All the vulnerabilites related to intel - nuc_kit_h26998-500_firmware
cve-2020-12336
Vulnerability from cvelistv5
Published
2020-11-12 18:15
Modified
2024-08-04 11:56
Severity ?
EPSS score ?
Summary
Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Intel(R) NUCs |
Version: See references |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.019Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-12T18:15:50",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-12336",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUCs",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-12336",
"datePublished": "2020-11-12T18:15:50",
"dateReserved": "2020-04-28T00:00:00",
"dateUpdated": "2024-08-04T11:56:52.019Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-24525
Vulnerability from cvelistv5
Published
2020-11-12 18:16
Modified
2024-08-04 15:12
Severity ?
EPSS score ?
Summary
Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414 | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2020/Nov/26 | mailing-list, x_refsource_FULLDISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Intel(R) NUCs |
Version: See references |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:09.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
},
{
"name": "20201116 Intel NUC - Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/26"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-16T11:06:07",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
},
{
"name": "20201116 Intel NUC - Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/26"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-24525",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUCs",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
},
{
"name": "20201116 Intel NUC - Local Privilege Escalation Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Nov/26"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-24525",
"datePublished": "2020-11-12T18:16:05",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-08-04T15:12:09.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-12337
Vulnerability from cvelistv5
Published
2020-11-12 18:15
Modified
2024-08-04 11:56
Severity ?
EPSS score ?
Summary
Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Intel(R) NUCs |
Version: See references |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:51.397Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-12T18:15:58",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-12337",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUCs",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-12337",
"datePublished": "2020-11-12T18:15:58",
"dateReserved": "2020-04-28T00:00:00",
"dateUpdated": "2024-08-04T11:56:51.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-11-12 19:15
Modified
2024-11-21 04:59
Severity ?
Summary
Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_mainstream-g_kit_nuc8i5inh_firmware:inwhl357.0036:*:*:*:*:*:*:*",
"matchCriteriaId": "99E99F9F-8989-4231-A903-320894606A99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_mainstream-g_kit_nuc8i5inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18330FCA-FFDE-4B0E-8703-1DAE0633C053",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_mainstream-g_kit_nuc8i7inh_firmware:inwhl357.0036:*:*:*:*:*:*:*",
"matchCriteriaId": "3C4C6DAF-C399-4899-919D-36AB585E5675",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_mainstream-g_kit_nuc8i7inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7FB4D7-3AED-4BBD-9655-6C300FC08218",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_mainstream-g_mini_pc_nuc8i5inh_firmware:inwhl357.0036:*:*:*:*:*:*:*",
"matchCriteriaId": "91387974-52EC-4797-9E01-9BA59C4759D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_mainstream-g_mini_pc_nuc8i5inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E95098F-4682-4645-A61F-15BDAA5A54BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_mainstream-g_mini_pc_nuc8i7inh_firmware:inwhl357.0036:*:*:*:*:*:*:*",
"matchCriteriaId": "C38AD6D5-0868-429B-87D2-302C942C29AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_mainstream-g_mini_pc_nuc8i7inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13AA1F39-F562-4CB9-A9EF-BE4213E809B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_pro_board_nuc8i3pnb_firmware:pnwhl357.0037:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A58245-FD3D-4A1B-B749-793247160E51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_pro_board_nuc8i3pnb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "423CC75A-A2F2-4697-B61C-0D577CFD2E26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_pro_kit_nuc8i3pnh_firmware:pnwhl357.0037:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EF1055-A110-45E5-91E5-28FAF56667BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_pro_kit_nuc8i3pnh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8ABDE-3692-4CF2-89C4-CC69B9756A82",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_pro_kit_nuc8i3pnk_firmware:pnwhl357.0037:*:*:*:*:*:*:*",
"matchCriteriaId": "07A90F26-F3C6-4329-AD44-00D4CADDF415",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_pro_kit_nuc8i3pnk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6086D66C-80C1-4A92-A1EB-E3F11ED55A8D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_pro_mini_pc_nuc8i3pnk_firmware:pnwhl357.0037:*:*:*:*:*:*:*",
