All the vulnerabilites related to intel - nuc6i7kyk_bios
Vulnerability from fkie_nvd
Published
2017-07-26 15:29
Modified
2024-11-21 03:28
Severity ?
Summary
Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | nuc7i3bnk_bios | - | |
| intel | nuc7i3bnk | - | |
| intel | nuc7i5bnk_bios | - | |
| intel | nuc7i5bnk | - | |
| intel | nuc7i7bnh_bios | - | |
| intel | nuc7i7bnh | - | |
| intel | stk2mv64cc_bios | - | |
| intel | stk2mv64cc | - | |
| intel | stk2m3w64cc_bios | - | |
| intel | stk2m3w64cc | - | |
| intel | nuc6i7kyk_bios | - | |
| intel | nuc6i7kyk | - | |
| intel | nuc6i3syk_bios | - | |
| intel | nuc6i3syk | - | |
| intel | nuc6i5syk_bios | - | |
| intel | nuc6i5syk | - | |
| intel | r1304sposhor_bios | - | |
| intel | r1304sposhor | - | |
| intel | r1304sposhorr_bios | - | |
| intel | r1304sposhorr | - | |
| intel | r1208sposhorr_bios | - | |
| intel | r1208sposhorr | - | |
| intel | lr1304spcfg1r_bios | - | |
| intel | lr1304spcfg1r | - | |
| intel | r1208sposhor_bios | - | |
| intel | r1208sposhor | - | |
| intel | s1200spsr_bios | - | |
| intel | s1200spsr | - | |
| intel | s1200spor_bios | - | |
| intel | s1200spor | - | |
| intel | lr1304spcfg1_bios | - | |
| intel | lr1304spcfg1 | - | |
| intel | s1200spl_bios | - | |
| intel | s1200spl | - | |
| intel | s1200spo_bios | - | |
| intel | s1200spo | - | |
| intel | s1200sps_bios | - | |
| intel | s1200sps | - | |
| intel | r1304sposhbn_bios | - | |
| intel | r1304sposhbn | - | |
| intel | s1200splr_bios | - | |
| intel | s1200splr | - | |
| intel | r1304sposhbnr_bios | - | |
| intel | r1304sposhbnr | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnk_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "682EDAC2-F993-4401-B649-B5C49E3E1761",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7i3bnk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A810CE8E-3B2C-458D-BAE4-BA3AEC4FA5CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnk_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "384BE426-912A-4BFD-8AE7-BEB0F941DF7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7i5bnk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF91B19-0FA1-4CE8-B729-A09612466725",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7i7bnh_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71D0E50D-B369-4C82-91DB-AD44A71736EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7i7bnh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ACBE1C0D-69EF-45B5-9E70-C4DBD0A401BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:stk2mv64cc_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3E5D206-247A-41BA-BAE6-83F482D1090A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:stk2mv64cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9497CA1C-A3CA-4CC4-8192-69DF58630575",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:stk2m3w64cc_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE204F78-8A38-4FC5-BCBF-6EB40015ABAE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:stk2m3w64cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "123782EB-5B44-492A-86B1-D10C03C89D64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc6i7kyk_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4414D9EF-D36D-4190-8581-3E0370764CA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc6i7kyk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC196D3E-062A-4301-BAA8-51FAF153F2EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc6i3syk_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5C2391-2CD8-49F6-BDAE-B79670CEC3B4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc6i3syk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "035B570B-8441-4F84-A441-FFBD1378EE6E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc6i5syk_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF24505-0212-4152-80FD-F80792E51E9C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc6i5syk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9AEC7B5-E79D-4CB0-8BA9-4ED6001603D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:r1304sposhor_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4ECEC599-486C-45B6-9D5C-73CCDF1BD5BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:r1304sposhor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3684B23-A791-43B9-8426-EE79463E9471",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:r1304sposhorr_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44FBDCDD-2015-45EE-BDFD-0876F20A58E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:r1304sposhorr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB43BBF2-C737-4246-8943-E21178192050",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:r1208sposhorr_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "921BA513-3719-4213-BB0B-96062C64459D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:r1208sposhorr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2392C7B-4401-4ECF-9AF2-AED3B375DA1A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:lr1304spcfg1r_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05649F5-F879-434D-9BAC-AA95AA011DE6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:lr1304spcfg1r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "846E6438-E23A-4444-94C1-8E9326B53FC5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:r1208sposhor_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20CD2904-77C2-4F70-A187-469895E53B37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:r1208sposhor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB4BADBE-93D4-44C6-8307-72A5351587F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s1200spsr_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93285F46-461A-4BA2-B195-A7869E194CDF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s1200spsr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B19990B5-8D2D-4A9F-B323-2E82B46ACAF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s1200spor_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0563A19E-8ABD-4652-B5CB-D64DBD96BD9B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s1200spor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F0421C-DD38-4FAD-8EA8-A264025A3C6D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:lr1304spcfg1_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59866E74-BB74-450C-8375-61C86FA6E261",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:lr1304spcfg1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3353F12-6B1E-479A-88A0-51315E377891",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s1200spl_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EACE8E81-E786-4262-AAF5-738756B5E549",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s1200spl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFED93FA-650A-4908-9D22-DFA1013A9AF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s1200spo_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D7AF551-F825-4E09-AC7E-B94CB21B56D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s1200spo:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06306DD8-2347-4A9A-8A4A-2D283F784207",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s1200sps_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59A87E1D-1BAF-4A11-894C-0FF1592B6561",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s1200sps:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB414F9E-02B4-4CD4-9534-35BD478A9598",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:r1304sposhbn_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB2AA41-AB3A-41B4-AF30-B3970A5971D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:r1304sposhbn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1698F3C-7D8C-4C5F-AB32-4176E363EC77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:s1200splr_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8245B6D7-B1E8-4B63-AA5D-E9C2BB132F75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:s1200splr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB1CAD2B-7D17-4D75-9746-C6AF049F6C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:r1304sposhbnr_bios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52415BC5-A21B-45E2-BE4D-9BF4FF9CB0A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:r1304sposhbnr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB06D22E-814F-4B2E-BDB6-E8ADB0EDC7EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state."
},
{
"lang": "es",
"value": "La comprobaci\u00f3n incorrecta en los procesadores Intel de las familias de procesadores Intel Core de 6a y 7a generaci\u00f3n, de las familias de productos Intel Xeon E3-1500M versiones v5 y v6, y de las familias de productos Intel Xeon E3-1200 versiones v5 y v6, permite que el firmware del sistema comprometido impacte la seguridad SGX por medio de un estado inicial incorrecto del sistema."
}
],
"id": "CVE-2017-5691",
"lastModified": "2024-11-21T03:28:13.767",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-26T15:29:00.283",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesb3p03767en_us"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076\u0026languageid=en-fr"
},
{
"source": "secure@intel.com",
"url": "https://support.lenovo.com/us/en/product_security/LEN-15184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesb3p03767en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076\u0026languageid=en-fr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.lenovo.com/us/en/product_security/LEN-15184"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-03 21:59
Modified
2024-11-21 03:28
Severity ?
Summary
The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@intel.com | http://www.securityfocus.com/bid/97408 | Third Party Advisory, VDB Entry | |
| secure@intel.com | https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073&languageid=en-fr | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97408 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073&languageid=en-fr | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | nuc6i7kyk_bios | kyskli70.86a.0042.2016.0929.1933 | |
| intel | nuc6i7kyk | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc6i7kyk_bios:kyskli70.86a.0042.2016.0929.1933:*:*:*:*:*:*:*",
"matchCriteriaId": "3A2D6871-F873-4614-9A1E-533EA68CCBA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc6i7kyk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC196D3E-062A-4301-BAA8-51FAF153F2EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information."
},
{
"lang": "es",
"value": "Los sistemas BIOS en Intel NUC basados en los procesos 6th Gen Intel Core antes de la versi\u00f3n KY0045 puede permitir que un atacante con acceso f\u00edsico al sistema pueda tener acceso a informaci\u00f3n personal."
}
],
"id": "CVE-2017-5685",
"lastModified": "2024-11-21T03:28:13.200",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.3,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-03T21:59:00.220",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97408"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073\u0026languageid=en-fr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97408"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073\u0026languageid=en-fr"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2017-5685
Vulnerability from cvelistv5
Published
2017-04-03 21:00
Modified
2024-08-05 15:11
Severity ?
EPSS score ?
Summary
The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073&languageid=en-fr | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/97408 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Intel | Intel NUC NUC6i7KYK |
Version: Before KY0045 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:47.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073\u0026languageid=en-fr"
},
{
"name": "97408",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97408"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel NUC NUC6i7KYK",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "Before KY0045"
}
]
}
],
"datePublic": "2017-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-06T09:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073\u0026languageid=en-fr"
},
{
"name": "97408",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97408"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2017-5685",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel NUC NUC6i7KYK",
"version": {
"version_data": [
{
"version_value": "Before KY0045"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073\u0026languageid=en-fr",
"refsource": "CONFIRM",
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073\u0026languageid=en-fr"
},
{
"name": "97408",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97408"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2017-5685",
"datePublished": "2017-04-03T21:00:00",
"dateReserved": "2017-02-01T00:00:00",
"dateUpdated": "2024-08-05T15:11:47.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-5691
Vulnerability from cvelistv5
Published
2017-07-26 15:00
Modified
2024-09-16 17:58
Severity ?
EPSS score ?
Summary
Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076&languageid=en-fr | x_refsource_CONFIRM | |
| https://support.lenovo.com/us/en/product_security/LEN-15184 | x_refsource_CONFIRM | |
| https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesb3p03767en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Intel Corporation | 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Processor Families, and Intel Xeon E3-1200 v5 and v6 Product Families. |
Version: 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Processor Families, and Intel Xeon E3-1200 v5 and v6 Product Families. |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:48.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076\u0026languageid=en-fr"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-15184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesb3p03767en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Processor Families, and Intel Xeon E3-1200 v5 and v6 Product Families.",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Processor Families, and Intel Xeon E3-1200 v5 and v6 Product Families."
}
]
}
],
"datePublic": "2017-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-15T19:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076\u0026languageid=en-fr"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-15184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesb3p03767en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2017-07-25T00:00:00",
"ID": "CVE-2017-5691",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Processor Families, and Intel Xeon E3-1200 v5 and v6 Product Families.",
"version": {
"version_data": [
{
"version_value": "6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Processor Families, and Intel Xeon E3-1200 v5 and v6 Product Families."
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076\u0026languageid=en-fr",
"refsource": "CONFIRM",
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076\u0026languageid=en-fr"
},
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-15184",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-15184"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesb3p03767en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesb3p03767en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2017-5691",
"datePublished": "2017-07-26T15:00:00Z",
"dateReserved": "2017-02-01T00:00:00",
"dateUpdated": "2024-09-16T17:58:24.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}