CVE-2017-5704
MEDIUMIntel Core i3 - Insufficiently Protected Credentials in Platform Sample Code Firmware
Title source: llmDescription
Platform sample code firmware included with 4th Gen Intel Core Processor, 5th Gen Intel Core Processor, 6th Gen Intel Core Processor, and 7th Gen Intel Core Processor potentially exposes password information in memory to a local attacker with administrative privileges.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00160.html
Scores
CVSS v3
6.7
EPSS
0.0004
EPSS Percentile
12.3%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-522
Status
published
Products (50)
intel/core_i3
4000m
intel/core_i3
4005u
intel/core_i3
4010u
intel/core_i3
4010y
intel/core_i3
4012y
intel/core_i3
4020y
intel/core_i3
4025u
intel/core_i3
4030u
intel/core_i3
4030y
intel/core_i3
4100e
... and 40 more
Published
Jul 10, 2018
Tracked Since
Feb 18, 2026