PT-2017-16684 · Intel · Intel Nuc7I5Bnh+2
Published
2017-10-11
·
Updated
2019-10-03
·
CVE-2017-5722
CVSS v3.1
7.5
High
| Vector | AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Intel NUC7i3BNK versions BN0049 and below
Intel NUC7i3BNH versions BN0049 and below
Intel NUC7i5BNK versions BN0049 and below
Intel NUC7i5BNH versions BN0049 and below
Intel NUC7i7BNH versions BN0049 and below
Description
The issue is related to incorrect policy enforcement in system firmware, allowing attackers with local or physical access to bypass integrity protections by manipulating firmware storage.
Recommendations
For Intel NUC7i3BNK versions BN0049 and below, update the system firmware to a version above BN0049.
For Intel NUC7i3BNH versions BN0049 and below, update the system firmware to a version above BN0049.
For Intel NUC7i5BNK versions BN0049 and below, update the system firmware to a version above BN0049.
For Intel NUC7i5BNH versions BN0049 and below, update the system firmware to a version above BN0049.
For Intel NUC7i7BNH versions BN0049 and below, update the system firmware to a version above BN0049.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel Nuc7I3Bnh
Intel Nuc7I5Bnh
Intel Nuc7I7Bnh