CVE-2017-5700

HIGH

Intel Nuc7i7bnh Firmware - Insufficiently Protected Credentials

Title source: rule

Description

Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator and User passwords via access to password storage.

References (2)

Scores

CVSS v3 8.4
EPSS 0.0005
EPSS Percentile 15.7%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-522
Status draft

Affected Products (50)

intel/nuc7i7bnh_firmware
intel/nuc7i7bnh_firmware
intel/nuc7i7bnh_firmware
intel/nuc7i7bnh_firmware
intel/nuc7i7bnh_firmware
intel/nuc7i7bnh_firmware
intel/nuc7i7bnh_firmware
intel/nuc7i7bnh_firmware
intel/nuc7i7bnh_firmware
intel/nuc7i7bnh_firmware
intel/nuc7i5bnh_firmware
intel/nuc7i5bnh_firmware
intel/nuc7i5bnh_firmware
intel/nuc7i5bnh_firmware
intel/nuc7i5bnh_firmware
... and 35 more

Timeline

Published Oct 11, 2017
Tracked Since Feb 18, 2026