Vulnerability-Lookup

CVE-2017-5701 (GCVE-0-2017-5701)

Vulnerability from cvelistv5 – Published: 2017-10-11 00:00 – Updated: 2024-09-17 03:02

Summary

Severity ?

No CVSS data available.

CWE

Elevation of Privilege

Assigner

intel

References

URL

	Vendor	Product	Version
	Intel Corporation	NUC Kits	Affected: BN0049 and below

VAR-201710-0957

Vulnerability from variot - Updated: 2025-04-20 23:23

Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery. Intel NUC7i3BNK , NUC7i3BNH , NUC7i5BNK , NUC7i5BNH ,and NUC7i7BNH Vulnerabilities related to authorization, permissions and access control exist in the firmware.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. IntelNUC7i3BNK and other products are CPU (Central Processing Unit) products of Intel Corporation of the United States. IntelSPIWriteProtection has a local security bypass vulnerability that can be exploited by local attackers to bypass certain security restrictions. Intel Bootgaurd is prone to a local security-bypass vulnerability. Other attacks are also possible. Intel NUC7i3BNK, etc. An attacker could exploit this vulnerability to execute arbitrary code. The following products and versions are affected: NUC7i3BNK BN0049 and earlier; NUC7i3BNH BN0049 and earlier; NUC7i5BNK BN0049 and earlier; NUC7i5BNH BN0049 and earlier; NUC7i7BNH BN0049 and earlier

