CVE-2017-5704

MEDIUM

Intel Core I3 - Insufficiently Protected Credentials

Title source: rule

Description

Platform sample code firmware included with 4th Gen Intel Core Processor, 5th Gen Intel Core Processor, 6th Gen Intel Core Processor, and 7th Gen Intel Core Processor potentially exposes password information in memory to a local attacker with administrative privileges.

References (1)

Scores

CVSS v3 6.7
EPSS 0.0004
EPSS Percentile 12.0%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-522
Status published

Affected Products (50)

intel/core_i3
intel/core_i3
intel/core_i3
intel/core_i3
intel/core_i3
intel/core_i3
intel/core_i3
intel/core_i3
intel/core_i3
intel/core_i3
intel/core_i3
intel/core_i3
intel/core_i3
intel/core_i3
intel/core_i3
... and 35 more

Timeline

Published Jul 10, 2018
Tracked Since Feb 18, 2026