Vulnerabilites related to intel - nuc_kit_d53427rke
Vulnerability from fkie_nvd
Published
2019-01-10 20:29
Modified
2024-11-21 03:26
Severity ?
Summary
Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71AA56A6-EB26-4A62-83EC-6961BC24D4DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_d33217gke:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BFB59F-D932-43E5-9A41-3AE3A9047DCE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_d53427rke:-:*:*:*:*:*:*:*",
"matchCriteriaId": "412647D8-EA12-4EE6-A2D3-71DDFD963BF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_d54250wyb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DB94BE-7F38-4029-954E-EFE1AC614798",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_de3815tybe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F83FBC94-6D65-4A44-992D-2A5AECC59E49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_dn2820fykh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "738AD9B2-1055-42D0-8D16-205340BE3BE7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5cpyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB62714-4F2E-4980-9898-BBC4B06085F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i3myhe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97B8B238-D4DA-40A8-92CD-42B0EB6B1E2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i5myhe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5226BE-680C-4915-AB23-EABC588DCC0B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i7ryh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03D56B57-D4CD-47E9-AE86-B1307D3609B7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5pgyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9ED06A8-FABF-431E-A5F4-F1B50E1F51B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc6cays:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A261B82-5F54-4556-B1D1-53F0CFDF1830",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc6i5syh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3892CA36-86BF-4861-8C32-657212EABC92",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc6i7kyk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC80B8F-D912-40D3-90AF-00DDF6A91AED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7cjyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "573F0989-6A34-4595-A298-EA1B88C61BD9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i3dnhe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3143ABA5-9741-4CD2-AB9A-A7600EA6E32F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i5dnke:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF7E820-8567-4E9A-8247-5E1665FFF8BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i7bnh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0DE3105-8418-4CA3-80B0-5EE4E394D58F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i7dnke:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DFDFEB2-B10D-489E-B51C-10FA84E65858",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "244CD6EC-780A-405E-8CFA-666A666FF7D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F811493-1AB4-47BC-B942-2E93A7349843",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFEA643F-FE21-45B0-AC74-D87D7D864D10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1FA6131-F3C8-4B98-B4E8-C320C262F750",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E3D93D1-5772-4806-9428-9AB26B32D210",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "202B4308-A49D-487D-A04D-FE34235F61C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E453448C-AA11-48E3-8423-60E62A10D0CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_stick_stk1aw32sc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8B7517-4313-4DA8-953E-B36279157FC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A90BE5-6136-43A9-BC91-9474D3D0EEF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B0C9D80-37A3-43E5-B818-55532F613436",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access."
},
{
"lang": "es",
"value": "La configuraci\u00f3n incorrecta de las opciones del dispositivo en el firmware del sistema para los kits Intel(R) NUC podr\u00eda permitir que un usuario privilegiado pueda habilitar el escalado de privilegios mediante acceso f\u00edsico."
}
],
"id": "CVE-2017-3718",
"lastModified": "2024-11-21T03:26:01.080",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.3,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-10T20:29:00.237",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00144.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00144.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-17 16:29
Modified
2024-11-21 04:20
Severity ?
Summary
Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71AA56A6-EB26-4A62-83EC-6961BC24D4DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_d33217gke:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BFB59F-D932-43E5-9A41-3AE3A9047DCE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_d53427rke:-:*:*:*:*:*:*:*",
"matchCriteriaId": "412647D8-EA12-4EE6-A2D3-71DDFD963BF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_d54250wyb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DB94BE-7F38-4029-954E-EFE1AC614798",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_de3815tybe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F83FBC94-6D65-4A44-992D-2A5AECC59E49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_dn2820fykh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "738AD9B2-1055-42D0-8D16-205340BE3BE7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5cpyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB62714-4F2E-4980-9898-BBC4B06085F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i3myhe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97B8B238-D4DA-40A8-92CD-42B0EB6B1E2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i5myhe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5226BE-680C-4915-AB23-EABC588DCC0B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i7ryh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03D56B57-D4CD-47E9-AE86-B1307D3609B7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5pgyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9ED06A8-FABF-431E-A5F4-F1B50E1F51B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc6cays:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A261B82-5F54-4556-B1D1-53F0CFDF1830",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc6i5syh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3892CA36-86BF-4861-8C32-657212EABC92",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc6i7kyk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC80B8F-D912-40D3-90AF-00DDF6A91AED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7cjyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "573F0989-6A34-4595-A298-EA1B88C61BD9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i3dnhe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3143ABA5-9741-4CD2-AB9A-A7600EA6E32F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i5dnke:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF7E820-8567-4E9A-8247-5E1665FFF8BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i7bnh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0DE3105-8418-4CA3-80B0-5EE4E394D58F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i7dnke:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DFDFEB2-B10D-489E-B51C-10FA84E65858",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "244CD6EC-780A-405E-8CFA-666A666FF7D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access."
},
{
"lang": "es",
"value": "La validaci\u00f3n de entrada insuficiente en el firmware del sistema para Intel (R) NUC Kit puede permitir que un usuario autenticado habilite potencialmente el aumento de privilegios, la denegaci\u00f3n de servicio y/o la divulgaci\u00f3n de informaci\u00f3n mediante un acceso local."
}
],
"id": "CVE-2019-11094",
"lastModified": "2024-11-21T04:20:31.577",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-17T16:29:03.187",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Not Applicable"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-09-12 19:29
Modified
2024-11-21 03:44
Severity ?
Summary
Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71AA56A6-EB26-4A62-83EC-6961BC24D4DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_d33217gke:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BFB59F-D932-43E5-9A41-3AE3A9047DCE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_d53427rke:-:*:*:*:*:*:*:*",
"matchCriteriaId": "412647D8-EA12-4EE6-A2D3-71DDFD963BF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_d54250wyb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DB94BE-7F38-4029-954E-EFE1AC614798",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_de3815tybe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F83FBC94-6D65-4A44-992D-2A5AECC59E49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_dn2820fykh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "738AD9B2-1055-42D0-8D16-205340BE3BE7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5cpyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB62714-4F2E-4980-9898-BBC4B06085F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i3myhe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97B8B238-D4DA-40A8-92CD-42B0EB6B1E2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i5myhe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5226BE-680C-4915-AB23-EABC588DCC0B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i7ryh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03D56B57-D4CD-47E9-AE86-B1307D3609B7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5pgyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9ED06A8-FABF-431E-A5F4-F1B50E1F51B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc6cays:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A261B82-5F54-4556-B1D1-53F0CFDF1830",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc6i5syh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3892CA36-86BF-4861-8C32-657212EABC92",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc6i7kyk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC80B8F-D912-40D3-90AF-00DDF6A91AED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7cjyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "573F0989-6A34-4595-A298-EA1B88C61BD9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i3dnhe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3143ABA5-9741-4CD2-AB9A-A7600EA6E32F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i5dnke:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF7E820-8567-4E9A-8247-5E1665FFF8BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i7bnh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0DE3105-8418-4CA3-80B0-5EE4E394D58F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i7dnke:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DFDFEB2-B10D-489E-B51C-10FA84E65858",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "244CD6EC-780A-405E-8CFA-666A666FF7D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F811493-1AB4-47BC-B942-2E93A7349843",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFEA643F-FE21-45B0-AC74-D87D7D864D10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1FA6131-F3C8-4B98-B4E8-C320C262F750",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E3D93D1-5772-4806-9428-9AB26B32D210",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "202B4308-A49D-487D-A04D-FE34235F61C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E453448C-AA11-48E3-8423-60E62A10D0CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_stick_stk1aw32sc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8B7517-4313-4DA8-953E-B36279157FC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A90BE5-6136-43A9-BC91-9474D3D0EEF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B0C9D80-37A3-43E5-B818-55532F613436",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access."
