenial): released 6. https://ubuntu.com/security/CVE-2019-11157

Affected software / configurations for CVE-2019-11157

Vendor Product Version Raw CPE
intel xeon_e3-1585_firmware cpe:2.3:o:intel:xeon_e3-1585_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1585l_firmware cpe:2.3:o:intel:xeon_e3-1585l_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1578l_firmware cpe:2.3:o:intel:xeon_e3-1578l_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1575m_firmware cpe:2.3:o:intel:xeon_e3-1575m_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1565l_firmware cpe:2.3:o:intel:xeon_e3-1565l_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1558l_firmware cpe:2.3:o:intel:xeon_e3-1558l_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1545m_firmware cpe:2.3:o:intel:xeon_e3-1545m_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1535m_firmware cpe:2.3:o:intel:xeon_e3-1535m_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1515m_firmware cpe:2.3:o:intel:xeon_e3-1515m_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1505m_firmware cpe:2.3:o:intel:xeon_e3-1505m_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1505l_firmware cpe:2.3:o:intel:xeon_e3-1505l_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1280_firmware cpe:2.3:o:intel:xeon_e3-1280_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1275_firmware cpe:2.3:o:intel:xeon_e3-1275_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1270_firmware cpe:2.3:o:intel:xeon_e3-1270_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1268l_firmware cpe:2.3:o:intel:xeon_e3-1268l_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1260l_firmware cpe:2.3:o:intel:xeon_e3-1260l_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1245_firmware cpe:2.3:o:intel:xeon_e3-1245_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1240l_firmware cpe:2.3:o:intel:xeon_e3-1240l_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1240_firmware cpe:2.3:o:intel:xeon_e3-1240_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1235l_firmware cpe:2.3:o:intel:xeon_e3-1235l_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1230_firmware cpe:2.3:o:intel:xeon_e3-1230_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1225_firmware cpe:2.3:o:intel:xeon_e3-1225_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1220_firmware cpe:2.3:o:intel:xeon_e3-1220_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1501l_firmware cpe:2.3:o:intel:xeon_e3-1501l_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1501m_firmware cpe:2.3:o:intel:xeon_e3-1501m_firmware:-:*:*:*:*:*:*:*
intel xeon_e3-1285_firmware cpe:2.3:o:intel:xeon_e3-1285_firmware:-:*:*:*:*:*:*:*
intel core_i3-6300_firmware cpe:2.3:o:intel:core_i3-6300_firmware:-:*:*:*:*:*:*:*
intel core_i3-6300t_firmware cpe:2.3:o:intel:core_i3-6300t_firmware:-:*:*:*:*:*:*:*
intel core_i3-6320_firmware cpe:2.3:o:intel:core_i3-6320_firmware:-:*:*:*:*:*:*:*
intel core_i3-6100e_firmware cpe:2.3:o:intel:core_i3-6100e_firmware:-:*:*:*:*:*:*:*
intel core_i3-6100h_firmware cpe:2.3:o:intel:core_i3-6100h_firmware:-:*:*:*:*:*:*:*
intel core_i3-6100u_firmware cpe:2.3:o:intel:core_i3-6100u_firmware:-:*:*:*:*:*:*:*
intel core_i3-6102e_firmware cpe:2.3:o:intel:core_i3-6102e_firmware:-:*:*:*:*:*:*:*
intel core_i3-6157u_firmware cpe:2.3:o:intel:core_i3-6157u_firmware:-:*:*:*:*:*:*:*
intel core_i3-6167u_firmware cpe:2.3:o:intel:core_i3-6167u_firmware:-:*:*:*:*:*:*:*
intel core_i3-6100_firmware cpe:2.3:o:intel:core_i3-6100_firmware:-:*:*:*:*:*:*:*
intel core_i3-6100t_firmware cpe:2.3:o:intel:core_i3-6100t_firmware:-:*:*:*:*:*:*:*
intel core_i3-6100te_firmware cpe:2.3:o:intel:core_i3-6100te_firmware:-:*:*:*:*:*:*:*
