Search

Find a vulnerability

Search criteria

    20 vulnerabilities found for nuc_8_mainstream-g_mini_pc_nuc8i7inh_firmware by intel

    CVE-2023-25771 (GCVE-0-2023-25771)

    Vulnerability from nvd – Published: 2023-05-10 13:16 – Updated: 2025-01-27 18:08
    VLAI
    Summary
    Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • denial of service
    • CWE-284 - Improper access control
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUC BIOS firmware Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T11:32:11.783Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-25771",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-27T17:27:06.635615Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-27T18:08:44.812Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Intel(R) NUC BIOS firmware",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "denial of service",
                  "lang": "en"
                },
                {
                  "cweId": "CWE-284",
                  "description": "Improper access control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-05-10T13:16:48.326Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2023-25771",
        "datePublished": "2023-05-10T13:16:48.326Z",
        "dateReserved": "2023-02-28T04:00:03.400Z",
        "dateUpdated": "2025-01-27T18:08:44.812Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-33164 (GCVE-0-2021-33164)

    Vulnerability from nvd – Published: 2022-11-11 15:48 – Updated: 2024-08-03 23:42
    VLAI
    Summary
    Improper access control in BIOS firmware for some Intel(R) NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • escalation of privilege
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUCs Affected: before version INWHL357.0046
    bios_firmware intel_r_nucs Affected: 0 , < nwhl357.0046 (custom)
        cpe:2.3:h:bios_firmware:intel_r_nucs:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:42:20.052Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://www.kb.cert.org/vuls/id/434994"
              },
              {
                "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:bios_firmware:intel_r_nucs:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "intel_r_nucs",
                "vendor": "bios_firmware",
                "versions": [
                  {
                    "lessThan": "nwhl357.0046",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-33164",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-01T14:30:53.127167Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-01T14:47:52.170Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Intel(R) NUCs",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before version INWHL357.0046"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper access control in BIOS firmware for some Intel(R) NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "escalation of privilege",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-11-14T17:46:16.495Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2021-33164",
        "datePublished": "2022-11-11T15:48:49.297Z",
        "dateReserved": "2021-05-18T00:31:17.250Z",
        "dateUpdated": "2024-08-03T23:42:20.052Z",
        "requesterUserId": "520cc88b-a1c8-44f6-9154-21a4d74c769f",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-33086 (GCVE-0-2021-33086)

    Vulnerability from nvd – Published: 2021-11-17 18:59 – Updated: 2024-08-03 23:42
    VLAI
    Summary
    Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of service via local access.
    Severity
    No CVSS data available.
    CWE
    • denial of service
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUCs Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:42:19.995Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00567.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) NUCs",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of service via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "denial of service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-17T18:59:09.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00567.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2021-33086",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) NUCs",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See references"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of service via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "denial of service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00567.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00567.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2021-33086",
        "datePublished": "2021-11-17T18:59:09.000Z",
        "dateReserved": "2021-05-18T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:42:19.995Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-0067 (GCVE-0-2021-0067)

    Vulnerability from nvd – Published: 2021-06-09 19:07 – Updated: 2024-08-03 15:25
    VLAI
    Summary
    &nbsp;Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
    Severity
    No CVSS data available.
    CWE
    • escalation of privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUCs Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T15:25:01.820Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) NUCs",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "\u0026nbsp;Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "escalation of privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-09T19:07:34.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2021-0067",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) NUCs",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See references"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "\u0026nbsp;Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "escalation of privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2021-0067",
        "datePublished": "2021-06-09T19:07:34.000Z",
        "dateReserved": "2020-10-22T00:00:00.000Z",
        "dateUpdated": "2024-08-03T15:25:01.820Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-0054 (GCVE-0-2021-0054)

    Vulnerability from nvd – Published: 2021-06-09 19:07 – Updated: 2024-08-03 15:25
    VLAI
    Summary
    Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
    Severity
    No CVSS data available.
    CWE
    • escalation of privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUCs Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T15:25:01.859Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) NUCs",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "escalation of privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-09T19:07:39.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2021-0054",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) NUCs",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See references"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "escalation of privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2021-0054",
        "datePublished": "2021-06-09T19:07:39.000Z",
        "dateReserved": "2020-10-22T00:00:00.000Z",
        "dateUpdated": "2024-08-03T15:25:01.859Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-24525 (GCVE-0-2020-24525)

    Vulnerability from nvd – Published: 2020-11-12 18:16 – Updated: 2024-08-04 15:12
    VLAI
    Summary
    Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.
    Severity
    No CVSS data available.
    CWE
    • escalation of privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUCs Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T15:12:09.087Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
              },
              {
                "name": "20201116 Intel NUC - Local Privilege Escalation Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2020/Nov/26"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) NUCs",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "escalation of privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-16T11:06:07.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
            },
            {
              "name": "20201116 Intel NUC - Local Privilege Escalation Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2020/Nov/26"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2020-24525",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) NUCs",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See references"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "escalation of privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
                },
                {
                  "name": "20201116 Intel NUC - Local Privilege Escalation Vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2020/Nov/26"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2020-24525",
        "datePublished": "2020-11-12T18:16:05.000Z",
        "dateReserved": "2020-08-19T00:00:00.000Z",
        "dateUpdated": "2024-08-04T15:12:09.087Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-12337 (GCVE-0-2020-12337)

    Vulnerability from nvd – Published: 2020-11-12 18:15 – Updated: 2024-08-04 11:56
    VLAI
    Summary
    Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
    Severity
    No CVSS data available.
    CWE
    • escalation of privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUCs Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:56:51.397Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) NUCs",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "escalation of privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-12T18:15:58.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2020-12337",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) NUCs",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See references"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "escalation of privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2020-12337",
        "datePublished": "2020-11-12T18:15:58.000Z",
        "dateReserved": "2020-04-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:56:51.397Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-12336 (GCVE-0-2020-12336)

    Vulnerability from nvd – Published: 2020-11-12 18:15 – Updated: 2024-08-04 11:56
    VLAI
    Summary
    Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.
    Severity
    No CVSS data available.
    CWE
    • escalation of privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUCs Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:56:52.019Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) NUCs",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "escalation of privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-12T18:15:50.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2020-12336",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) NUCs",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See references"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "escalation of privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2020-12336",
        "datePublished": "2020-11-12T18:15:50.000Z",
        "dateReserved": "2020-04-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:56:52.019Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-0530 (GCVE-0-2020-0530)

    Vulnerability from nvd – Published: 2020-03-12 20:55 – Updated: 2024-08-04 06:02
    VLAI
    Summary
    Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    Intel Intel(R) NUC Firmware Affected: See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T06:02:52.389Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) NUC Firmware",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-12T20:55:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2020-0530",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) NUC Firmware",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2020-0530",
        "datePublished": "2020-03-12T20:55:01.000Z",
        "dateReserved": "2019-10-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T06:02:52.389Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-0526 (GCVE-0-2020-0526)

    Vulnerability from nvd – Published: 2020-03-12 20:02 – Updated: 2024-08-04 06:02
    VLAI
    Summary
    Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    Intel Intel(R) NUC Firmware Affected: See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T06:02:52.333Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) NUC Firmware",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-12T20:02:31.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2020-0526",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) NUC Firmware",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2020-0526",
        "datePublished": "2020-03-12T20:02:31.000Z",
        "dateReserved": "2019-10-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T06:02:52.333Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-25771 (GCVE-0-2023-25771)

    Vulnerability from cvelistv5 – Published: 2023-05-10 13:16 – Updated: 2025-01-27 18:08
    VLAI
    Summary
    Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • denial of service
    • CWE-284 - Improper access control
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUC BIOS firmware Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T11:32:11.783Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-25771",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-27T17:27:06.635615Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-27T18:08:44.812Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Intel(R) NUC BIOS firmware",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "denial of service",
                  "lang": "en"
                },
                {
                  "cweId": "CWE-284",
                  "description": "Improper access control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-05-10T13:16:48.326Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2023-25771",
        "datePublished": "2023-05-10T13:16:48.326Z",
        "dateReserved": "2023-02-28T04:00:03.400Z",
        "dateUpdated": "2025-01-27T18:08:44.812Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-33164 (GCVE-0-2021-33164)

    Vulnerability from cvelistv5 – Published: 2022-11-11 15:48 – Updated: 2024-08-03 23:42
    VLAI
    Summary
    Improper access control in BIOS firmware for some Intel(R) NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • escalation of privilege
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUCs Affected: before version INWHL357.0046
    bios_firmware intel_r_nucs Affected: 0 , < nwhl357.0046 (custom)
        cpe:2.3:h:bios_firmware:intel_r_nucs:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:42:20.052Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://www.kb.cert.org/vuls/id/434994"
              },
              {
                "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:bios_firmware:intel_r_nucs:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "intel_r_nucs",
                "vendor": "bios_firmware",
                "versions": [
                  {
                    "lessThan": "nwhl357.0046",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-33164",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-01T14:30:53.127167Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-01T14:47:52.170Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Intel(R) NUCs",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before version INWHL357.0046"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper access control in BIOS firmware for some Intel(R) NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "escalation of privilege",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-11-14T17:46:16.495Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2021-33164",
        "datePublished": "2022-11-11T15:48:49.297Z",
        "dateReserved": "2021-05-18T00:31:17.250Z",
        "dateUpdated": "2024-08-03T23:42:20.052Z",
        "requesterUserId": "520cc88b-a1c8-44f6-9154-21a4d74c769f",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-33086 (GCVE-0-2021-33086)

