CVE-2020-24525
First published: Thu Nov 12 2020(Updated: )
Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Nuc 8 Mainstream-g Kit Nuc8i5inh Firmware | =inwhl357.0036 | |
| Intel Nuc 8 Mainstream-g Kit Nuc8i5inh | ||
| Intel Nuc 8 Mainstream-g Kit Nuc8i7inh Firmware | =inwhl357.0036 | |
| Intel Nuc 8 Mainstream-g Kit Nuc8i7inh | ||
| Intel Nuc 8 Mainstream-g Mini Pc Nuc8i5inh Firmware | =inwhl357.0036 | |
| Intel Nuc 8 Mainstream-g Mini Pc Nuc8i5inh | ||
| Intel Nuc 8 Mainstream-g Mini Pc Nuc8i7inh Firmware | =inwhl357.0036 | |
| Intel Nuc 8 Mainstream-g Mini Pc Nuc8i7inh | ||
| Intel Nuc 8 Pro Board Nuc8i3pnb Firmware | =pnwhl357.0037 | |
| Intel Nuc 8 Pro Board Nuc8i3pnb | ||
| Intel Nuc 8 Pro Kit Nuc8i3pnh Firmware | =pnwhl357.0037 | |
| Intel Nuc 8 Pro Kit Nuc8i3pnh | ||
| Intel Nuc 8 Pro Kit Nuc8i3pnk Firmware | =pnwhl357.0037 | |
| Intel Nuc 8 Pro Kit Nuc8i3pnk | ||
| Intel Nuc 8 Pro Mini Pc Nuc8i3pnk Firmware | =pnwhl357.0037 | |
| Intel Nuc 8 Pro Mini Pc Nuc8i3pnk | ||
| Intel Nuc 8 Rugged Kit Nuc8cchkr Firmware | =chaplcel.0049 | |
| Intel Nuc 8 Rugged Kit Nuc8cchkr | ||
| Intel Nuc 9 Pro Kit Nuc9v7qnx Firmware | =qncflx70.34 | |
| Intel Nuc 9 Pro Kit Nuc9v7qnx | ||
| Intel Nuc 9 Pro Kit Nuc9vxqnx Firmware | =qncflx70.34 | |
| Intel Nuc 9 Pro Kit Nuc9vxqnx | ||
| Intel Nuc Board H27002-400 Firmware | =tybyt10h.86a | |
| Intel Nuc Board H27002-400 | ||
| Intel Nuc Board H27002-401 Firmware | =tybyt10h.86a | |
| Intel Nuc Board H27002-401 | ||
| Intel Nuc Board H27002-402 Firmware | =tybyt10h.86a | |
| Intel Nuc Board H27002-402 | ||
| Intel Nuc Board H27002-404 Firmware | =tybyt10h.86a | |
| Intel Nuc Board H27002-404 | ||
| Intel Nuc Board H27002-500 Firmware | =tybyt20h.86a | |
| Intel Nuc Board H27002-500 | ||
| Intel Nuc Board Nuc8cchb Firmware | =chaplcel.0049 | |
| Intel Nuc Board Nuc8cchb | ||
| Intel Nuc Kit H26998-401 Firmware | =tybyt10h.86a | |
| Intel Nuc Kit H26998-401 | ||
| Intel Nuc Kit H26998-402 Firmware | =tybyt10h.86a | |
| Intel Nuc Kit H26998-402 | ||
| Intel Nuc Kit H26998-403 Firmware | =tybyt10h.86a | |
| Intel Nuc Kit H26998-403 | ||
| Intel Nuc Kit H26998-404 Firmware | =tybyt10h.86a | |
| Intel Nuc Kit H26998-404 | ||
| Intel Nuc Kit H26998-405 Firmware | =tybyt10h.86a | |
| Intel Nuc Kit H26998-405 | ||
| Intel Nuc Kit H26998-500 Firmware | =tybyt20h.86a | |
| Intel Nuc Kit H26998-500 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this security issue?
The vulnerability ID for this security issue is CVE-2020-24525.
What is the severity of CVE-2020-24525?
The severity of CVE-2020-24525 is 7.8 (high).
What is the affected software for CVE-2020-24525?
The affected software for CVE-2020-24525 includes some Intel(R) NUCs with specific firmware versions.
What can an authenticated user potentially do with this vulnerability?
An authenticated user may potentially enable escalation of privilege via local access.
How can I fix CVE-2020-24525?
To fix CVE-2020-24525, it is recommended to update the firmware of the affected Intel(R) NUCs to a secure version.
