Vulnerabilites related to intel - stk2mv64cc_bios
CVE-2017-5691 (GCVE-0-2017-5691)
Vulnerability from cvelistv5
Published
2017-07-26 15:00
Modified
2024-09-16 17:58
Severity ?
EPSS score ?
Summary
Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076&languageid=en-fr | x_refsource_CONFIRM | |
| https://support.lenovo.com/us/en/product_security/LEN-15184 | x_refsource_CONFIRM | |
| https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesb3p03767en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Processor Families, and Intel Xeon E3-1200 v5 and v6 Product Families. |
Version: 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Processor Families, and Intel Xeon E3-1200 v5 and v6 Product Families. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:11:48.513Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076&languageid=en-fr", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/LEN-15184", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesb3p03767en_us", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Processor Families, and Intel Xeon E3-1200 v5 and v6 Product Families.", vendor: "Intel Corporation", versions: [ { status: "affected", version: "6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Processor Families, and Intel Xeon E3-1200 v5 and v6 Product Families.", }, ], }, ], datePublic: "2017-07-25T00:00:00", descriptions: [ { lang: "en", value: "Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-15T19:57:01", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076&languageid=en-fr", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/product_security/LEN-15184", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesb3p03767en_us", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2017-07-25T00:00:00", ID: "CVE-2017-5691", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Processor Families, and Intel Xeon E3-1200 v5 and v6 Product Families.", version: { version_data: [ { version_value: "6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Processor Families, and Intel Xeon E3-1200 v5 and v6 Product Families.", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076&languageid=en-fr", refsource: "CONFIRM", url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076&languageid=en-fr", }, { name: "https://support.lenovo.com/us/en/product_security/LEN-15184", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/product_security/LEN-15184", }, { name: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesb3p03767en_us", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesb3p03767en_us", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2017-5691", datePublished: "2017-07-26T15:00:00Z", dateReserved: "2017-02-01T00:00:00", dateUpdated: "2024-09-16T17:58:24.342Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2017-5684 (GCVE-0-2017-5684)
Vulnerability from cvelistv5
Published
2017-04-03 21:00
Modified
2024-08-05 15:11
Severity ?
EPSS score ?
Summary
The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073&languageid=en-fr | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel | Intel Compute Stick STK2MV64CC |
Version: Before CC047 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:11:47.409Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073&languageid=en-fr", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel Compute Stick STK2MV64CC", vendor: "Intel", versions: [ { status: "affected", version: "Before CC047", }, ], }, ], datePublic: "2017-04-03T00:00:00", descriptions: [ { lang: "en", value: "The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information.", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-04-03T20:57:01", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073&languageid=en-fr", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2017-5684", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel Compute Stick STK2MV64CC", version: { version_data: [ { version_value: "Before CC047", }, ], }, }, ], }, vendor_name: "Intel", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073&languageid=en-fr", refsource: "CONFIRM", url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073&languageid=en-fr", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2017-5684", datePublished: "2017-04-03T21:00:00", dateReserved: "2017-02-01T00:00:00", dateUpdated: "2024-08-05T15:11:47.409Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2017-07-26 15:29
Modified
2024-11-21 03:28
Severity ?
Summary
Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | nuc7i3bnk_bios | - | |
| intel | nuc7i3bnk | - | |
| intel | nuc7i5bnk_bios | - | |
| intel | nuc7i5bnk | - | |
| intel | nuc7i7bnh_bios | - | |
| intel | nuc7i7bnh | - | |
| intel | stk2mv64cc_bios | - | |
| intel | stk2mv64cc | - | |
| intel | stk2m3w64cc_bios | - | |
| intel | stk2m3w64cc | - | |
| intel | nuc6i7kyk_bios | - | |
| intel | nuc6i7kyk | - | |
| intel | nuc6i3syk_bios | - | |
| intel | nuc6i3syk | - | |
| intel | nuc6i5syk_bios | - | |
| intel | nuc6i5syk | - | |
| intel | r1304sposhor_bios | - | |
| intel | r1304sposhor | - | |
| intel | r1304sposhorr_bios | - | |
| intel | r1304sposhorr | - | |
| intel | r1208sposhorr_bios | - | |
| intel | r1208sposhorr | - | |
| intel | lr1304spcfg1r_bios | - | |
| intel | lr1304spcfg1r | - | |
| intel | r1208sposhor_bios | - | |
| intel | r1208sposhor | - | |
| intel | s1200spsr_bios | - | |
| intel | s1200spsr | - | |
| intel | s1200spor_bios | - | |
| intel | s1200spor | - | |
| intel | lr1304spcfg1_bios | - | |
| intel | lr1304spcfg1 | - | |
| intel | s1200spl_bios | - | |
| intel | s1200spl | - | |
| intel | s1200spo_bios | - | |
| intel | s1200spo | - | |
| intel | s1200sps_bios | - | |
| intel | s1200sps | - | |
| intel | r1304sposhbn_bios | - | |
| intel | r1304sposhbn | - | |
| intel | s1200splr_bios | - | |
| intel | s1200splr | - | |
| intel | r1304sposhbnr_bios | - | |
| intel | r1304sposhbnr | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:nuc7i3bnk_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "682EDAC2-F993-4401-B649-B5C49E3E1761", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:nuc7i3bnk:-:*:*:*:*:*:*:*", matchCriteriaId: "A810CE8E-3B2C-458D-BAE4-BA3AEC4FA5CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:nuc7i5bnk_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "384BE426-912A-4BFD-8AE7-BEB0F941DF7B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:nuc7i5bnk:-:*:*:*:*:*:*:*", matchCriteriaId: "EBF91B19-0FA1-4CE8-B729-A09612466725", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:nuc7i7bnh_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "71D0E50D-B369-4C82-91DB-AD44A71736EE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:nuc7i7bnh:-:*:*:*:*:*:*:*", matchCriteriaId: "ACBE1C0D-69EF-45B5-9E70-C4DBD0A401BF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:stk2mv64cc_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "E3E5D206-247A-41BA-BAE6-83F482D1090A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:stk2mv64cc:-:*:*:*:*:*:*:*", matchCriteriaId: "9497CA1C-A3CA-4CC4-8192-69DF58630575", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:stk2m3w64cc_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "AE204F78-8A38-4FC5-BCBF-6EB40015ABAE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:stk2m3w64cc:-:*:*:*:*:*:*:*", matchCriteriaId: "123782EB-5B44-492A-86B1-D10C03C89D64", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:nuc6i7kyk_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "4414D9EF-D36D-4190-8581-3E0370764CA3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:nuc6i7kyk:-:*:*:*:*:*:*:*", matchCriteriaId: "AC196D3E-062A-4301-BAA8-51FAF153F2EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:nuc6i3syk_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "5A5C2391-2CD8-49F6-BDAE-B79670CEC3B4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:nuc6i3syk:-:*:*:*:*:*:*:*", matchCriteriaId: "035B570B-8441-4F84-A441-FFBD1378EE6E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:nuc6i5syk_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF24505-0212-4152-80FD-F80792E51E9C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:nuc6i5syk:-:*:*:*:*:*:*:*", matchCriteriaId: "F9AEC7B5-E79D-4CB0-8BA9-4ED6001603D4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:r1304sposhor_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "4ECEC599-486C-45B6-9D5C-73CCDF1BD5BD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:r1304sposhor:-:*:*:*:*:*:*:*", matchCriteriaId: "E3684B23-A791-43B9-8426-EE79463E9471", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:r1304sposhorr_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "44FBDCDD-2015-45EE-BDFD-0876F20A58E6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:r1304sposhorr:-:*:*:*:*:*:*:*", matchCriteriaId: "FB43BBF2-C737-4246-8943-E21178192050", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:r1208sposhorr_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "921BA513-3719-4213-BB0B-96062C64459D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:r1208sposhorr:-:*:*:*:*:*:*:*", matchCriteriaId: "B2392C7B-4401-4ECF-9AF2-AED3B375DA1A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:lr1304spcfg1r_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "F05649F5-F879-434D-9BAC-AA95AA011DE6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:lr1304spcfg1r:-:*:*:*:*:*:*:*", matchCriteriaId: "846E6438-E23A-4444-94C1-8E9326B53FC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:r1208sposhor_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "20CD2904-77C2-4F70-A187-469895E53B37", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:r1208sposhor:-:*:*:*:*:*:*:*", matchCriteriaId: "FB4BADBE-93D4-44C6-8307-72A5351587F1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:s1200spsr_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "93285F46-461A-4BA2-B195-A7869E194CDF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:s1200spsr:-:*:*:*:*:*:*:*", matchCriteriaId: "B19990B5-8D2D-4A9F-B323-2E82B46ACAF3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:s1200spor_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "0563A19E-8ABD-4652-B5CB-D64DBD96BD9B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:s1200spor:-:*:*:*:*:*:*:*", matchCriteriaId: "A1F0421C-DD38-4FAD-8EA8-A264025A3C6D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:lr1304spcfg1_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "59866E74-BB74-450C-8375-61C86FA6E261", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:lr1304spcfg1:-:*:*:*:*:*:*:*", matchCriteriaId: "A3353F12-6B1E-479A-88A0-51315E377891", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:s1200spl_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "EACE8E81-E786-4262-AAF5-738756B5E549", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:s1200spl:-:*:*:*:*:*:*:*", matchCriteriaId: "AFED93FA-650A-4908-9D22-DFA1013A9AF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:s1200spo_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "0D7AF551-F825-4E09-AC7E-B94CB21B56D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:s1200spo:-:*:*:*:*:*:*:*", matchCriteriaId: "06306DD8-2347-4A9A-8A4A-2D283F784207", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:s1200sps_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "59A87E1D-1BAF-4A11-894C-0FF1592B6561", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:s1200sps:-:*:*:*:*:*:*:*", matchCriteriaId: "AB414F9E-02B4-4CD4-9534-35BD478A9598", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:r1304sposhbn_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "CEB2AA41-AB3A-41B4-AF30-B3970A5971D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:r1304sposhbn:-:*:*:*:*:*:*:*", matchCriteriaId: "D1698F3C-7D8C-4C5F-AB32-4176E363EC77", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:s1200splr_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "8245B6D7-B1E8-4B63-AA5D-E9C2BB132F75", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:s1200splr:-:*:*:*:*:*:*:*", matchCriteriaId: "EB1CAD2B-7D17-4D75-9746-C6AF049F6C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:r1304sposhbnr_bios:-:*:*:*:*:*:*:*", matchCriteriaId: "52415BC5-A21B-45E2-BE4D-9BF4FF9CB0A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:r1304sposhbnr:-:*:*:*:*:*:*:*", matchCriteriaId: "EB06D22E-814F-4B2E-BDB6-E8ADB0EDC7EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state.", }, { lang: "es", value: "La comprobación incorrecta en los procesadores Intel de las familias de procesadores Intel Core de 6a y 7a generación, de las familias de productos Intel Xeon E3-1500M versiones v5 y v6, y de las familias de productos Intel Xeon E3-1200 versiones v5 y v6, permite que el firmware del sistema comprometido impacte la seguridad SGX por medio de un estado inicial incorrecto del sistema.", }, ], id: "CVE-2017-5691", lastModified: "2024-11-21T03:28:13.767", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.3, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-26T15:29:00.283", references: [ { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesb3p03767en_us", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076&languageid=en-fr", }, { source: "secure@intel.com", url: "https://support.lenovo.com/us/en/product_security/LEN-15184", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesb3p03767en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076&languageid=en-fr", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/us/en/product_security/LEN-15184", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-03 21:59
Modified
2024-11-21 03:28
Severity ?
Summary
The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | stk2mv64cc_bios | * | |
| intel | stk2mv64cc | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:stk2mv64cc_bios:*:*:*:*:*:*:*:*", matchCriteriaId: "B78291F6-734D-45E1-A06D-64D7B01AFD54", versionEndIncluding: "ccsklm5v.86a.0046.2017.0105.1608", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:stk2mv64cc:-:*:*:*:*:*:*:*", matchCriteriaId: "9497CA1C-A3CA-4CC4-8192-69DF58630575", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information.", }, { lang: "es", value: "Los sistemas BIOS en Intel Compute Stick basados en los procesadores 6th Gen Intel Core anteriores a la versión CC047 puede permitir a un atacante con acceso físico al sistema obtener acceso a información personal.", }, ], id: "CVE-2017-5684", lastModified: "2024-11-21T03:28:13.080", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 0.3, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-03T21:59:00.187", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073&languageid=en-fr", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073&languageid=en-fr", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-276", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }