Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
intelIntel Security CenterINTEL:INTEL-SA-00168
HistoryOct 09, 2018 - 12:00 a.m.

Intel® NUC Bios Updater Advisory

2018-10-0900:00:00
Intel Security Center
www.intel.com
9

0.0004 Low

EPSS

Percentile

12.7%

JSON

Summary:

A potential security vulnerability in Intel® NUC EBU firmware update executable may allow denial of service or information disclosure. Intel is releasing firmware kit updates to mitigate this potential vulnerability.

Vulnerability Details:

CVEID: CVE-2018-12158

Description: Insufficient input validation in BIOS update utility in Intel® NUC FW kits downloaded before May 24, 2018 may allow a privileged user to potentially trigger a denial of service or information disclosure via local access.

CVSS Base Score: 7.5 High

CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected Products:

Intel® NUC Firmware Kits downloaded before May 24, 2018.

Recommendations:

Intel recommends users who have downloaded Intel® NUC firmware kits before May 24, 2018 to delete the download.

Updates are available for download at this location: <https://downloadcenter.intel.com/product/98414/Mini-PCs&gt;

Acknowledgements:

Intel would like to thank Alexander Ermolov of Embedi for reporting this issue and working with us on coordinated disclosure.

Related

prion 1
nvd 1
cve 1
cvelist 1
prion
prion
Input validation
2018-10-10 18:29:00
nvd
nvd
CVE-2018-12158
2018-10-10 18:29:04
cve
cve
CVE-2018-12158
2018-10-10 18:29:04
cvelist
cvelist
CVE-2018-12158
2018-10-09 00:00:00

0.0004 Low

EPSS

Percentile

12.7%

JSON
Related for INTEL:INTEL-SA-00168
prion1nvd1cve1cvelist1