Intel® NUC Firmware Advisory

Summary:

Potential security vulnerabilities for some Intel® NUCs may allow escalation of privilege. Intel is releasing firmware updates to mitigate these potential vulnerabilities.

Vulnerability Details:

CVEID: CVE-2021-0067

Description: Improper access control in system firmware for some Intel® NUCs may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 7.5 High

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H****

CVEID: CVE-2021-0054

Description: Improper buffer restrictions in system firmware for some Intel® NUCs may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 7.5 High

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected Products:

Product

|

BIOS Download link

—|—

Intel® NUC M15 Laptop Kit - LAPBC510, LAPBC710

|

BCTGL357.0051

Intel® NUC 11 Compute Element CM11EBC4W, CM11EBi38W, CM11EBi58W, CM11EBi716W

|

EBTGL357.0045

Intel® NUC 11 Performance kit - NUC11PAHi3, NUC11PAHi5, NUC11PAHi7, NUC11PAKi3, NUC11PAKi5, NUC11PAKi7

Intel® NUC 11 Performance Mini PC - NUC11PAQi50WA, NUC11PAQi70QA

|

PATGL357.0037

Intel® NUC 11 Pro Board NUC11TNBi3, NUC11TNBi5, NUC11TNBi7

Intel® NUC 11 Pro Kit NUC11TNHi3, NUC11TNHi30L, NUC11TNHi30P, NUC11TNHi5, NUC11TNHi50L, NUC11TNHi50W, NUC11TNHi7, NUC11TNHi70L, NUC11TNHi70Q, NUC11TNKi3, NUC11TNKi5, NUC11TNKi7

|

TNTGL357.0052

Intel® NUC 11 Enthusiast Kit - NUC11PHKi7C

Intel® NUC 11 Enthusiast Mini PC - NUC11PHKi7CAA

|

PHTGL579.0056

Intel® NUC 10 Performance kit - NUC10i3FNH, NUC10i3FNHF, NUC10i3FNK, NUC10i5FNH, NUC10i5FNHF, NUC10i5FNHJ, NUC10i5FNK, NUC10i5FNKP, NUC10i7FNH, NUC10i7FNHC, NUC10i7FNK, NUC10i7FNKP

Intel® NUC 10 Performance Mini PC - NUC10i3FNHFA, NUC10i3FNHJA, NUC10i5FNHCA, NUC10i5FNHJA, NUC10i5FNKPA, NUC10i7FNHAA, NUC10i7FNHJA, NUC10i7FNKPA

|

FNCML.0050

Intel® NUC 9 Pro Compute Element - NUC9V7QNB, NUC9VXQNB

Intel® NUC 9 Pro Kit - NUC9V7QNX, NUC9VXQNX

|

QNCFLX70.0059

Intel® NUC 8 Business, a Mini PC with Windows 10 - NUC8i7HNKQC

Intel® NUC 8 Enthusiast, a Mini PC with Windows 10 - NUC8i7HVKVA, NUC8i7HVKVAW

Intel® NUC Kit NUC8i7HNK, NUC8i7HVK

|

HNKBLi70.86A.0065

Intel® NUC 8 Rugged Kit NUC8CCHKR

Intel® NUC Board NUC8CCHB

|

CHAPLCEL.0051

Intel® NUC 8 Compute Element CM8CCB, CM8i3CB, CM8i5CB, CM8i7CB, CM8PCB

|

CBWHL.0092

Intel® NUC 8 Pro Board NUC8i3PNB

Intel® NUC 8 Pro Kit NUC8i3PNH, NUC8i3PNK

|

PNWHL357.0039

Intel® NUC 8 Mainstream-G kit NUC8i5INH, NUC8i7INH

Intel® NUC 8 Mainstream-G mini PC NUC8i5INH, NUC8i7INH

|

INWHL357.0040

Intel® NUC 7 Essential, a Mini PC with Windows® 10 - NUC7CJYSAL

Intel® NUC Kit NUC7CJYH, NUC7PJYH

|

JYGLKCPX.86A.0057

Recommendations:

Intel recommends updating Intel® NUCs listed above to the latest BIOS version available (see provided table).

Acknowledgements:

Intel would like to thank Dmitry Frolov for reporting these issues.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.