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel nuc 8 mainstream-g kit nuc8i5inh firmware
- version/intel nuc 8 mainstream-g kit nuc8i5inh firmware/inwhl357.0036
- canonical/intel nuc 8 mainstream-g kit nuc8i5inh
- canonical/intel nuc 8 mainstream-g kit nuc8i7inh firmware
- version/intel nuc 8 mainstream-g kit nuc8i7inh firmware/inwhl357.0036
- canonical/intel nuc 8 mainstream-g kit nuc8i7inh
- canonical/intel nuc 8 mainstream-g mini pc nuc8i5inh firmware
- version/intel nuc 8 mainstream-g mini pc nuc8i5inh firmware/inwhl357.0036
- canonical/intel nuc 8 mainstream-g mini pc nuc8i5inh
- canonical/intel nuc 8 mainstream-g mini pc nuc8i7inh firmware
- version/intel nuc 8 mainstream-g mini pc nuc8i7inh firmware/inwhl357.0036
- canonical/intel nuc 8 mainstream-g mini pc nuc8i7inh
- canonical/intel nuc 8 pro board nuc8i3pnb firmware
- version/intel nuc 8 pro board nuc8i3pnb firmware/pnwhl357.0037
- canonical/intel nuc 8 pro board nuc8i3pnb
- canonical/intel nuc 8 pro kit nuc8i3pnh firmware
- version/intel nuc 8 pro kit nuc8i3pnh firmware/pnwhl357.0037
- canonical/intel nuc 8 pro kit nuc8i3pnh
- canonical/intel nuc 8 pro kit nuc8i3pnk firmware
- version/intel nuc 8 pro kit nuc8i3pnk firmware/pnwhl357.0037
- canonical/intel nuc 8 pro kit nuc8i3pnk
- canonical/intel nuc 8 pro mini pc nuc8i3pnk firmware
- version/intel nuc 8 pro mini pc nuc8i3pnk firmware/pnwhl357.0037
- canonical/intel nuc 8 pro mini pc nuc8i3pnk
- canonical/intel nuc 8 rugged kit nuc8cchkr firmware
- version/intel nuc 8 rugged kit nuc8cchkr firmware/chaplcel.0049
- canonical/intel nuc 8 rugged kit nuc8cchkr
- canonical/intel nuc 9 pro kit nuc9v7qnx firmware
- version/intel nuc 9 pro kit nuc9v7qnx firmware/qncflx70.34
- canonical/intel nuc 9 pro kit nuc9v7qnx
- canonical/intel nuc 9 pro kit nuc9vxqnx firmware
- version/intel nuc 9 pro kit nuc9vxqnx firmware/qncflx70.34
- canonical/intel nuc 9 pro kit nuc9vxqnx
- canonical/intel nuc board h27002-400 firmware
- version/intel nuc board h27002-400 firmware/tybyt10h.86a
- canonical/intel nuc board h27002-400
- canonical/intel nuc board h27002-401 firmware
- version/intel nuc board h27002-401 firmware/tybyt10h.86a
- canonical/intel nuc board h27002-401
- canonical/intel nuc board h27002-402 firmware
- version/intel nuc board h27002-402 firmware/tybyt10h.86a
- canonical/intel nuc board h27002-402
- canonical/intel nuc board h27002-404 firmware
- version/intel nuc board h27002-404 firmware/tybyt10h.86a
- canonical/intel nuc board h27002-404
- canonical/intel nuc board h27002-500 firmware
- version/intel nuc board h27002-500 firmware/tybyt20h.86a
- canonical/intel nuc board h27002-500
- canonical/intel nuc board nuc8cchb firmware
- version/intel nuc board nuc8cchb firmware/chaplcel.0049
- canonical/intel nuc board nuc8cchb
- canonical/intel nuc kit h26998-401 firmware
- version/intel nuc kit h26998-401 firmware/tybyt10h.86a
- canonical/intel nuc kit h26998-401
- canonical/intel nuc kit h26998-402 firmware
- version/intel nuc kit h26998-402 firmware/tybyt10h.86a
- canonical/intel nuc kit h26998-402
- canonical/intel nuc kit h26998-403 firmware
- version/intel nuc kit h26998-403 firmware/tybyt10h.86a
- canonical/intel nuc kit h26998-403
- canonical/intel nuc kit h26998-404 firmware
- version/intel nuc kit h26998-404 firmware/tybyt10h.86a
- canonical/intel nuc kit h26998-404
- canonical/intel nuc kit h26998-405 firmware
- version/intel nuc kit h26998-405 firmware/tybyt10h.86a
- canonical/intel nuc kit h26998-405
- canonical/intel nuc kit h26998-500 firmware
- version/intel nuc kit h26998-500 firmware/tybyt20h.86a
- canonical/intel nuc kit h26998-500