intel core_i3-6006u_firmware cpe:2.3:o:intel:core_i3-6006u_firmware:-:*:*:*:*:*:*:*
intel core_i3-6098p_firmware cpe:2.3:o:intel:core_i3-6098p_firmware:-:*:*:*:*:*:*:*
intel core_i5-6600_firmware cpe:2.3:o:intel:core_i5-6600_firmware:-:*:*:*:*:*:*:*
intel core_i5-6685r_firmware cpe:2.3:o:intel:core_i5-6685r_firmware:-:*:*:*:*:*:*:*
intel core_i5-6600k_firmware cpe:2.3:o:intel:core_i5-6600k_firmware:-:*:*:*:*:*:*:*
intel core_i5-6600t_firmware cpe:2.3:o:intel:core_i5-6600t_firmware:-:*:*:*:*:*:*:*
intel core_i5-6585r_firmware cpe:2.3:o:intel:core_i5-6585r_firmware:-:*:*:*:*:*:*:*
intel core_i5-6500_firmware cpe:2.3:o:intel:core_i5-6500_firmware:-:*:*:*:*:*:*:*
intel core_i5-6500t_firmware cpe:2.3:o:intel:core_i5-6500t_firmware:-:*:*:*:*:*:*:*
intel core_i5-6500te_firmware cpe:2.3:o:intel:core_i5-6500te_firmware:-:*:*:*:*:*:*:*
intel core_i5-6402p_firmware cpe:2.3:o:intel:core_i5-6402p_firmware:-:*:*:*:*:*:*:*
intel core_i5-6400_firmware cpe:2.3:o:intel:core_i5-6400_firmware:-:*:*:*:*:*:*:*
intel core_i5-6400t_firmware cpe:2.3:o:intel:core_i5-6400t_firmware:-:*:*:*:*:*:*:*
intel core_i5-6440eq_firmware cpe:2.3:o:intel:core_i5-6440eq_firmware:-:*:*:*:*:*:*:*
intel core_i5-6440hq_firmware cpe:2.3:o:intel:core_i5-6440hq_firmware:-:*:*:*:*:*:*:*
intel core_i5-6442eq_firmware cpe:2.3:o:intel:core_i5-6442eq_firmware:-:*:*:*:*:*:*:*
intel core_i5-6360u_firmware cpe:2.3:o:intel:core_i5-6360u_firmware:-:*:*:*:*:*:*:*
intel core_i5-6350hq_firmware cpe:2.3:o:intel:core_i5-6350hq_firmware:-:*:*:*:*:*:*:*
intel core_i5-6300hq_firmware cpe:2.3:o:intel:core_i5-6300hq_firmware:-:*:*:*:*:*:*:*
intel core_i5-6300u_firmware cpe:2.3:o:intel:core_i5-6300u_firmware:-:*:*:*:*:*:*:*
intel core_i5-6200u_firmware cpe:2.3:o:intel:core_i5-6200u_firmware:-:*:*:*:*:*:*:*
intel core_i5-6260u_firmware cpe:2.3:o:intel:core_i5-6260u_firmware:-:*:*:*:*:*:*:*
intel core_i5-6267u_firmware cpe:2.3:o:intel:core_i5-6267u_firmware:-:*:*:*:*:*:*:*
intel core_i5-6287u_firmware cpe:2.3:o:intel:core_i5-6287u_firmware:-:*:*:*:*:*:*:*
intel core_i7-6970hq_firmware cpe:2.3:o:intel:core_i7-6970hq_firmware:-:*:*:*:*:*:*:*
intel core_i7-6920hq_firmware cpe:2.3:o:intel:core_i7-6920hq_firmware:-:*:*:*:*:*:*:*
intel core_i7-6870hq_firmware cpe:2.3:o:intel:core_i7-6870hq_firmware:-:*:*:*:*:*:*:*
intel core_i7-6822eq_firmware cpe:2.3:o:intel:core_i7-6822eq_firmware:-:*:*:*:*:*:*:*
intel core_i7-6820hq_firmware cpe:2.3:o:intel:core_i7-6820hq_firmware:-:*:*:*:*:*:*:*
intel core_i7-6820hk_firmware cpe:2.3:o:intel:core_i7-6820hk_firmware:-:*:*:*:*:*:*:*
intel core_i7-6820eq_firmware cpe:2.3:o:intel:core_i7-6820eq_firmware:-:*:*:*:*:*:*:*
intel core_i7-6785r_firmware cpe:2.3:o:intel:core_i7-6785r_firmware:-:*:*:*:*:*:*:*
intel core_i7-6700k_firmware cpe:2.3:o:intel:core_i7-6700k_firmware:-:*:*:*:*:*:*:*
intel core_i7-6700t_firmware cpe:2.3:o:intel:core_i7-6700t_firmware:-:*:*:*:*:*:*:*
intel core_i7-6700te_firmware cpe:2.3:o:intel:core_i7-6700te_firmware:-:*:*:*:*:*:*:*
intel core_i7-6700_firmware cpe:2.3:o:intel:core_i7-6700_firmware:-:*:*:*:*:*:*:*
intel core_i7-6770hq_firmware cpe:2.3:o:intel:core_i7-6770hq_firmware:-:*:*:*:*:*:*:*
intel core_i7-6700hq_firmware cpe:2.3:o:intel:core_i7-6700hq_firmware:-:*:*:*:*:*:*:*
intel core_i7-6660u_firmware cpe:2.3:o:intel:core_i7-6660u_firmware:-:*:*:*:*:*:*:*
intel core_i7-6650u_firmware cpe:2.3:o:intel:core_i7-6650u_firmware:-:*:*:*:*:*:*:*
intel core_i7-6600u_firmware cpe:2.3:o:intel:core_i7-6600u_firmware:-:*:*:*:*:*:*:*
intel core_i7-6567u_firmware cpe:2.3:o:intel:core_i7-6567u_firmware:-:*:*:*:*:*:*:*

References for CVE-2019-11157

cvelogic Threat Intelligence