CVE-2020-12336

HIGH

Intel(R) NUC - Privilege Escalation

Title source: llm

Description

Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.

References (1)

[Vendor Advisory] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414

Scores

CVSS v3 7.8

EPSS 0.0006

EPSS Percentile 17.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-1188

Status published

Products (23)

intel/nuc_8_mainstream-g_kit_nuc8i5inh_firmware inwhl357.0036

intel/nuc_8_mainstream-g_kit_nuc8i7inh_firmware inwhl357.0036

intel/nuc_8_mainstream-g_mini_pc_nuc8i5inh_firmware inwhl357.0036

intel/nuc_8_mainstream-g_mini_pc_nuc8i7inh_firmware inwhl357.0036

intel/nuc_8_pro_board_nuc8i3pnb_firmware pnwhl357.0037

intel/nuc_8_pro_kit_nuc8i3pnh_firmware pnwhl357.0037

intel/nuc_8_pro_kit_nuc8i3pnk_firmware pnwhl357.0037

intel/nuc_8_pro_mini_pc_nuc8i3pnk_firmware pnwhl357.0037

intel/nuc_8_rugged_kit_nuc8cchkr_firmware chaplcel.0049

intel/nuc_9_pro_kit_nuc9v7qnx_firmware qncflx70.34

... and 13 more

Published Nov 12, 2020

Tracked Since Feb 18, 2026