"matchCriteriaId": "2B5BE2B8-411B-4BE1-9043-6618B095A2A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_pro_mini_pc_nuc8i3pnk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62A579AA-8562-4BB6-9F61-291C451CC4BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_rugged_kit_nuc8cchkr_firmware:chaplcel.0049:*:*:*:*:*:*:*",
"matchCriteriaId": "AFFFAE5D-1E41-4245-842D-1DFD225D86EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_rugged_kit_nuc8cchkr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F604D7-3A72-412C-8FA6-9C9076AE8F2A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_9_pro_kit_nuc9v7qnx_firmware:qncflx70.34:*:*:*:*:*:*:*",
"matchCriteriaId": "6940E1B7-7618-4408-B517-0BA1A6B99362",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_9_pro_kit_nuc9v7qnx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2613E78B-477C-4CC1-80B8-B3D23C40C7B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_9_pro_kit_nuc9vxqnx_firmware:qncflx70.34:*:*:*:*:*:*:*",
"matchCriteriaId": "8A3B90ED-E487-481B-A6A3-F27B83C4628F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_9_pro_kit_nuc9vxqnx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "870E5CEB-279E-47A7-92D3-47C53FF66D86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_h27002-400_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "B032A942-9C6E-4B72-99A2-E2A0F9C8C822",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_h27002-400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29E0ED9D-48FF-47FF-A08D-8A3B15692C25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_h27002-401_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "710AF53A-0FFD-45DD-B16F-FC9BD01C16FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_h27002-401:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB3E430-3415-4A18-AC75-BD2393E1F732",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_h27002-402_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "5A52D144-7917-4932-A3BC-DE40DE0C3C60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_h27002-402:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E868347-E407-4D99-96C1-BF6024BFC029",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_h27002-404_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "99FA6D9D-4CD0-4CD8-8D46-A6E8BB7C538A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_h27002-404:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B09A395-F263-487A-9373-E47C0309E1DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_h27002-500_firmware:tybyt20h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "2B62A359-6B45-4A78-ACFC-61F5B6DAADF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_h27002-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0062C296-DB3C-47F4-BF3B-73384E4123F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_nuc8cchb_firmware:chaplcel.0049:*:*:*:*:*:*:*",
"matchCriteriaId": "11F6C965-2B39-4541-91CB-5B43C63CB1DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_nuc8cchb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEDDEDB3-82C2-4A71-B72C-14028894A71A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-401_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "FFD2C910-6C6B-4E46-83BD-732363D15F9C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-401:-:*:*:*:*:*:*:*",
"matchCriteriaId": "969E7B4F-310B-4533-9169-DA3667FFF793",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-402_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "F5AC1AF4-AD27-42E1-9505-9480499066C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-402:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27CF699D-F8FB-4EE0-BA15-C3CE679AA4D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-403_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "9E70C4B5-9367-4725-9384-8CF2537EFFC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-403:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8F44746-AD44-486A-8EA6-13803A8BA6A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-404_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "69866711-8389-4BCA-9A08-B9101C3CD55E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-404:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98732935-F726-4A0F-BE5D-0F099395ED45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-405_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "DD30C573-D10F-472D-B7D7-EA367C5DE198",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-405:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E269DBB0-F2FE-49A4-857A-BAB027FB17F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-500_firmware:tybyt20h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "90AEFD53-E35C-4C4C-AF84-3F42E84A7E50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "290C4862-FA44-4BB6-9B0F-84C900102020",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access."
},
{
"lang": "es",
"value": "Una inicializaci\u00f3n de variable predeterminada no segura en el firmware para algunos Intel\u00ae NUCs puede habilitar a un usuario autenticado para permitir potencialmente una escalada de privilegios por medio de un acceso local"
}
],
"id": "CVE-2020-12336",
"lastModified": "2024-11-21T04:59:32.333",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-12T19:15:14.003",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1188"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-11-12 19:15
Modified
2024-11-21 05:14
Severity ?
Summary
Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@intel.com | http://seclists.org/fulldisclosure/2020/Nov/26 | Mailing List, Third Party Advisory | |
| secure@intel.com | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2020/Nov/26 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_mainstream-g_kit_nuc8i5inh_firmware:inwhl357.0036:*:*:*:*:*:*:*",
"matchCriteriaId": "99E99F9F-8989-4231-A903-320894606A99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_mainstream-g_kit_nuc8i5inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18330FCA-FFDE-4B0E-8703-1DAE0633C053",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_mainstream-g_kit_nuc8i7inh_firmware:inwhl357.0036:*:*:*:*:*:*:*",
"matchCriteriaId": "3C4C6DAF-C399-4899-919D-36AB585E5675",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_mainstream-g_kit_nuc8i7inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7FB4D7-3AED-4BBD-9655-6C300FC08218",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_mainstream-g_mini_pc_nuc8i5inh_firmware:inwhl357.0036:*:*:*:*:*:*:*",
"matchCriteriaId": "91387974-52EC-4797-9E01-9BA59C4759D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_mainstream-g_mini_pc_nuc8i5inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E95098F-4682-4645-A61F-15BDAA5A54BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_mainstream-g_mini_pc_nuc8i7inh_firmware:inwhl357.0036:*:*:*:*:*:*:*",
"matchCriteriaId": "C38AD6D5-0868-429B-87D2-302C942C29AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_mainstream-g_mini_pc_nuc8i7inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13AA1F39-F562-4CB9-A9EF-BE4213E809B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_pro_board_nuc8i3pnb_firmware:pnwhl357.0037:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A58245-FD3D-4A1B-B749-793247160E51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_pro_board_nuc8i3pnb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "423CC75A-A2F2-4697-B61C-0D577CFD2E26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_pro_kit_nuc8i3pnh_firmware:pnwhl357.0037:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EF1055-A110-45E5-91E5-28FAF56667BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_pro_kit_nuc8i3pnh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8ABDE-3692-4CF2-89C4-CC69B9756A82",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_pro_kit_nuc8i3pnk_firmware:pnwhl357.0037:*:*:*:*:*:*:*",
"matchCriteriaId": "07A90F26-F3C6-4329-AD44-00D4CADDF415",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_pro_kit_nuc8i3pnk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6086D66C-80C1-4A92-A1EB-E3F11ED55A8D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_pro_mini_pc_nuc8i3pnk_firmware:pnwhl357.0037:*:*:*:*:*:*:*",
"matchCriteriaId": "2B5BE2B8-411B-4BE1-9043-6618B095A2A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_pro_mini_pc_nuc8i3pnk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62A579AA-8562-4BB6-9F61-291C451CC4BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_rugged_kit_nuc8cchkr_firmware:chaplcel.0049:*:*:*:*:*:*:*",
"matchCriteriaId": "AFFFAE5D-1E41-4245-842D-1DFD225D86EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_rugged_kit_nuc8cchkr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F604D7-3A72-412C-8FA6-9C9076AE8F2A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_9_pro_kit_nuc9v7qnx_firmware:qncflx70.34:*:*:*:*:*:*:*",
"matchCriteriaId": "6940E1B7-7618-4408-B517-0BA1A6B99362",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_9_pro_kit_nuc9v7qnx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2613E78B-477C-4CC1-80B8-B3D23C40C7B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_9_pro_kit_nuc9vxqnx_firmware:qncflx70.34:*:*:*:*:*:*:*",
"matchCriteriaId": "8A3B90ED-E487-481B-A6A3-F27B83C4628F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_9_pro_kit_nuc9vxqnx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "870E5CEB-279E-47A7-92D3-47C53FF66D86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_h27002-400_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "B032A942-9C6E-4B72-99A2-E2A0F9C8C822",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_h27002-400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29E0ED9D-48FF-47FF-A08D-8A3B15692C25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_h27002-401_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "710AF53A-0FFD-45DD-B16F-FC9BD01C16FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_h27002-401:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB3E430-3415-4A18-AC75-BD2393E1F732",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_h27002-402_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "5A52D144-7917-4932-A3BC-DE40DE0C3C60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_h27002-402:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E868347-E407-4D99-96C1-BF6024BFC029",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_h27002-404_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "99FA6D9D-4CD0-4CD8-8D46-A6E8BB7C538A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_h27002-404:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B09A395-F263-487A-9373-E47C0309E1DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_h27002-500_firmware:tybyt20h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "2B62A359-6B45-4A78-ACFC-61F5B6DAADF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_h27002-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0062C296-DB3C-47F4-BF3B-73384E4123F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_nuc8cchb_firmware:chaplcel.0049:*:*:*:*:*:*:*",
"matchCriteriaId": "11F6C965-2B39-4541-91CB-5B43C63CB1DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_nuc8cchb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEDDEDB3-82C2-4A71-B72C-14028894A71A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-401_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "FFD2C910-6C6B-4E46-83BD-732363D15F9C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-401:-:*:*:*:*:*:*:*",
"matchCriteriaId": "969E7B4F-310B-4533-9169-DA3667FFF793",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-402_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "F5AC1AF4-AD27-42E1-9505-9480499066C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-402:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27CF699D-F8FB-4EE0-BA15-C3CE679AA4D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-403_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "9E70C4B5-9367-4725-9384-8CF2537EFFC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-403:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8F44746-AD44-486A-8EA6-13803A8BA6A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-404_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "69866711-8389-4BCA-9A08-B9101C3CD55E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-404:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98732935-F726-4A0F-BE5D-0F099395ED45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-405_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "DD30C573-D10F-472D-B7D7-EA367C5DE198",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-405:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E269DBB0-F2FE-49A4-857A-BAB027FB17F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-500_firmware:tybyt20h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "90AEFD53-E35C-4C4C-AF84-3F42E84A7E50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "290C4862-FA44-4BB6-9B0F-84C900102020",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access."
},
{
"lang": "es",
"value": "Unos permisos heredados no seguros en la herramienta de actualizaci\u00f3n de firmware para algunos Intel\u00ae NUCs pueden habilitar a un usuario autenticado para permitir potencialmente una escalada de privilegios por medio de un acceso local"
}
],
"id": "CVE-2020-24525",
"lastModified": "2024-11-21T05:14:57.590",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-12T19:15:14.833",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/26"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/26"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-11-12 19:15
Modified
2024-11-21 04:59
Severity ?
Summary
Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_mainstream-g_kit_nuc8i5inh_firmware:inwhl357.0036:*:*:*:*:*:*:*",
"matchCriteriaId": "99E99F9F-8989-4231-A903-320894606A99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_mainstream-g_kit_nuc8i5inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18330FCA-FFDE-4B0E-8703-1DAE0633C053",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_mainstream-g_kit_nuc8i7inh_firmware:inwhl357.0036:*:*:*:*:*:*:*",
"matchCriteriaId": "3C4C6DAF-C399-4899-919D-36AB585E5675",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_mainstream-g_kit_nuc8i7inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7FB4D7-3AED-4BBD-9655-6C300FC08218",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_mainstream-g_mini_pc_nuc8i5inh_firmware:inwhl357.0036:*:*:*:*:*:*:*",
"matchCriteriaId": "91387974-52EC-4797-9E01-9BA59C4759D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_mainstream-g_mini_pc_nuc8i5inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E95098F-4682-4645-A61F-15BDAA5A54BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_mainstream-g_mini_pc_nuc8i7inh_firmware:inwhl357.0036:*:*:*:*:*:*:*",
"matchCriteriaId": "C38AD6D5-0868-429B-87D2-302C942C29AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_mainstream-g_mini_pc_nuc8i7inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13AA1F39-F562-4CB9-A9EF-BE4213E809B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_pro_board_nuc8i3pnb_firmware:pnwhl357.0037:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A58245-FD3D-4A1B-B749-793247160E51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_pro_board_nuc8i3pnb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "423CC75A-A2F2-4697-B61C-0D577CFD2E26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_pro_kit_nuc8i3pnh_firmware:pnwhl357.0037:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EF1055-A110-45E5-91E5-28FAF56667BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_pro_kit_nuc8i3pnh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8ABDE-3692-4CF2-89C4-CC69B9756A82",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_pro_kit_nuc8i3pnk_firmware:pnwhl357.0037:*:*:*:*:*:*:*",
"matchCriteriaId": "07A90F26-F3C6-4329-AD44-00D4CADDF415",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_pro_kit_nuc8i3pnk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6086D66C-80C1-4A92-A1EB-E3F11ED55A8D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_pro_mini_pc_nuc8i3pnk_firmware:pnwhl357.0037:*:*:*:*:*:*:*",
"matchCriteriaId": "2B5BE2B8-411B-4BE1-9043-6618B095A2A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_pro_mini_pc_nuc8i3pnk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62A579AA-8562-4BB6-9F61-291C451CC4BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_8_rugged_kit_nuc8cchkr_firmware:chaplcel.0049:*:*:*:*:*:*:*",
"matchCriteriaId": "AFFFAE5D-1E41-4245-842D-1DFD225D86EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_8_rugged_kit_nuc8cchkr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F604D7-3A72-412C-8FA6-9C9076AE8F2A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_9_pro_kit_nuc9v7qnx_firmware:qncflx70.34:*:*:*:*:*:*:*",
"matchCriteriaId": "6940E1B7-7618-4408-B517-0BA1A6B99362",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_9_pro_kit_nuc9v7qnx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2613E78B-477C-4CC1-80B8-B3D23C40C7B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_9_pro_kit_nuc9vxqnx_firmware:qncflx70.34:*:*:*:*:*:*:*",
"matchCriteriaId": "8A3B90ED-E487-481B-A6A3-F27B83C4628F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_9_pro_kit_nuc9vxqnx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "870E5CEB-279E-47A7-92D3-47C53FF66D86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_h27002-400_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "B032A942-9C6E-4B72-99A2-E2A0F9C8C822",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_h27002-400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29E0ED9D-48FF-47FF-A08D-8A3B15692C25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_h27002-401_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "710AF53A-0FFD-45DD-B16F-FC9BD01C16FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_h27002-401:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB3E430-3415-4A18-AC75-BD2393E1F732",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_h27002-402_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "5A52D144-7917-4932-A3BC-DE40DE0C3C60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_h27002-402:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E868347-E407-4D99-96C1-BF6024BFC029",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_h27002-404_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "99FA6D9D-4CD0-4CD8-8D46-A6E8BB7C538A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_h27002-404:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B09A395-F263-487A-9373-E47C0309E1DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_h27002-500_firmware:tybyt20h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "2B62A359-6B45-4A78-ACFC-61F5B6DAADF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_h27002-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0062C296-DB3C-47F4-BF3B-73384E4123F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_board_nuc8cchb_firmware:chaplcel.0049:*:*:*:*:*:*:*",
"matchCriteriaId": "11F6C965-2B39-4541-91CB-5B43C63CB1DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_board_nuc8cchb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEDDEDB3-82C2-4A71-B72C-14028894A71A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-401_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "FFD2C910-6C6B-4E46-83BD-732363D15F9C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-401:-:*:*:*:*:*:*:*",
"matchCriteriaId": "969E7B4F-310B-4533-9169-DA3667FFF793",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-402_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "F5AC1AF4-AD27-42E1-9505-9480499066C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-402:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27CF699D-F8FB-4EE0-BA15-C3CE679AA4D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-403_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "9E70C4B5-9367-4725-9384-8CF2537EFFC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-403:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8F44746-AD44-486A-8EA6-13803A8BA6A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-404_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "69866711-8389-4BCA-9A08-B9101C3CD55E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-404:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98732935-F726-4A0F-BE5D-0F099395ED45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-405_firmware:tybyt10h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "DD30C573-D10F-472D-B7D7-EA367C5DE198",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-405:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E269DBB0-F2FE-49A4-857A-BAB027FB17F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc_kit_h26998-500_firmware:tybyt20h.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "90AEFD53-E35C-4C4C-AF84-3F42E84A7E50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc_kit_h26998-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "290C4862-FA44-4BB6-9B0F-84C900102020",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
},
{
"lang": "es",
"value": "Unas restricciones de b\u00fafer inapropiadas en el firmware para algunos Intel\u00ae NUCs pueden habilitar a un usuario privilegiado para permitir potencialmente una escalada de privilegios por medio de un acceso local"
}
],
"id": "CVE-2020-12337",
"lastModified": "2024-11-21T04:59:32.477",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-12T19:15:14.067",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}