Lucene search

[email protected]CVE-2020-0526

HistoryMar 12, 2020 - 9:15 p.m.

CVE-2020-0526

2020-03-1221:15:13

CWE-20

[email protected]

web.nvd.nist.gov

intel

nuc

firmware

input validation

privilege escalation

security

vulnerability

local access

cve-2020-0526

nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.8%

JSON

Improper input validation in firmware for Intel® NUC may allow a privileged user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html

Affected configurations

NVD

Node

intelnuc_kit_nuc8i7bekMatch-

AND

intelnuc_kit_nuc8i7bek_firmwareMatchbecfl357.86a.0077

Node

intelnuc_8_enthusiast_pc_nuc8i7bekqaMatch-

AND

intelnuc_8_enthusiast_pc_nuc8i7bekqa_firmwareMatchbecfl357.86a.0077

Node

intelnuc_kit_nuc8i7hnkMatch-

AND

intelnuc_kit_nuc8i7hnk_firmwareMatchhnkbli70.86a.0059

Node

intelnuc_8_business_pc_nuc8i7hnkqcMatch-

AND

intelnuc_8_business_pc_nuc8i7hnkqc_firmwareMatchhnkbli70.86a.0059

Node

intelnuc_8_mainstream-g_kit_nuc8i7inhMatch-

AND

intelnuc_8_mainstream-g_kit_nuc8i7inh_firmwareMatchinwhl357.0036

Node

intelnuc_8_mainstream-g_kit_nuc8i5inhMatch-

AND

intelnuc_8_mainstream-g_kit_nuc8i5inh_firmwareMatchinwhl357.0036

Node

intelnuc_8_mainstream-g_mini_pc_nuc8i7inhMatch-

AND

intelnuc_8_mainstream-g_mini_pc_nuc8i7inh_firmwareMatchinwhl357.0036

Node

intelnuc_8_mainstream-g_mini_pc_nuc8i7inhMatch-

AND

intelnuc_8_mainstream-g_mini_pc_nuc8i7inh_firmwareMatchinwhl357.0036

Node

intelnuc_8_rugged_kit_nuc8cchkr_firmwareMatchchaplcel.0047

AND

intelnuc_8_rugged_kit_nuc8cchkrMatch-

Node

intelnuc_board_nuc8cchb_firmwareMatchchaplcel.0047

AND

intelnuc_board_nuc8cchbMatch-

Node

intelnuc_8_home_pc_nuc8i3cysm_firmwareMatchcycnli35.86a.0044

AND

intelnuc_8_home_pc_nuc8i3cysmMatch-

Node

intelnuc_kit_nuc7i7dnke_firmwareMatchdnkbli7v.86a.0067

AND

intelnuc_kit_nuc7i7dnkeMatch-

Node

intelnuc_kit_nuc7i7dnhe_firmwareMatchdnkbli7v.86a.0067

AND

intelnuc_kit_nuc7i7dnheMatch-

Node

intelnuc_kit_nuc7i5dnke_firmwareMatchdnkbli5v.86a.0067

AND

intelnuc_kit_nuc7i5dnkeMatch-

Node

intelnuc_kit_nuc7i5dnhe_firmwareMatchdnkbli5v.86a.0067

AND

intelnuc_kit_nuc7i5dnheMatch-

Node

intelnuc_kit_nuc7i3dnke_firmwareMatchdnkbli30.86a.0067

AND

intelnuc_kit_nuc7i3dnkeMatch-

Node

intelnuc_kit_nuc7i3dnhe_firmwareMatchdnkbli30.86a.0067

AND

intelnuc_kit_nuc7i3dnheMatch-

Node

intelnuc_board_nuc7i7dnbe_firmwareMatchdnkbli7v.86a.0067

AND

intelnuc_board_nuc7i7dnbeMatch-

Node

intelnuc_board_nuc7i5dnbe_firmwareMatchdnkbli5v.86a.0067

AND

intelnuc_board_nuc7i5dnbeMatch-

Node

intelnuc_board_nuc7i3dnbe_firmwareMatchdnkbli30.86a.0067

AND

intelnuc_board_nuc7i3dnbeMatch-

Node

intelcompute_stick_stk2m3w64cc_firmwareMatchccsklm30.86a.0062

AND

intelcompute_stick_stk2m3w64ccMatch-

Node

intelcompute_stick_stk2m364cc_firmwareMatchccsklm30.86a.0062

AND

intelcompute_stick_stk2m364ccMatch-

Node

intelcompute_stick_stk1a32sc_firmwareMatchsc0045

AND

intelcompute_stick_stk1a32scMatch-

Node

intelcompute_stick_stk1aw32sc_firmwareMatchsc0045

AND

intelcompute_stick_stk1aw32scMatch-

Node

intelnuc_kit_nuc6i7kyk_firmwareMatchkyskli70.86a.0066

AND

intelnuc_kit_nuc6i7kykMatch-

Node

intelnuc_7_essential_pc_nuc7cjysal_firmwareMatchjyglkcpx.86a.0053

AND

intelnuc_7_essential_pc_nuc7cjysalMatch-

Node

intelnuc_kit_nuc7cjyh_firmwareMatchjyglkcpx.86a.0053

AND

intelnuc_kit_nuc7cjyhMatch-

Node

intelnuc_kit_nuc7pjyh_firmwareMatchjyglkcpx.86a.0053

AND

intelnuc_kit_nuc7pjyhMatch-

Node

intelnuc_kit_nuc7i7bnh_firmwareMatchbnkbl357.86a.0081

AND

intelnuc_kit_nuc7i7bnhMatch-

Node

intelnuc_kit_nuc7i5bnk_firmwareMatchbnkbl357.86a.0081

AND

intelnuc_kit_nuc7i5bnkMatch-

Node

intelnuc_kit_nuc7i3bnh_firmwareMatchbnkbl357.86a.0081

AND

intelnuc_kit_nuc7i3bnhMatch-

Node

intelnuc_kit_nuc7i5bnh_firmwareMatchbnkbl357.86a.0081

AND

intelnuc_kit_nuc7i5bnhMatch-

Node

intelnuc_kit_nuc7i3bnk_firmwareMatchbnkbl357.86a.0081

AND

intelnuc_kit_nuc7i3bnkMatch-

Node

intelnuc_kit_nuc7i7bnhx1_firmwareMatchbnkbl357.86a.0081

AND

intelnuc_kit_nuc7i7bnhx1Match-

Node

intelnuc_kit_nuc7i5bnhx1_firmwareMatchbnkbl357.86a.0081

AND

intelnuc_kit_nuc7i5bnhx1Match-

Node

intelnuc_kit_nuc7i3bnhx1_firmwareMatchbnkbl357.86a.0081

AND

intelnuc_kit_nuc7i3bnhx1Match-

Node

intelnuc_7_enthusiast_pc_nuc7i7bnhxg_firmwareMatchbnkbl357.86a.0081

AND

intelnuc_7_enthusiast_pc_nuc7i7bnhxgMatch-

Node

intelnuc_7_home_a_mini_pc_nuc7i5bnhxf_firmwareMatchbnkbl357.86a.0081

AND

intelnuc_7_home_a_mini_pc_nuc7i5bnhxfMatch-

Node

intelnuc_7_home_a_mini_pc_nuc7i3bnhxf_firmwareMatchbnkbl357.86a.0081

AND

intelnuc_7_home_a_mini_pc_nuc7i3bnhxfMatch-

Node

intelnuc_7_home_a_mini_pc_nuc7i5bnkp_firmwareMatchbnkbl357.86a.0081

AND

intelnuc_7_home_a_mini_pc_nuc7i5bnkpMatch-

Node

intelnuc_kit_nuc6cays_firmwareMatchayaplcel.86a.0066

AND

intelnuc_kit_nuc6caysMatch-

Node

intelnuc_kit_nuc6cayh_firmwareMatchayaplcel.86a.0066

AND

intelnuc_kit_nuc6cayhMatch-

Node

intelnuc_kit_de3815tykhe_firmwareMatchtybyt20h.86a.0024

AND

intelnuc_kit_de3815tykheMatch-

Node

intelnuc_board_de3815tybe_firmwareMatchtybyt20h.86a.0024

AND

intelnuc_board_de3815tybeMatch-

Node

intelnuc_kit_nuc6i3syh_firmwareMatchsyskli35.86a.0072

AND

intelnuc_kit_nuc6i3syhMatch-

Node

intelnuc_kit_nuc6i5syh_firmwareMatchsyskli35.86a.0072

AND

intelnuc_kit_nuc6i5syhMatch-

Node

intelnuc_kit_nuc6i3syk_firmwareMatchsyskli35.86a.0072

AND

intelnuc_kit_nuc6i3sykMatch-

Node

intelnuc_kit_nuc6i5syk_firmwareMatchsyskli35.86a.0072

AND

intelnuc_kit_nuc6i5sykMatch-

Node

intelnuc_kit_nuc5pgyh_firmwareMatchpybswcel.86a.0078

AND

intelnuc_kit_nuc5pgyhMatch-

Node

intelnuc_kit_nuc5ppyh_firmwareMatchpybswcel.86a.0078

AND

intelnuc_kit_nuc5ppyhMatch-

Node

intelnuc_kit_nuc5cpyh_firmwareMatchpybswcel.86a.0078

AND

intelnuc_kit_nuc5cpyhMatch-

Node

intelnuc_kit_nuc5i5ryk_firmwareMatchrybdwi35.86a.0383

AND

intelnuc_kit_nuc5i5rykMatch-

Node

intelnuc_kit_nuc5i3ryh_firmwareMatchrybdwi35.86a.0383

AND

intelnuc_kit_nuc5i3ryhMatch-

Node

intelnuc_kit_nuc5i3ryhs_firmwareMatchrybdwi35.86a.0383

AND

intelnuc_kit_nuc5i3ryhsMatch-

Node

intelnuc_kit_nuc5i3ryhsn_firmwareMatchrybdwi35.86a.0383

AND

intelnuc_kit_nuc5i3ryhsnMatch-

Node

intelnuc_kit_nuc5i3ryk_firmwareMatchrybdwi35.86a.0383

AND

intelnuc_kit_nuc5i3rykMatch-

Node

intelnuc_kit_nuc5i5ryh_firmwareMatchrybdwi35.86a.0383

AND

intelnuc_kit_nuc5i5ryhMatch-

Node

intelnuc_kit_nuc5i5ryhs_firmwareMatchrybdwi35.86a.0383

AND

intelnuc_kit_nuc5i5ryhsMatch-

Node

intelnuc_kit_nuc5i7ryh_firmwareMatchrybdwi35.86a.0383

AND

intelnuc_kit_nuc5i7ryhMatch-

Node

intelnuc_kit_nuc5i3myhe_firmwareMatchmybdwi30.86a.0057

AND

intelnuc_kit_nuc5i3myheMatch-

Node

intelnuc_kit_nuc5i5myhe_firmwareMatchmybdwi5v.86a.0056

AND

intelnuc_kit_nuc5i5myheMatch-

Node

intelnuc_board_nuc5i5mybe_firmwareMatchmybdwi5v.86a.0056

AND

intelnuc_board_nuc5i5mybeMatch-

Node

intelnuc_board_nuc5i3mybe_firmwareMatchmybdwi30.86a.0057

AND

intelnuc_board_nuc5i3mybeMatch-

Node

intelnuc_kit_d54250wyk_firmwareMatchwylpt10h.86a.0054

AND

intelnuc_kit_d54250wykMatch-

Node

intelnuc_board_d34010wyb_firmwareMatchwylpt10h.86a.0054

AND

intelnuc_board_d34010wybMatch-

Node

intelnuc_board_d54250wyb_firmwareMatchwylpt10h.86a.0054

AND

intelnuc_board_d54250wybMatch-

Node

intelnuc_kit_d34010wyk_firmwareMatchwylpt10h.86a.0054

AND

intelnuc_kit_d34010wykMatch-

Node

intelnuc_kit_d34010wykh_firmwareMatchwylpt10h.86a.0054

AND

intelnuc_kit_d34010wykhMatch-

Node

intelnuc_kit_d54250wykh_firmwareMatchwylpt10h.86a.0054

AND

intelnuc_kit_d54250wykhMatch-

Node

intelcompute_stick_stck1a32wfc_firmwareMatchstck1a32wfc

AND

intelcompute_stick_stck1a32wfcMatch-

Node

intelcompute_stick_stck1a8lfc_firmwareMatchstck1a8lfc

AND

intelcompute_stick_stck1a8lfcMatch-

CPENameOperatorVersion
intel:nuc_kit_nuc8i7bek_firmwareintel nuc kit nuc8i7bek firmwareeqbecfl357.86a.0077

CPE	Name	Operator	Version
intel:nuc_kit_nuc8i7bek_firmware	intel nuc kit nuc8i7bek firmware	eq	becfl357.86a.0077

CNA Affected

[
  {
    "product": "Intel(R) NUC Firmware",
    "vendor": "Intel",
    "versions": [
      {
        "status": "affected",
        "version": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
      }
    ]
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.8%

JSON

Related for CVE-2020-0526

cvelist1 nvd1 prion1 intel1 threatpost2