},
{
"lang": "es",
"value": "Validaci\u00f3n de entradas incorrecta en el firmware para Intel NUC Kits podr\u00eda permitir que un usuario privilegiado ejecute c\u00f3digo arbitrario, lo que resulta en una divulgaci\u00f3n de informaci\u00f3n, escalado de privilegios y/o una denegaci\u00f3n de servicio (DoS) mediante acceso local."
}
],
"id": "CVE-2018-12176",
"lastModified": "2024-11-21T03:44:42.123",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-12T19:29:02.247",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2019-11094
Vulnerability from cvelistv5
Published
2019-05-17 15:41
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Intel (R) NUC |
Version: Kit NUC8i7HNK BIOS and Kit NUC8i7HVK BIOS before version 0054. Kit NUC7i7DNHE BIOS, Kit NUC7i7DNKE BIOS, Kit NUC7i5DNHE, Kit NUC7i5DNHE and Board NUC7i7DNBE BIOS before version 0062. |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:16.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel (R) NUC",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Kit NUC8i7HNK BIOS and Kit NUC8i7HVK BIOS before version 0054. Kit NUC7i7DNHE BIOS, Kit NUC7i7DNKE BIOS, Kit NUC7i5DNHE, Kit NUC7i5DNHE and Board NUC7i7DNBE BIOS before version 0062."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-17T15:41:37",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2019-11094",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel (R) NUC",
"version": {
"version_data": [
{
"version_value": "Kit NUC8i7HNK BIOS and Kit NUC8i7HVK BIOS before version 0054. Kit NUC7i7DNHE BIOS, Kit NUC7i7DNKE BIOS, Kit NUC7i5DNHE, Kit NUC7i5DNHE and Board NUC7i7DNBE BIOS before version 0062."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2019-11094",
"datePublished": "2019-05-17T15:41:37",
"dateReserved": "2019-04-11T00:00:00",
"dateUpdated": "2024-08-04T22:40:16.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-12176
Vulnerability from cvelistv5
Published
2018-09-12 19:00
Modified
2024-09-16 19:47
Severity ?
EPSS score ?
Summary
Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Intel Corporation | Intel(R) NUC Kits and Intel(R) Compute Cards |
Version: Multiple Intel(R) NUC Kits and Intel(R) Compute Cards (see list in Intel advisory). |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:30:58.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUC Kits and Intel(R) Compute Cards",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "Multiple Intel(R) NUC Kits and Intel(R) Compute Cards (see list in Intel advisory)."
}
]
}
],
"datePublic": "2018-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege, Denial of Service, Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-12T18:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2018-09-11T00:00:00",
"ID": "CVE-2018-12176",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUC Kits and Intel(R) Compute Cards",
"version": {
"version_data": [
{
"version_value": "Multiple Intel(R) NUC Kits and Intel(R) Compute Cards (see list in Intel advisory)."
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service, Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2018-12176",
"datePublished": "2018-09-12T19:00:00Z",
"dateReserved": "2018-06-11T00:00:00",
"dateUpdated": "2024-09-16T19:47:25.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-3718
Vulnerability from cvelistv5
Published
2019-01-10 20:00
Modified
2024-10-02 16:25
Severity ?
EPSS score ?
Summary
Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00144.html | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Intel Corporation | Intel(R) NUC |
Version: Multiple versions. |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00144.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-3718",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T15:56:39.067860Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:25:44.107Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUC",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "Multiple versions."
}
]
}
],
"datePublic": "2019-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-10T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00144.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"DATE_PUBLIC": "2019-01-08T00:00:00",
"ID": "CVE-2017-3718",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUC",
"version": {
"version_data": [
{
"version_value": "Multiple versions."
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00144.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00144.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-3718",
"datePublished": "2019-01-10T20:00:00Z",
"dateReserved": "2016-12-06T00:00:00",
"dateUpdated": "2024-10-02T16:25:44.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}