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0957",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "nuc7i5bnk",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "ccsklm5v.86a.0052"
      },
      {
        "model": "nuc7i3bnk",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "tybyt20h.86a.0015"
      },
      {
        "model": "nuc7i5bnk",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "bnkbl357.86a.0052"
      },
      {
        "model": "nuc7i5bnh",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "dnkbli5v.86a.0026"
      },
      {
        "model": "nuc7i3bnk",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "syskli35.86a.0062"
      },
      {
        "model": "nuc7i5bnh",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "bnkbl357.86a.0052"
      },
      {
        "model": "nuc7i5bnh",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "ccsklm30.86a.0052"
      },
      {
        "model": "nuc7i5bnh",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "ayaplcel.86a.0041"
      },
      {
        "model": "nuc7i5bnh",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "ccsklm5v.86a.0052"
      },
      {
        "model": "nuc7i3bnk",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "rybdwi35.86a.0366"
      },
      {
        "model": "nuc7i7bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ayaplcel.86a.0041"
      },
      {
        "model": "nuc7i3bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "kyskli70.86a.0050"
      },
      {
        "model": "nuc7i5bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "syskli35.86a.0062"
      },
      {
        "model": "nuc7i3bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "dnkbli5v.86a.0026"
      },
      {
        "model": "nuc7i5bnk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ccsklm30.86a.0052"
      },
      {
        "model": "nuc7i5bnk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "syskli35.86a.0062"
      },
      {
        "model": "nuc7i3bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ayaplcel.86a.0041"
      },
      {
        "model": "nuc7i5bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "kyskli70.86a.0050"
      },
      {
        "model": "nuc7i5bnk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "kyskli70.86a.0050"
      },
      {
        "model": "nuc7i5bnk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "dnkbli5v.86a.0026"
      },
      {
        "model": "nuc7i3bnk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ccsklm5v.86a.0052"
      },
      {
        "model": "nuc7i7bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "tybyt20h.86a.0015"
      },
      {
        "model": "nuc7i5bnk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ayaplcel.86a.0041"
      },
      {
        "model": "nuc7i3bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "tybyt20h.86a.0015"
      },
      {
        "model": "nuc7i7bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ccsklm5v.86a.0052"
      },
      {
        "model": "nuc7i3bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ccsklm5v.86a.0052"
      },
      {
        "model": "nuc7i3bnk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "bnkbl357.86a.0052"
      },
      {
        "model": "nuc7i5bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "tybyt20h.86a.0015"
      },
      {
        "model": "nuc7i5bnk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "tybyt20h.86a.0015"
      },
      {
        "model": "nuc7i3bnk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "dnkbli30.86a.0026"
      },
      {
        "model": "nuc7i7bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "bnkbl357.86a.0052"
      },
      {
        "model": "nuc7i7bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "rybdwi35.86a.0366"
      },
      {
        "model": "nuc7i3bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "bnkbl357.86a.0052"
      },
      {
        "model": "nuc7i3bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "rybdwi35.86a.0366"
      },
      {
        "model": "nuc7i7bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "dnkbli30.86a.0026"
      },
      {
        "model": "nuc7i3bnk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ccsklm30.86a.0052"
      },
      {
        "model": "nuc7i7bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "syskli35.86a.0062"
      },
      {
        "model": "nuc7i5bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "rybdwi35.86a.0366"
      },
      {
        "model": "nuc7i3bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "dnkbli30.86a.0026"
      },
      {
        "model": "nuc7i3bnk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "dnkbli5v.86a.0026"
      },
      {
        "model": "nuc7i7bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ccsklm30.86a.0052"
      },
      {
        "model": "nuc7i3bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ccsklm30.86a.0052"
      },
      {
        "model": "nuc7i3bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "syskli35.86a.0062"
      },
      {
        "model": "nuc7i5bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "dnkbli30.86a.0026"
      },
      {
        "model": "nuc7i5bnk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "rybdwi35.86a.0366"
      },
      {
        "model": "nuc7i3bnk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "kyskli70.86a.0050"
      },
      {
        "model": "nuc7i7bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "dnkbli5v.86a.0026"
      },
      {
        "model": "nuc7i3bnk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ayaplcel.86a.0041"
      },
      {
        "model": "nuc7i7bnh",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "kyskli70.86a.0050"
      },
      {
        "model": "nuc7i5bnk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "dnkbli30.86a.0026"
      },
      {
        "model": "nuc kit nuc7i3bnh",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit nuc7i3bnk",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit nuc7i5bnh",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit nuc7i5bnk",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc kit nuc7i7bnh",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc7i5bnk",
        "scope": null,
        "trust": 0.6,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc7i5bnh",
        "scope": null,
        "trust": 0.6,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc7i3bnk",
        "scope": null,
        "trust": 0.6,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc7i3bnh",
        "scope": null,
        "trust": 0.6,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "bn0049",
        "scope": null,
        "trust": 0.6,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc7i7bnh",
        "scope": null,
        "trust": 0.6,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "nuc7i7bnh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc7i5bnk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc7i5bnh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc7i3bnk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "nuc7i3bnh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "bn0049",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-30485"
      },
      {
        "db": "BID",
        "id": "101257"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009421"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-118"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5701"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:intel:nuc7i3bnh_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:nuc7i3bnk_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:nuc7i5bnh_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:nuc7i5bnk_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:intel:nuc7i7bnh_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009421"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Nikolaj Schlej.",
    "sources": [
      {
        "db": "BID",
        "id": "101257"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-5701",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.4,
            "id": "CVE-2017-5701",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.4,
            "id": "CNVD-2017-30485",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.4,
            "id": "VHN-113904",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "PHYSICAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.5,
            "id": "CVE-2017-5701",
            "impactScore": 6.0,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-5701",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-5701",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-30485",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201710-118",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-113904",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-30485"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113904"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009421"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-118"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5701"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery. Intel NUC7i3BNK , NUC7i3BNH , NUC7i5BNK , NUC7i5BNH ,and NUC7i7BNH Vulnerabilities related to authorization, permissions and access control exist in the firmware.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. IntelNUC7i3BNK and other products are CPU (Central Processing Unit) products of Intel Corporation of the United States. IntelSPIWriteProtection has a local security bypass vulnerability that can be exploited by local attackers to bypass certain security restrictions. Intel Bootgaurd is prone to a local security-bypass vulnerability. Other attacks are also possible. Intel NUC7i3BNK, etc. An attacker could exploit this vulnerability to execute arbitrary code. The following products and versions are affected: NUC7i3BNK BN0049 and earlier; NUC7i3BNH BN0049 and earlier; NUC7i5BNK BN0049 and earlier; NUC7i5BNH BN0049 and earlier; NUC7i7BNH BN0049 and earlier",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5701"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009421"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-30485"
      },
      {
        "db": "BID",
        "id": "101257"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113904"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-5701",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "101257",
        "trust": 2.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009421",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-118",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-30485",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-113904",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-30485"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113904"
      },
      {
        "db": "BID",
        "id": "101257"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009421"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-118"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5701"
      }
    ]
  },
  "id": "VAR-201710-0957",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-30485"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113904"
      }
    ],
    "trust": 1.3059440566666667
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-30485"
      }
    ]
  },
  "last_update_date": "2025-04-20T23:23:34.567000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "INTEL-SA-00084",
        "trust": 0.8,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084\u0026languageid=en-fr"
      },
      {
        "title": "IntelSPIWriteProtection local security bypass vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/103862"
      },
      {
        "title": "Multiple Intel Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75310"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-30485"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009421"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-118"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-264",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113904"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009421"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5701"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/101257"
      },
      {
        "trust": 1.6,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00084\u0026languageid=en-fr"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5701"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5701"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5700"
      },
      {
        "trust": 0.3,
        "url": "http://www.intel.com/"
      },
      {
        "trust": 0.3,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00084"
      },
      {
        "trust": 0.1,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00084\u0026amp;languageid=en-fr"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-30485"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113904"
      },
      {
        "db": "BID",
        "id": "101257"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009421"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-118"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5701"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-30485"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113904"
      },
      {
        "db": "BID",
        "id": "101257"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009421"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-118"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5701"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-10-18T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-30485"
      },
      {
        "date": "2017-10-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113904"
      },
      {
        "date": "2017-10-06T00:00:00",
        "db": "BID",
        "id": "101257"
      },
      {
        "date": "2017-11-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-009421"
      },
      {
        "date": "2017-10-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201710-118"
      },
      {
        "date": "2017-10-11T00:29:00.270000",
        "db": "NVD",
        "id": "CVE-2017-5701"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-10-18T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-30485"
      },
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113904"
      },
      {
        "date": "2017-10-06T00:00:00",
        "db": "BID",
        "id": "101257"
      },
      {
        "date": "2017-11-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-009421"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201710-118"
      },
      {
        "date": "2025-04-20T01:37:25.860000",
        "db": "NVD",
        "id": "CVE-2017-5701"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "101257"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-118"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Intel NUC Kit Vulnerabilities related to authorization, authority, and access control in product firmware",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009421"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control issues",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-118"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2017-5701

Vulnerability from fkie_nvd - Published: 2017-10-11 00:29 - Updated: 2025-04-20 01:37

Severity ?

7.1 (High) - CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Summary

References

URL	Tags
secure@intel.com	http://www.securityfocus.com/bid/101257	Third Party Advisory, VDB Entry
secure@intel.com	https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/101257	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr	Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
intel	nuc7i7bnh_firmware	ayaplcel.86a.0041
intel	nuc7i7bnh_firmware	bnkbl357.86a.0052
intel	nuc7i7bnh_firmware	ccsklm5v.86a.0052
intel	nuc7i7bnh_firmware	ccsklm30.86a.0052
intel	nuc7i7bnh_firmware	dnkbli5v.86a.0026
intel	nuc7i7bnh_firmware	dnkbli30.86a.0026
intel	nuc7i7bnh_firmware	kyskli70.86a.0050
intel	nuc7i7bnh_firmware	rybdwi35.86a.0366
intel	nuc7i7bnh_firmware	syskli35.86a.0062
intel	nuc7i7bnh_firmware	tybyt20h.86a.0015
intel	nuc7i7bnh	-
intel	nuc7i5bnh_firmware	ayaplcel.86a.0041
intel	nuc7i5bnh_firmware	bnkbl357.86a.0052
intel	nuc7i5bnh_firmware	ccsklm5v.86a.0052
intel	nuc7i5bnh_firmware	ccsklm30.86a.0052
intel	nuc7i5bnh_firmware	dnkbli5v.86a.0026
intel	nuc7i5bnh_firmware	dnkbli30.86a.0026
intel	nuc7i5bnh_firmware	kyskli70.86a.0050
intel	nuc7i5bnh_firmware	rybdwi35.86a.0366
intel	nuc7i5bnh_firmware	syskli35.86a.0062
intel	nuc7i5bnh_firmware	tybyt20h.86a.0015
intel	nuc7i5bnh	-
intel	nuc7i5bnk_firmware	ayaplcel.86a.0041
intel	nuc7i5bnk_firmware	bnkbl357.86a.0052
intel	nuc7i5bnk_firmware	ccsklm5v.86a.0052
intel	nuc7i5bnk_firmware	ccsklm30.86a.0052
intel	nuc7i5bnk_firmware	dnkbli5v.86a.0026
intel	nuc7i5bnk_firmware	dnkbli30.86a.0026
intel	nuc7i5bnk_firmware	kyskli70.86a.0050
intel	nuc7i5bnk_firmware	rybdwi35.86a.0366
intel	nuc7i5bnk_firmware	syskli35.86a.0062
intel	nuc7i5bnk_firmware	tybyt20h.86a.0015
intel	nuc7i5bnk	-
intel	nuc7i3bnh_firmware	ayaplcel.86a.0041
intel	nuc7i3bnh_firmware	bnkbl357.86a.0052
intel	nuc7i3bnh_firmware	ccsklm5v.86a.0052
intel	nuc7i3bnh_firmware	ccsklm30.86a.0052
intel	nuc7i3bnh_firmware	dnkbli5v.86a.0026
intel	nuc7i3bnh_firmware	dnkbli30.86a.0026
intel	nuc7i3bnh_firmware	kyskli70.86a.0050
intel	nuc7i3bnh_firmware	rybdwi35.86a.0366
intel	nuc7i3bnh_firmware	syskli35.86a.0062
intel	nuc7i3bnh_firmware	tybyt20h.86a.0015
intel	nuc7i3bnh	-
intel	nuc7i3bnk_firmware	ayaplcel.86a.0041
intel	nuc7i3bnk_firmware	bnkbl357.86a.0052
intel	nuc7i3bnk_firmware	ccsklm5v.86a.0052
intel	nuc7i3bnk_firmware	ccsklm30.86a.0052
intel	nuc7i3bnk_firmware	dnkbli5v.86a.0026
intel	nuc7i3bnk_firmware	dnkbli30.86a.0026
intel	nuc7i3bnk_firmware	kyskli70.86a.0050
intel	nuc7i3bnk_firmware	rybdwi35.86a.0366
intel	nuc7i3bnk_firmware	syskli35.86a.0062
intel	nuc7i3bnk_firmware	tybyt20h.86a.0015
intel	nuc7i3bnk	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*",
              "matchCriteriaId": "28E7338F-E97C-4C2A-8320-0BAEA1FB365C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*",
              "matchCriteriaId": "91A1F20D-B5A6-4010-B94B-399329B426FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D356830-1DBB-43DE-A7E9-6A777EE39FA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*",
              "matchCriteriaId": "311F7D11-90D4-4702-9767-2C8540783937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6F051E-D237-4F87-B802-0DC0579E242F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5F63727-A885-4D30-AF0D-7041160D807F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*",
              "matchCriteriaId": "D44A0DD6-9FA9-4116-BB65-DC92F67412C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*",
              "matchCriteriaId": "68B87539-80FB-4204-82AF-5284B6E16190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*",
              "matchCriteriaId": "776638A5-1CB9-4706-A8DD-8DBEEC0F0A1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*",
              "matchCriteriaId": "775C4FDA-94EE-47D7-8940-0FECC60DB1C8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:nuc7i7bnh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACBE1C0D-69EF-45B5-9E70-C4DBD0A401BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C540E10-88AA-4EFF-99DE-4BE606A1C734",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*",
              "matchCriteriaId": "46AC578B-5063-47D7-887C-040B7DDAE41B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDF95B5C-C4EF-4CF3-84C7-4789F79F7AB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8293A0-3A36-41BF-AC70-CC48C5A93B8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFAE844D-523B-45EA-83D9-B97810245819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC2C1007-EC35-4624-9EF7-325EFB9D51A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3DCB3E-C437-428C-AAFB-C5D57DD1443E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA87C97F-FC0B-42E2-8EBC-C39C778BD36F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*",
              "matchCriteriaId": "36E5D240-4014-44BC-8440-C92FABCB4417",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFA85BEE-61CB-4033-B6B4-6A32AD1F2C67",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:nuc7i5bnh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA8FFEF7-5140-44F6-91CD-B9468F20692F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*",
              "matchCriteriaId": "08C0B75D-2A2C-4437-AE72-35BFB2C6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*",
              "matchCriteriaId": "F074D06A-B828-49EA-B1C2-0FCF71A83E4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBF75171-EF1D-4ADF-9125-4C9B4EF347CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*",
              "matchCriteriaId": "C28D8E17-7A98-4C5E-A9AB-5B56826460DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*",
              "matchCriteriaId": "B39A87F9-9C0B-4CD9-82EB-C7220F02BED9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*",
              "matchCriteriaId": "2316FA59-3FAB-4D68-8016-F82649AA56A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5C9EEAE-8DA8-485F-ACFE-062F8062DCFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F4DEB05-EC57-465F-9721-BA2D82955982",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:syskli35.86a.0062:*:*:*:*:*:*:*",
              "matchCriteriaId": "468CF14F-D5F7-47EB-BCD1-628BBEBFD648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*",
              "matchCriteriaId": "265BB588-1CB8-4F2C-B716-58FF6A6B0EB4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:nuc7i5bnk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBF91B19-0FA1-4CE8-B729-A09612466725",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*",
              "matchCriteriaId": "0367FBB9-1E31-4BED-8E6F-AF4275D372AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*",
              "matchCriteriaId": "8361A20E-EB65-4C6C-9977-6A988D7414D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*",
              "matchCriteriaId": "0777E301-8278-4937-9B9C-0560985A1B85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*",
              "matchCriteriaId": "73FE5A99-12CA-400F-9B7A-CCC477FF5192",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*",
              "matchCriteriaId": "509EE9C7-C13E-4EEC-ABC1-403B15A6DED0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE740CB3-7D90-4B00-B3FF-116B74EA5249",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBE67A7F-9ABB-47D9-A576-4FE7E665477E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*",
              "matchCriteriaId": "21CBBF36-F05A-4190-9C11-6DA2B7CA503F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE611A09-0D29-4163-8616-7A7CC12C6ADC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*",
              "matchCriteriaId": "7143E57A-504B-414B-B22C-F1C8FB929E22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:nuc7i3bnh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC5EC4E6-B529-48DC-9251-73633807E4A7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*",
              "matchCriteriaId": "22DDB889-967C-4924-8B5C-92B2D561E55A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*",
              "matchCriteriaId": "EED1ABBA-E6F0-4E1C-A327-220508EBE960",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*",
              "matchCriteriaId": "6915BBE5-8F58-4652-A5EC-B0153628F696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B550844-0CFE-465C-B383-05FA21253F1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*",
              "matchCriteriaId": "C80B6A2B-A318-4A6C-9EDE-C749019E911B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*",
              "matchCriteriaId": "11E0F74B-EEA3-4656-8CF2-318E0EA42183",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A860E39-FB9A-4288-99B0-2692995BCD1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F212139-E8B6-4CFE-856B-BCD9E2EBC1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:syskli35.86a.0062:*:*:*:*:*:*:*",
              "matchCriteriaId": "A017F978-9BD3-4830-85EC-538F0E513F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA512D48-426B-4C13-809A-719AA2B241FF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:nuc7i3bnk:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A810CE8E-3B2C-458D-BAE4-BA3AEC4FA5CA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery."
    },
    {
      "lang": "es",
      "value": "Configuraci\u00f3n de la plataforma insegura en el firmware del sistema para Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH en versiones BN0049 e inferiores permite que un atacante con presencia f\u00edsica ejecute c\u00f3digo arbitrario mediante la modificaci\u00f3n sin autorizaci\u00f3n del firmware durante BIOS Recovery."
    }
  ],
  "id": "CVE-2017-5701",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.5,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-10-11T00:29:00.270",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101257"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084\u0026languageid=en-fr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101257"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084\u0026languageid=en-fr"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2017-5701

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-5701

Aliases

CVE-2017-5701

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-5701",
    "description": "Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery.",
    "id": "GSD-2017-5701"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-5701"
      ],
      "details": "Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery.",
      "id": "GSD-2017-5701",
      "modified": "2023-12-13T01:21:13.690232Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "DATE_PUBLIC": "2017-10-06T00:00:00",
        "ID": "CVE-2017-5701",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "NUC Kits",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "BN0049 and below"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Intel Corporation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Elevation of Privilege"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084\u0026languageid=en-fr",
            "refsource": "CONFIRM",
            "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084\u0026languageid=en-fr"
          },
          {
            "name": "101257",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/101257"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i7bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i7bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i7bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i7bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i7bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i7bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i7bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i7bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i7bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i7bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc7i7bnh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc7i5bnh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnk_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnk_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnk_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnk_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnk_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnk_firmware:syskli35.86a.0062:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnk_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnk_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnk_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i5bnk_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc7i5bnk:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc7i3bnh:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnk_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnk_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnk_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnk_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnk_firmware:syskli35.86a.0062:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnk_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnk_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnk_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnk_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:intel:nuc7i3bnk_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:intel:nuc7i3bnk:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2017-5701"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084\u0026languageid=en-fr",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084\u0026languageid=en-fr"
            },
            {
              "name": "101257",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/101257"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.4,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 0.5,
          "impactScore": 6.0
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2017-10-11T00:29Z"
    }
  }
}

CNVD-2017-30485

Vulnerability from cnvd - Published: 2017-10-18

Title

Intel SPI Write Protection本地安全绕过漏洞

Description

Intel NUC7i3BNK等都是美国英特尔（Intel）公司的CPU（中央处理器）产品。 Intel SPI Write Protection存在本地安全绕过漏洞，本地攻击者可利用漏洞绕过某些安全限制。

Severity

中

Patch Name

Intel SPI Write Protection本地安全绕过漏洞的补丁

Patch Description

Intel NUC7i3BNK等都是美国英特尔（Intel）公司的CPU（中央处理器）产品。 Intel SPI Write Protection存在本地安全绕过漏洞，本地攻击者可利用漏洞绕过某些安全限制。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr

Reference

https://nvd.nist.gov/vuln/detail/CVE-2017-5700

Impacted products

Name
['Intel NUC7i5BNK', 'Intel NUC7i5BNH', 'Intel NUC7i3BNK', 'Intel NUC7i3BNH', 'Intel BN0049', 'Intel NUC7i7BNH']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "101257"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-5701"
    }
  },
  "description": "Intel NUC7i3BNK\u7b49\u90fd\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684CPU\uff08\u4e2d\u592e\u5904\u7406\u5668\uff09\u4ea7\u54c1\u3002\r\n\r\nIntel SPI Write Protection\u5b58\u5728\u672c\u5730\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u7ed5\u8fc7\u67d0\u4e9b\u5b89\u5168\u9650\u5236\u3002",
  "discovererName": "Nikolaj Schlej.",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084\u0026languageid=en-fr",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-30485",
  "openTime": "2017-10-18",
  "patchDescription": "Intel NUC7i3BNK\u7b49\u90fd\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684CPU\uff08\u4e2d\u592e\u5904\u7406\u5668\uff09\u4ea7\u54c1\u3002\r\n\r\nIntel SPI Write Protection\u5b58\u5728\u672c\u5730\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u7ed5\u8fc7\u67d0\u4e9b\u5b89\u5168\u9650\u5236\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Intel SPI Write Protection\u672c\u5730\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Intel NUC7i5BNK",
      "Intel NUC7i5BNH",
      "Intel NUC7i3BNK",
      "Intel NUC7i3BNH",
      "Intel BN0049",
      "Intel NUC7i7BNH"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2017-5700",
  "serverity": "\u4e2d",
  "submitTime": "2017-10-11",
  "title": "Intel SPI Write Protection\u672c\u5730\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e"
}

GHSA-RQXQ-8Q8C-R6X4

Vulnerability from github – Published: 2022-05-13 01:46 – Updated: 2022-05-13 01:46

Details

Severity ?

7.1 (High)


                  
                    CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-5701"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-10-11T00:29:00Z",
    "severity": "HIGH"
  },
  "details": "Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery.",
  "id": "GHSA-rqxq-8q8c-r6x4",
  "modified": "2022-05-13T01:46:16Z",
  "published": "2022-05-13T01:46:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5701"
    },
    {
      "type": "WEB",
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084\u0026languageid=en-fr"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/101257"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-5701 (GCVE-0-2017-5701)

VAR-201710-0957

FKIE_CVE-2017-5701

GSD-2017-5701

CNVD-2017-30485

GHSA-RQXQ-8Q8C-R6X4

Tags

Sightings

Nomenclature