CVE-2017-5722
HIGHIntel Nuc7i7bnh Firmware - Improper Privilege Management
Title source: ruleDescription
Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass enforcement of integrity protections via manipulation of firmware storage.
References (2)
Core 2
Core References
Patch, Third Party Advisory x_refsource_confirm
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/101236
Scores
CVSS v3
7.5
EPSS
0.0005
EPSS Percentile
14.3%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Details
CWE
CWE-269
Status
published
Products (50)
intel/nuc7i3bnh_firmware
ayaplcel.86a.0041
intel/nuc7i3bnh_firmware
bnkbl357.86a.0052
intel/nuc7i3bnh_firmware
ccsklm5v.86a.0052
intel/nuc7i3bnh_firmware
ccsklm30.86a.0052
intel/nuc7i3bnh_firmware
dnkbli5v.86a.0026
intel/nuc7i3bnh_firmware
dnkbli30.86a.0026
intel/nuc7i3bnh_firmware
kyskli70.86a.0050
intel/nuc7i3bnh_firmware
rybdwi35.86a.0366
intel/nuc7i3bnh_firmware
syskli35.86a.0062
intel/nuc7i3bnh_firmware
tybyt20h.86a.0015
... and 40 more
Published
Oct 11, 2017
Tracked Since
Feb 18, 2026