Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
intelIntel Security CenterINTEL:INTEL-SA-00176
HistorySep 11, 2018 - 12:00 a.m.

Intel® NUC Firmware Security Advisory

2018-09-1100:00:00
Intel Security Center
www.intel.com
9

EPSS

0

Percentile

12.6%

JSON

Summary:

A potential security vulnerability in firmware for Intel® NUC may allow information disclosure, escalation of privilege and/or denial of service.** **Intel® is releasing firmware security updates for Intel® NUC Firmware to mitigate this potential vulnerability.

Vulnerability Details

CVEID:** CVE-2018-12176**

Description: Improper input validation in firmware for Intel® NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.

CVSS Base Score: 8.2 High

CVSS Vector:** **CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected Products:

· Intel® NUC Kit NUC7CJYH

· Intel® NUC Kit NUC8i7HNK

· Intel® Compute Card CD1M3128MK

· Intel® Compute Card CD1IV128MK

· Intel® Compute Card CD1P64GK

· Intel® NUC Kit NUC7i7DNKE

· Intel® NUC Kit NUC7i5DNKE

· Intel® NUC Kit NUC7i3DNHE

· Intel® NUC Kit NUC7i7BNH

· Intel® NUC Kit NUC6CAYS

· Intel® NUC Kit DE3815TYBE

· Intel® NUC Kit NUC6i5SYH

· Intel® NUC Kit NUC6i7KYK

· Intel® NUC Kit NUC5PGYH

· Intel® NUC Kit NUC5CPYH

· Intel® NUC Kit NUC5i7RYH

· Intel® NUC Kit NUC5i5MYHE

· Intel® NUC Kit NUC5i3MYHE

· Intel® NUC Kit DE3815TYBE

· Intel® NUC Kit DN2820FYKH

· Intel® NUC Kit D54250WYB

· Intel® NUC Kit D53427RKE

· Intel® NUC Kit D33217GKE

· Intel® Compute Stick STK2mv64CC

· Intel® Compute Stick STK2m3W64CC

· Intel® Compute Stick STK1AW32SC

· Intel® Compute Stick STCK1A32WFC

Recommendations:

Intel recommends that users update to the latest version (see provided table).

Product

|

Download link
(BIOS dl link)

—|—

Intel® NUC Kit NUC7CJYH

|

NUC7CJYH****

Intel® NUC Kit NUC8i7HNK

|

NUC8i7HNK****

Intel® Compute Card CD1M3128MK

|

CD1M3128MK****

Intel® Compute Card CD1IV128MK

|

CD1IV128MK****

Intel® Compute Card CD1P64GK

|

CD1P64GK****

Intel® NUC Kit NUC7i7DNKE

|

NUC7i7DNKE****

Intel® NUC Kit NUC7i5DNKE

|

NUC7i5DNKE****

Intel® NUC Kit NUC7i3DNHE

|

NUC7i3DNHE****

Intel® NUC Kit NUC7i7BNH

|

NUC7i7BNH****

Intel® NUC Kit NUC6CAYS

|

NUC6CAYS****

Intel® NUC Kit DE3815TYBE

|

DE3815TYBE****

Intel® NUC Kit NUC6i5SYH

|

NUC6i5SYH****

Intel® NUC Kit NUC6i7KYK

|

NUC6i7KYK****

Intel® NUC Kit NUC5PGYH

|

NUC5PGYH****

Intel® NUC Kit NUC5CPYH

|

NUC5CPYH_ _****

Intel® NUC Kit NUC5i7RYH

|

NUC5i7RYH****

Intel® NUC Kit NUC5i5MYHE

|

NUC5i5MYHE****

Intel® NUC Kit NUC5i3MYHE

|

NUC5i3MYHE****

Intel® NUC Kit DE3815TYBE

|

DE3815TYBE****

Intel® NUC Kit DN2820FYKH

|

DN2820FYKH****

Intel® NUC Kit D54250WYB

|

D54250WYB****

Intel® NUC Kit D53427RKE

|

D53427RKE ****

Intel® NUC Kit D33217GKE

|

D33217GKE****

Intel® Compute Stick STK2mv64CC

|

STK2mv64CC****

Intel® Compute Stick STK2m3W64CC

|

STK2m3W64CC****

Intel® Compute Stick STK1AW32SC

|

STK1AW32SC****

Intel® Compute Stick STCK1A32WFC

|

STCK1A32WFC****

Acknowledgements:

Intel would like to thank Ruslan Zakirov and Alexander Ermolov for reporting this issue and working with us on coordinated disclosure.

Related

cvelist 1
prion 1
nvd 1
cve 1
cvelist
cvelist
CVE-2018-12176
2018-09-12 19:00:00
prion
prion
Input validation
2018-09-12 19:29:00
nvd
nvd
CVE-2018-12176
2018-09-12 19:29:02
cve
cve
CVE-2018-12176
2018-09-12 19:29:02

EPSS

0

Percentile

12.6%

JSON
Related for INTEL:INTEL-SA-00176
cvelist1prion1nvd1cve1