    Vulnerability from cvelistv5 – Published: 2021-11-17 18:59 – Updated: 2024-08-03 23:42
    VLAI
    Summary
    Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of service via local access.
    Severity
    No CVSS data available.
    CWE
    • denial of service
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUCs Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:42:19.995Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00567.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) NUCs",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of service via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "denial of service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-17T18:59:09.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00567.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2021-33086",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) NUCs",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See references"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of service via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "denial of service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00567.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00567.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2021-33086",
        "datePublished": "2021-11-17T18:59:09.000Z",
        "dateReserved": "2021-05-18T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:42:19.995Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-0054 (GCVE-0-2021-0054)

    Vulnerability from cvelistv5 – Published: 2021-06-09 19:07 – Updated: 2024-08-03 15:25
    VLAI
    Summary
    Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
    Severity
    No CVSS data available.
    CWE
    • escalation of privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUCs Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T15:25:01.859Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) NUCs",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "escalation of privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-09T19:07:39.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2021-0054",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) NUCs",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See references"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "escalation of privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2021-0054",
        "datePublished": "2021-06-09T19:07:39.000Z",
        "dateReserved": "2020-10-22T00:00:00.000Z",
        "dateUpdated": "2024-08-03T15:25:01.859Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-0067 (GCVE-0-2021-0067)

    Vulnerability from cvelistv5 – Published: 2021-06-09 19:07 – Updated: 2024-08-03 15:25
    VLAI
    Summary
    &nbsp;Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
    Severity
    No CVSS data available.
    CWE
    • escalation of privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUCs Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T15:25:01.820Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) NUCs",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "\u0026nbsp;Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "escalation of privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-09T19:07:34.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2021-0067",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) NUCs",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See references"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "\u0026nbsp;Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "escalation of privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2021-0067",
        "datePublished": "2021-06-09T19:07:34.000Z",
        "dateReserved": "2020-10-22T00:00:00.000Z",
        "dateUpdated": "2024-08-03T15:25:01.820Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-24525 (GCVE-0-2020-24525)

    Vulnerability from cvelistv5 – Published: 2020-11-12 18:16 – Updated: 2024-08-04 15:12
    VLAI
    Summary
    Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.
    Severity
    No CVSS data available.
    CWE
    • escalation of privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUCs Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T15:12:09.087Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
              },
              {
                "name": "20201116 Intel NUC - Local Privilege Escalation Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2020/Nov/26"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) NUCs",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "escalation of privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-16T11:06:07.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
            },
            {
              "name": "20201116 Intel NUC - Local Privilege Escalation Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2020/Nov/26"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2020-24525",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) NUCs",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See references"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "escalation of privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
                },
                {
                  "name": "20201116 Intel NUC - Local Privilege Escalation Vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2020/Nov/26"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2020-24525",
        "datePublished": "2020-11-12T18:16:05.000Z",
        "dateReserved": "2020-08-19T00:00:00.000Z",
        "dateUpdated": "2024-08-04T15:12:09.087Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-12337 (GCVE-0-2020-12337)

    Vulnerability from cvelistv5 – Published: 2020-11-12 18:15 – Updated: 2024-08-04 11:56
    VLAI
    Summary
    Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
    Severity
    No CVSS data available.
    CWE
    • escalation of privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUCs Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:56:51.397Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) NUCs",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "escalation of privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-12T18:15:58.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2020-12337",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) NUCs",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See references"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "escalation of privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2020-12337",
        "datePublished": "2020-11-12T18:15:58.000Z",
        "dateReserved": "2020-04-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:56:51.397Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-12336 (GCVE-0-2020-12336)

    Vulnerability from cvelistv5 – Published: 2020-11-12 18:15 – Updated: 2024-08-04 11:56
    VLAI
    Summary
    Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.
    Severity
    No CVSS data available.
    CWE
    • escalation of privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUCs Affected: See references
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:56:52.019Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) NUCs",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "escalation of privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-12T18:15:50.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2020-12336",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) NUCs",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See references"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "escalation of privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414",
                  "refsource": "MISC",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2020-12336",
        "datePublished": "2020-11-12T18:15:50.000Z",
        "dateReserved": "2020-04-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:56:52.019Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-0530 (GCVE-0-2020-0530)

    Vulnerability from cvelistv5 – Published: 2020-03-12 20:55 – Updated: 2024-08-04 06:02
    VLAI
    Summary
    Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    Intel Intel(R) NUC Firmware Affected: See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T06:02:52.389Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) NUC Firmware",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-12T20:55:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2020-0530",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) NUC Firmware",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2020-0530",
        "datePublished": "2020-03-12T20:55:01.000Z",
        "dateReserved": "2019-10-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T06:02:52.389Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-0526 (GCVE-0-2020-0526)

    Vulnerability from cvelistv5 – Published: 2020-03-12 20:02 – Updated: 2024-08-04 06:02
    VLAI
    Summary
    Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    Intel Intel(R) NUC Firmware Affected: See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T06:02:52.333Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Intel(R) NUC Firmware",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-12T20:02:31.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2020-0526",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Intel(R) NUC Firmware",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "See advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2020-0526",
        "datePublished": "2020-03-12T20:02:31.000Z",
        "dateReserved": "2019-10-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T06:02:52.333Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }