7.5

CVE-2017-5722

Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass enforcement of integrity protections via manipulation of firmware storage.

Data is provided by the National Vulnerability Database (NVD)
IntelNuc7i7bnh Firmware Versionayaplcel.86a.0041
   IntelNuc7i7bnh Version-
IntelNuc7i7bnh Firmware Versionbnkbl357.86a.0052
   IntelNuc7i7bnh Version-
IntelNuc7i7bnh Firmware Versionccsklm5v.86a.0052
   IntelNuc7i7bnh Version-
IntelNuc7i7bnh Firmware Versionccsklm30.86a.0052
   IntelNuc7i7bnh Version-
IntelNuc7i7bnh Firmware Versiondnkbli5v.86a.0026
   IntelNuc7i7bnh Version-
IntelNuc7i7bnh Firmware Versiondnkbli30.86a.0026
   IntelNuc7i7bnh Version-
IntelNuc7i7bnh Firmware Versionkyskli70.86a.0050
   IntelNuc7i7bnh Version-
IntelNuc7i7bnh Firmware Versionrybdwi35.86a.0366
   IntelNuc7i7bnh Version-
IntelNuc7i7bnh Firmware Versionsyskli35.86a.0062
   IntelNuc7i7bnh Version-
IntelNuc7i7bnh Firmware Versiontybyt20h.86a.0015
   IntelNuc7i7bnh Version-
IntelNuc7i5bnh Firmware Versionayaplcel.86a.0041
   IntelNuc7i5bnh Version-
IntelNuc7i5bnh Firmware Versionbnkbl357.86a.0052
   IntelNuc7i5bnh Version-
IntelNuc7i5bnh Firmware Versionccsklm5v.86a.0052
   IntelNuc7i5bnh Version-
IntelNuc7i5bnh Firmware Versionccsklm30.86a.0052
   IntelNuc7i5bnh Version-
IntelNuc7i5bnh Firmware Versiondnkbli5v.86a.0026
   IntelNuc7i5bnh Version-
IntelNuc7i5bnh Firmware Versiondnkbli30.86a.0026
   IntelNuc7i5bnh Version-
IntelNuc7i5bnh Firmware Versionkyskli70.86a.0050
   IntelNuc7i5bnh Version-
IntelNuc7i5bnh Firmware Versionrybdwi35.86a.0366
   IntelNuc7i5bnh Version-
IntelNuc7i5bnh Firmware Versionsyskli35.86a.0062
   IntelNuc7i5bnh Version-
IntelNuc7i5bnh Firmware Versiontybyt20h.86a.0015
   IntelNuc7i5bnh Version-
IntelNuc7i5bnk Firmware Versionayaplcel.86a.0041
   IntelNuc7i5bnk Version-
IntelNuc7i5bnk Firmware Versionbnkbl357.86a.0052
   IntelNuc7i5bnk Version-
IntelNuc7i5bnk Firmware Versionccsklm5v.86a.0052
   IntelNuc7i5bnk Version-
IntelNuc7i5bnk Firmware Versionccsklm30.86a.0052
   IntelNuc7i5bnk Version-
IntelNuc7i5bnk Firmware Versiondnkbli5v.86a.0026
   IntelNuc7i5bnk Version-
IntelNuc7i5bnk Firmware Versiondnkbli30.86a.0026
   IntelNuc7i5bnk Version-
IntelNuc7i5bnk Firmware Versionkyskli70.86a.0050
   IntelNuc7i5bnk Version-
IntelNuc7i5bnk Firmware Versionrybdwi35.86a.0366
   IntelNuc7i5bnk Version-
IntelNuc7i5bnk Firmware Versionsyskli35.86a.0062
   IntelNuc7i5bnk Version-
IntelNuc7i5bnk Firmware Versiontybyt20h.86a.0015
   IntelNuc7i5bnk Version-
IntelNuc7i3bnh Firmware Versionayaplcel.86a.0041
   IntelNuc7i3bnh Version-
IntelNuc7i3bnh Firmware Versionbnkbl357.86a.0052
   IntelNuc7i3bnh Version-
IntelNuc7i3bnh Firmware Versionccsklm5v.86a.0052
   IntelNuc7i3bnh Version-
IntelNuc7i3bnh Firmware Versionccsklm30.86a.0052
   IntelNuc7i3bnh Version-
IntelNuc7i3bnh Firmware Versiondnkbli5v.86a.0026
   IntelNuc7i3bnh Version-
IntelNuc7i3bnh Firmware Versiondnkbli30.86a.0026
   IntelNuc7i3bnh Version-
IntelNuc7i3bnh Firmware Versionkyskli70.86a.0050
   IntelNuc7i3bnh Version-
IntelNuc7i3bnh Firmware Versionrybdwi35.86a.0366
   IntelNuc7i3bnh Version-
IntelNuc7i3bnh Firmware Versionsyskli35.86a.0062
   IntelNuc7i3bnh Version-
IntelNuc7i3bnh Firmware Versiontybyt20h.86a.0015
   IntelNuc7i3bnh Version-
IntelNuc7i3bnk Firmware Versionayaplcel.86a.0041
   IntelNuc7i3bnk Version-
IntelNuc7i3bnk Firmware Versionbnkbl357.86a.0052
   IntelNuc7i3bnk Version-
IntelNuc7i3bnk Firmware Versionccsklm5v.86a.0052
   IntelNuc7i3bnk Version-
IntelNuc7i3bnk Firmware Versionccsklm30.86a.0052
   IntelNuc7i3bnk Version-
IntelNuc7i3bnk Firmware Versiondnkbli5v.86a.0026
   IntelNuc7i3bnk Version-
IntelNuc7i3bnk Firmware Versiondnkbli30.86a.0026
   IntelNuc7i3bnk Version-
IntelNuc7i3bnk Firmware Versionkyskli70.86a.0050
   IntelNuc7i3bnk Version-
IntelNuc7i3bnk Firmware Versionrybdwi35.86a.0366
   IntelNuc7i3bnk Version-
IntelNuc7i3bnk Firmware Versionsyskli35.86a.0062
   IntelNuc7i3bnk Version-
IntelNuc7i3bnk Firmware Versiontybyt20h.86a.0015
   IntelNuc7i3bnk Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.05% 0.139
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 0.8 6
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
nvd@nist.gov 4.4 3.4 6.4
AV:L/AC:M/Au:N/C:P/I:P/A:P
CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

http://www.securityfocus.com/bid/101236
Third Party Advisory
VDB Entry