Intel Security CenterINTEL:INTEL-SA-00343Intel® NUC Firmware Advisory
0.0004 Low
EPSS
Percentile
12.6%
Summary:
Potential security vulnerabilities in system firmware for some Intel® NUC may allow escalation of privilege. Intel is releasing firmware updates to mitigate these potential vulnerabilities.
Vulnerability Details:
CVEID: CVE-2020-0530
Description: Improper buffer restrictions in firmware for Intel® NUC may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Base Score: 7.8 High
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
CVEID: CVE-2020-0526
Description: Improper input validation in firmware for Intel® NUC may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 7.7 High
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Affected Products:
Product
|
Download link
(BIOS dl link)
—|—
Intel® NUC Kit NUC8i7BEK
|
Intel® NUC 8 Enthusiast PC NUC8i7BEKQA
|
Intel® NUC Kit NUC8i7HNK
|
Intel® NUC 8 Business PC NUC8i7HNKQC
|
Intel® NUC 8 Mainstream-G kit NUC8i7INH
|
Intel® NUC 8 Mainstream-G kit NUC8i5INH
|
Intel® NUC 8 Mainstream-G mini PC NUC8i7INH
|
Intel® NUC 8 Mainstream-G mini PC NUC8i7INH
|
Intel® NUC 8 Rugged Kit NUC8CCHKR
|
Intel® NUC Board NUC8CCHB
|
Intel® NUC 8 Home PC NUC8i3CYSM
|
Intel® NUC Kit NUC7i7DNKE
|
Intel® NUC Kit NUC7i7DNHE
|
Intel® NUC Kit NUC7i5DNKE
|
Intel® NUC Kit NUC7i5DNHE
|
Intel® NUC Kit NUC7i3DNKE
|
Intel® NUC Kit NUC7i3DNHE
|
Intel® NUC Board NUC7i7DNBE
|
Intel® NUC Board NUC7i5DNBE
|
Intel® NUC Board NUC7i3DNBE
|
Intel® Compute Stick STK2m3W64CC****
|
Intel® Compute Stick STK2m364CC
|
Intel® Compute Stick STK1A32SC
|
Intel® Compute Stick STK1AW32SC
|
Intel® NUC Kit NUC6i7KYK
|
Intel® NUC 7 Essential PC NUC7CJYSAL
|
Intel® NUC Kit NUC7CJYH
|
Intel® NUC Kit NUC7PJYH
|
Intel® NUC Kit NUC7i7BNH
|
Intel® NUC Kit NUC7i5BNK
|
Intel® NUC Kit NUC7i3BNH
|
Intel® NUC Kit NUC7i5BNH
|
Intel® NUC Kit NUC7i3BNK
|
Intel® NUC Kit NUC7i7BNHX1
|
Intel® NUC Kit NUC7i5BNHX1
|
Intel® NUC Kit NUC7i3BNHX1
|
Intel® NUC 7 Enthusiast PC NUC7i7BNHXG
|
Intel® NUC 7 Home a Mini PC NUC7i5BNHXF
|
Intel® NUC 7 Home a Mini PC NUC7i3BNHXF
|
Intel® NUC 7 Home a Mini PC NUC7i5BNKP
|
Intel® NUC Kit NUC6CAYS
|
Intel® NUC Kit NUC6CAYH
|
Intel® NUC Kit DE3815TYKHE
|
Intel® NUC Board DE3815TYBE
|
Intel® NUC Kit NUC6i3SYH
|
Intel® NUC Kit NUC6i5SYH
|
Intel® NUC Kit NUC6i3SYK
|
Intel® NUC Kit NUC6i5SYK
|
Intel® NUC Kit NUC5PGYH
|
Intel® NUC Kit NUC5PPYH
|
Intel® NUC Kit NUC5CPYH
|
Intel® NUC Kit NUC5i5RYK
|
Intel® NUC Kit NUC5i3RYH
|
Intel® NUC Kit NUC5i3RYHS
|
Intel® NUC Kit NUC5i3RYHSN
|
Intel® NUC Kit NUC5i3RYK
|
Intel® NUC Kit NUC5i5RYH
|
Intel® NUC Kit NUC5i5RYHS
|
Intel® NUC Kit NUC5i7RYH
|
Intel® NUC Kit NUC5i3MYHE
|
Intel® NUC Kit NUC5i5MYHE
|
Intel® NUC Board NUC5i5MYBE
|
Intel® NUC Board NUC5i3MYBE
|
Intel® NUC Kit D54250WYK****
|
Intel® NUC Board D34010WYB
|
Intel® NUC Board D54250WYB
|
Intel® NUC Kit D34010WYK
|
Intel® NUC Kit D34010WYKH
|
Intel® NUC Kit D54250WYKH
|
Intel® Compute Stick STCK1A32WFC****
|
Intel® Compute Stick STCK1A8LFC
|
Recommendations:
Intel recommends that users update to the latest version (see provided table).
Acknowledgements:
Intel would like to thank Seunghun Han, Ruslan Zakirov and Alexander Ermolov (CVE-2020-0526), Alexander Ermolov and Dmitry Frolov (CVE-2020-0530), for reporting these issues.
Related
