CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%
SMM call out in all Intel Branded NUC Kits allows a local privileged user to access the System Management Mode and take full control of the platform.
Vendor | Product | Version | CPE |
---|---|---|---|
intel | city_bios | * | cpe:2.3:o:intel:city_bios:*:*:*:*:*:*:*:* |
intel | stk2m3w64cc | - | cpe:2.3:h:intel:stk2m3w64cc:-:*:*:*:*:*:*:* |
intel | canyon_bios | * | cpe:2.3:o:intel:canyon_bios:*:*:*:*:*:*:*:* |
intel | nuc6i7kyb | - | cpe:2.3:h:intel:nuc6i7kyb:-:*:*:*:*:*:*:* |
intel | nuc5cpyh | - | cpe:2.3:h:intel:nuc5cpyh:-:*:*:*:*:*:*:* |
intel | nuc5pgyh | - | cpe:2.3:h:intel:nuc5pgyh:-:*:*:*:*:*:*:* |
intel | nuc5ppyh | - | cpe:2.3:h:intel:nuc5ppyh:-:*:*:*:*:*:*:* |
intel | city_bios | ccsklm30.86a | cpe:2.3:o:intel:city_bios:ccsklm30.86a:*:*:*:*:*:*:* |
intel | stk2mv64cc | - | cpe:2.3:h:intel:stk2mv64cc:-:*:*:*:*:*:*:* |
intel | dn2820fyb | - | cpe:2.3:h:intel:dn2820fyb:-:*:*:*:*:*:*:* |
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%