PT-2017-16683 · Intel · Intel Nuc7I5Bnh+2
Jann Horn
·
Published
2017-10-11
·
Updated
2017-11-03
·
CVE-2017-5721
CVSS v3.1
7.5
High
| Vector | AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Intel NUC7i3BNK versions BN0049 and below
Intel NUC7i3BNH versions BN0049 and below
Intel NUC7i5BNK versions BN0049 and below
Intel NUC7i5BNH versions BN0049 and below
Intel NUC7i7BNH versions BN0049 and below
Description
The issue is related to insufficient input validation in system firmware, which allows local attackers to execute arbitrary code by manipulating memory.
Recommendations
For Intel NUC7i3BNK versions BN0049 and below, update the system firmware to a version above BN0049.
For Intel NUC7i3BNH versions BN0049 and below, update the system firmware to a version above BN0049.
For Intel NUC7i5BNK versions BN0049 and below, update the system firmware to a version above BN0049.
For Intel NUC7i5BNH versions BN0049 and below, update the system firmware to a version above BN0049.
For Intel NUC7i7BNH versions BN0049 and below, update the system firmware to a version above BN0049.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel Nuc7I3Bnh
Intel Nuc7I5Bnh
Intel Nuc7I7Bnh