Vulnerabilities > CVE-2019-14584 - NULL Pointer Dereference vulnerability in Tianocore Edk2 20171107

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
tianocore
CWE-476

Summary

Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vulnerable Configurations

Part Description Count
Application
Tianocore
2

Common Weakness Enumeration (CWE)