First published: Thu Nov 12 2020(Updated: )
Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
Affected Software | Affected Version | How to fix |
---|---|---|
Intel NUC 8 Mainstream-G Kit NUC8i5INH | =inwhl357.0036 | |
Intel NUC 8 Mainstream-G Kit | ||
Intel NUC 8 Mainstream Game Kit Firmware | =inwhl357.0036 | |
Intel NUC 8 Mainstream-G Kit | ||
Intel NUC 8 Mainstream-G Mini PC NUC8i5INH | =inwhl357.0036 | |
Intel NUC 8 Mainstream-G Kit NUC8i5INH | ||
Intel NUC 8 Mainstream-G | =inwhl357.0036 | |
Intel NUC 8 Mainstream-G Mini PC NUC8i7INH Firmware | ||
Intel NUC8i3PNB Firmware | =pnwhl357.0037 | |
Intel NUC Pro Board NUC8i3PNB | ||
Intel NUC Pro Board NUC8i3PNH Firmware | =pnwhl357.0037 | |
Intel NUC Pro Kit NUC8i3PNH | ||
Intel NUC 8 Pro Mini PC NUC8i3PNK Firmware | =pnwhl357.0037 | |
Intel NUC Pro Kit NUC8i3PNK | ||
Intel NUC Pro Board NUC8i3PNK Firmware | =pnwhl357.0037 | |
Intel NUC Pro Kit NUC8i3PNK Firmware | ||
Intel NUC Rugged Kit NUC8CCHKR | =chaplcel.0049 | |
Intel NUC Rugged Kit NUC8CCHKR | ||
Intel NUC Pro Compute Element NUC9V7QNX Firmware | =qncflx70.34 | |
Intel NUC 9 V7 QNX | ||
Intel NUC 9 Pro Compute Element | =qncflx70.34 | |
Intel NUC 9 Pro Kit NUC9VXQNX Firmware | ||
Intel NUC board h27002-400 firmware | =tybyt10h.86a | |
Intel NUC board h27002-400 firmware | ||
Intel NUC board h27002-401 | =tybyt10h.86a | |
Intel NUC board h27002-401 firmware | ||
Intel NUC Board H27002-402 | =tybyt10h.86a | |
Intel NUC Board H27002-402 | ||
Intel NUC Board H27002-404 Firmware | =tybyt10h.86a | |
Intel NUC board h27002-404 firmware | ||
Intel NUC board h27002-500 | =tybyt20h.86a | |
Intel NUC | ||
Intel NUC 8 CCHB Firmware | =chaplcel.0049 | |
Intel NUC 8 CCHB Firmware | ||
Intel NUC | =tybyt10h.86a | |
Intel NUC Kit H26998 | ||
Intel NUC Kit | =tybyt10h.86a | |
Intel NUC kit h26998-402 firmware | ||
Intel NUC Kit firmware | =tybyt10h.86a | |
Intel NUC kit | ||
Intel NUC | =tybyt10h.86a | |
Intel NUC Kit | ||
Intel NUC Kit firmware | =tybyt10h.86a | |
Intel NUC kit h26998-405 firmware | ||
Intel NUC Kit H26998-500 Firmware | =tybyt20h.86a | |
Intel NUC kit h26998-500 firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-12337.
The severity of CVE-2020-12337 is medium with a CVSS score of 6.7.
CVE-2020-12337 affects Intel NUCs that have the following firmware versions: NUC8i5INH, NUC8i7INH, NUC8i5INH Mini PC, NUC8i7INH Mini PC, NUC8i3PNB, NUC8i3PNH, NUC8i3PNK, NUC8i3PNK Mini PC, NUC8CCHKR, NUC9v7qnx, NUC9vxqnx, H27002-400 Board, H27002-401 Board, H27002-402 Board, H27002-404 Board, H27002-500 Board, NUC8CCHB Board, H26998-401 Kit, H26998-402 Kit, H26998-403 Kit, H26998-404 Kit, H26998-405 Kit, H26998-500 Kit.
CVE-2020-12337 is a vulnerability in the firmware of some Intel NUCs that allows a privileged user to potentially enable escalation of privilege via local access.
Yes, Intel NUC 8 Mainstream-g Kit NUC8i5INH is vulnerable to CVE-2020-12337.