FKIE_CVE-2017-5721
Vulnerability from fkie_nvd - Published: 2017-10-11 00:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory.
References
| URL | Tags | ||
|---|---|---|---|
| secure@intel.com | https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr | Patch, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*",
"matchCriteriaId": "28E7338F-E97C-4C2A-8320-0BAEA1FB365C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*",
"matchCriteriaId": "91A1F20D-B5A6-4010-B94B-399329B426FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*",
"matchCriteriaId": "2D356830-1DBB-43DE-A7E9-6A777EE39FA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*",
"matchCriteriaId": "311F7D11-90D4-4702-9767-2C8540783937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*",
"matchCriteriaId": "2D6F051E-D237-4F87-B802-0DC0579E242F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*",
"matchCriteriaId": "E5F63727-A885-4D30-AF0D-7041160D807F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*",
"matchCriteriaId": "D44A0DD6-9FA9-4116-BB65-DC92F67412C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*",
"matchCriteriaId": "68B87539-80FB-4204-82AF-5284B6E16190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*",
"matchCriteriaId": "776638A5-1CB9-4706-A8DD-8DBEEC0F0A1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*",
"matchCriteriaId": "775C4FDA-94EE-47D7-8940-0FECC60DB1C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7i7bnh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ACBE1C0D-69EF-45B5-9E70-C4DBD0A401BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*",
"matchCriteriaId": "3C540E10-88AA-4EFF-99DE-4BE606A1C734",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*",
"matchCriteriaId": "46AC578B-5063-47D7-887C-040B7DDAE41B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*",
"matchCriteriaId": "EDF95B5C-C4EF-4CF3-84C7-4789F79F7AB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8293A0-3A36-41BF-AC70-CC48C5A93B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*",
"matchCriteriaId": "AFAE844D-523B-45EA-83D9-B97810245819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2C1007-EC35-4624-9EF7-325EFB9D51A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3DCB3E-C437-428C-AAFB-C5D57DD1443E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*",
"matchCriteriaId": "AA87C97F-FC0B-42E2-8EBC-C39C778BD36F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*",
"matchCriteriaId": "36E5D240-4014-44BC-8440-C92FABCB4417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA85BEE-61CB-4033-B6B4-6A32AD1F2C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7i5bnh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA8FFEF7-5140-44F6-91CD-B9468F20692F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*",
"matchCriteriaId": "08C0B75D-2A2C-4437-AE72-35BFB2C6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*",
"matchCriteriaId": "F074D06A-B828-49EA-B1C2-0FCF71A83E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF75171-EF1D-4ADF-9125-4C9B4EF347CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*",
"matchCriteriaId": "C28D8E17-7A98-4C5E-A9AB-5B56826460DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*",
"matchCriteriaId": "B39A87F9-9C0B-4CD9-82EB-C7220F02BED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*",
"matchCriteriaId": "2316FA59-3FAB-4D68-8016-F82649AA56A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*",
"matchCriteriaId": "A5C9EEAE-8DA8-485F-ACFE-062F8062DCFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4DEB05-EC57-465F-9721-BA2D82955982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:syskli35.86a.0062:*:*:*:*:*:*:*",
"matchCriteriaId": "468CF14F-D5F7-47EB-BCD1-628BBEBFD648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*",
"matchCriteriaId": "265BB588-1CB8-4F2C-B716-58FF6A6B0EB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7i5bnk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF91B19-0FA1-4CE8-B729-A09612466725",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*",
"matchCriteriaId": "0367FBB9-1E31-4BED-8E6F-AF4275D372AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*",
"matchCriteriaId": "8361A20E-EB65-4C6C-9977-6A988D7414D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*",
"matchCriteriaId": "0777E301-8278-4937-9B9C-0560985A1B85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*",
"matchCriteriaId": "73FE5A99-12CA-400F-9B7A-CCC477FF5192",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*",
"matchCriteriaId": "509EE9C7-C13E-4EEC-ABC1-403B15A6DED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*",
"matchCriteriaId": "BE740CB3-7D90-4B00-B3FF-116B74EA5249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE67A7F-9ABB-47D9-A576-4FE7E665477E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*",
"matchCriteriaId": "21CBBF36-F05A-4190-9C11-6DA2B7CA503F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*",
"matchCriteriaId": "BE611A09-0D29-4163-8616-7A7CC12C6ADC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*",
"matchCriteriaId": "7143E57A-504B-414B-B22C-F1C8FB929E22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7i3bnh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC5EC4E6-B529-48DC-9251-73633807E4A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*",
"matchCriteriaId": "22DDB889-967C-4924-8B5C-92B2D561E55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*",
"matchCriteriaId": "EED1ABBA-E6F0-4E1C-A327-220508EBE960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*",
"matchCriteriaId": "6915BBE5-8F58-4652-A5EC-B0153628F696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*",
"matchCriteriaId": "3B550844-0CFE-465C-B383-05FA21253F1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*",
"matchCriteriaId": "C80B6A2B-A318-4A6C-9EDE-C749019E911B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*",
"matchCriteriaId": "11E0F74B-EEA3-4656-8CF2-318E0EA42183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*",
"matchCriteriaId": "0A860E39-FB9A-4288-99B0-2692995BCD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*",
"matchCriteriaId": "0F212139-E8B6-4CFE-856B-BCD9E2EBC1C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:syskli35.86a.0062:*:*:*:*:*:*:*",
"matchCriteriaId": "A017F978-9BD3-4830-85EC-538F0E513F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*",
"matchCriteriaId": "AA512D48-426B-4C13-809A-719AA2B241FF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7i3bnk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A810CE8E-3B2C-458D-BAE4-BA3AEC4FA5CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory."
},
{
"lang": "es",
"value": "Insuficiente validaci\u00f3n de entradas en el firmware del sistema para Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH en versiones BN0049 e inferiores permite que atacantes locales ejecuten c\u00f3digo arbitrario mediante la manipulaci\u00f3n de la memoria."
}
],
"id": "CVE-2017-5721",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-11T00:29:00.303",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084\u0026languageid=en-fr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084\u0026languageid=en-fr"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…