Skip to main content

Nuc Kit Nuc8I7Bek Firmware CVE-2020-0530

HIGH
Classic Buffer Overflow (CWE-120)
2020-03-12 secure@intel.com
Buffer Overflow Privilege Escalation Intel Nuc Kit Nuc8I7Bek Firmware Nuc 8 Enthusiast Pc Nuc8I7Bekqa Firmware Nuc Kit Nuc8I7Hnk Firmware Nuc 8 Business Pc Nuc8I7Hnkqc Firmware Nuc 8 Mainstream G Kit Nuc8I7Inh Firmware Nuc 8 Mainstream G Kit Nuc8I5Inh Firmware Nuc 8 Mainstream G Mini Pc Nuc8I7Inh Firmware Nuc 8 Rugged Kit Nuc8Cchkr Firmware Nuc Board Nuc8Cchb Firmware Nuc 8 Home Pc Nuc8I3Cysm Firmware Nuc Kit Nuc7I7Dnke Firmware Nuc Kit Nuc7I7Dnhe Firmware Nuc Kit Nuc7I5Dnke Firmware Nuc Kit Nuc7I5Dnhe Firmware Nuc Kit Nuc7I3Dnke Firmware Nuc Kit Nuc7I3Dnhe Firmware Nuc Board Nuc7I7Dnbe Firmware Nuc Board Nuc7I5Dnbe Firmware Nuc Board Nuc7I3Dnbe Firmware Compute Stick Stk2M3W64Cc Firmware Compute Stick Stk2M364Cc Firmware Compute Stick Stk1A32Sc Firmware Compute Stick Stk1Aw32Sc Firmware Nuc Kit Nuc6I7Kyk Firmware Nuc 7 Essential Pc Nuc7Cjysal Firmware Nuc Kit Nuc7Cjyh Firmware Nuc Kit Nuc7Pjyh Firmware Nuc Kit Nuc7I7Bnh Firmware Nuc Kit Nuc7I5Bnk Firmware Nuc Kit Nuc7I3Bnh Firmware Nuc Kit Nuc7I5Bnh Firmware Nuc Kit Nuc7I3Bnk Firmware Nuc Kit Nuc7I7Bnhx1 Firmware Nuc Kit Nuc7I5Bnhx1 Firmware Nuc Kit Nuc7I3Bnhx1 Firmware Nuc 7 Enthusiast Pc Nuc7I7Bnhxg Firmware Nuc 7 Home A Mini Pc Nuc7I5Bnhxf Firmware Nuc 7 Home A Mini Pc Nuc7I3Bnhxf Firmware Nuc 7 Home A Mini Pc Nuc7I5Bnkp Firmware Nuc Kit Nuc6Cays Firmware Nuc Kit Nuc6Cayh Firmware Nuc Kit De3815Tykhe Firmware Nuc Board De3815Tybe Firmware Nuc Kit Nuc6I3Syh Firmware Nuc Kit Nuc6I5Syh Firmware Nuc Kit Nuc6I3Syk Firmware Nuc Kit Nuc6I5Syk Firmware Nuc Kit Nuc5Pgyh Firmware Nuc Kit Nuc5Ppyh Firmware Nuc Kit Nuc5Cpyh Firmware Nuc Kit Nuc5I5Ryk Firmware Nuc Kit Nuc5I3Ryh Firmware Nuc Kit Nuc5I3Ryhs Firmware Nuc Kit Nuc5I3Ryhsn Firmware Nuc Kit Nuc5I3Ryk Firmware Nuc Kit Nuc5I5Ryh Firmware Nuc Kit Nuc5I5Ryhs Firmware Nuc Kit Nuc5I7Ryh Firmware Nuc Kit Nuc5I3Myhe Firmware Nuc Kit Nuc5I5Myhe Firmware Nuc Board Nuc5I5Mybe Firmware Nuc Board Nuc5I3Mybe Firmware Nuc Kit D54250Wyk Firmware Nuc Board D34010Wyb Firmware Nuc Board D54250Wyb Firmware Nuc Kit D34010Wyk Firmware Nuc Kit D34010Wykh Firmware Nuc Kit D54250Wykh Firmware Compute Stick Stck1A32Wfc Firmware Compute Stick Stck1A8Lfc Firmware
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Mar 12, 2020 - 21:15 nvd
HIGH 7.8

DescriptionNVD

Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html

AnalysisAI

Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Copy without Size Check (CWE-120), which allows attackers to overflow a buffer to corrupt adjacent memory. Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html Affected products include: Intel Nuc Kit Nuc8I7Bek Firmware, Intel Nuc 8 Enthusiast Pc Nuc8I7Bekqa Firmware, Intel Nuc Kit Nuc8I7Hnk Firmware, Intel Nuc 8 Business Pc Nuc8I7Hnkqc Firmware, Intel Nuc 8 Mainstream-G Kit Nuc8I7Inh Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Always validate buffer sizes before copy operations. Use bounded functions (strncpy, snprintf). Enable compiler protections.

Share

CVE-2020-0530 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy