A potential security vulnerability in some Intel® NUCs may allow denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability.
CVEID: CVE-2021-33086
Description: Out-of-bounds write in firmware for some Intel® NUCs may allow an authenticated user to potentially enable denial of service via local access.
CVSS Base Score: 6.3 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H****
Product
|
BIOS Download link
—|—
Intel® NUC M15 Laptop Kit: LAPBC510, LAPBC710
|
Intel® NUC 11 Compute Element: CM11EBC4W, CM11EBi38W, CM11EBi58W, CM11EBi716W
|
Intel® NUC 11 Performance kit: NUC11PAHi3, NUC11PAHi5, NUC11PAHi7, NUC11PAKi3, NUC11PAKi5, NUC11PAKi7
Intel® NUC 11 Performance Mini PC - NUC11PAQi50WA, NUC11PAQi70QA
|
Intel® NUC 11 Pro Board: NUC11TNBi3, NUC11TNBi5, NUC11TNBi7
Intel® NUC 11 Pro Kit: NUC11TNHi3, NUC11TNHi30L, NUC11TNHi30P, NUC11TNHi5, NUC11TNHi50L, NUC11TNHi50W, NUC11TNHi7, NUC11TNHi70L, NUC11TNHi70Q, NUC11TNKi3, NUC11TNKi5, NUC11TNKi7
|
Intel® NUC 11 Enthusiast Kit - NUC11PHKi7C
Intel® NUC 11 Enthusiast Mini PC - NUC11PHKi7CAA
|
Intel® NUC 10 Performance kit: NUC10i3FNH, NUC10i3FNHF, NUC10i3FNK, NUC10i5FNH, NUC10i5FNHF, NUC10i5FNHJ, NUC10i5FNK, NUC10i5FNKP, NUC10i7FNH, NUC10i7FNHC, NUC10i7FNK, NUC10i7FNKP, NUC10i3FNHFA, NUC10i3FNHJA, NUC10i5FNHCA, NUC10i5FNHJA, NUC10i5FNKPA, NUC10i7FNHAA, NUC10i7FNHJA, NUC10i7FNKPA
|
Intel® NUC 9 Pro Compute Element: NUC9V7QNB, NUC9VXQNB
Intel® NUC 9 Pro Kit: NUC9V7QNX, NUC9VXQNX
|
Intel® NUC 8 Business, a Mini PC with Windows 10 - NUC8i7HNKQC
Intel® NUC 8 Enthusiast, a Mini PC with Windows 10: NUC8i7HVKVA, NUC8i7HVKVAW
Intel® NUC Kit: NUC8i7HNK, NUC8i7HVK
|
Intel® NUC 8 Enthusiast, a Mini PC with Windows 10: NUC8i7BEHGA, NUC8i7BEKQA
Intel® NUC 8 Home - a Mini PC with Windows 10: NUC8i3BEHFA, NUC8i5BEHFA, NUC8i5BEKPA
Intel® NUC Kit: NUC8i3BEH, NUC8i3BEHS, NUC8i3BEK, NUC8i5BEH, NUC8i5BEHS, NUC8i5BEK, NUC8i7BEH, NUC8i7BEK
|
Intel® NUC 8 Home, a Mini PC with Windows® 10: NUC8i3CYSM, NUC8i3CYSN
|
Intel® NUC 8 Rugged Kit NUC8CCHKR
Intel® NUC Board NUC8CCHB
|
Intel® NUC 8 Compute Element: CM8CCB, CM8i3CB, CM8i5CB, CM8i7CB, CM8PCB |
Intel® NUC 8 Pro Board NUC8i3PNB
Intel® NUC 8 Pro Kit: NUC8i3PNH, NUC8i3PNK
|
Intel® NUC 8 Mainstream-G kit: NUC8i5INH, NUC8i7INH
Intel® NUC 8 Mainstream-G mini PC: NUC8i5INH, NUC8i7INH
|
Intel® NUC 7 Essential, a Mini PC with Windows® 10 - NUC7CJYSAL
Intel® NUC Kit: NUC7CJYH, NUC7PJYH
|
Intel® NUC 7 Business, a Mini PC with Windows® 10 Pro - NUC7i3DNHNC
Intel® NUC 7 Business, a Mini PC with Windows® 10 Pro - NUC7i3DNKTC
Intel® NUC Board NUC7i3DNBE
Intel® NUC Kit NUC7i3DNHE, NUC7i3DNKE
|
Intel® NUC 7 Business, a Mini PC with Windows® 10 Pro - NUC7i5DNKPC, NUC7i5DNBE, NUC7i5DNHE, NUC7i5DNKE
|
Intel® NUC Kit: NUC6CAYH, NUC6CAYS
|
Intel recommends updating the Intel® NUCs listed above to the latest BIOS version (see provided table).
Intel would like to thank Denis Straghkov for reporting this issue.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.