CVE-2018-12158

Name of the Vulnerable Software and Affected Versions Intel NUC FW kits versions prior to May 24, 2018

Description The issue is related to insufficient input validation in the BIOS update utility, which may allow a privileged user to trigger a denial of service or information disclosure via local access. This could potentially be exploited to disrupt service or reveal protected information.

Recommendations For Intel NUC FW kits versions prior to May 24, 2018, update the BIOS to a version released after May 24, 2018 to resolve the issue. As a temporary workaround, consider restricting local access to the BIOS update utility to minimize the risk of exploitation.