2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2017-5722" ,
"sourceIdentifier" : "secure@intel.com" ,
"published" : "2017-10-11T00:29:00.333" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T03:28:17.983" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass enforcement of integrity protections via manipulation of firmware storage."
} ,
{
"lang" : "es" ,
"value" : "Cumplimiento incorrecto de pol\u00edticas en el firmware del sistema para Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH en versiones BN0049 e inferiores permite que atacantes con acceso local o f\u00edsico omitan el cumplimiento de protecciones de integridad mediante la manipulaci\u00f3n del almacenamiento del firmware."
}
] ,
"metrics" : {
"cvssMetricV30" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.0" ,
"vectorString" : "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 7.5 ,
"baseSeverity" : "HIGH" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "LOCAL" ,
"attackComplexity" : "HIGH" ,
"privilegesRequired" : "HIGH" ,
"userInteraction" : "NONE" ,
"scope" : "CHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "HIGH"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 0.8 ,
"impactScore" : 6.0
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:L/AC:M/Au:N/C:P/I:P/A:P" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 4.4 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "LOCAL" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "PARTIAL" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "PARTIAL"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 3.4 ,
"impactScore" : 6.4 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-269"
}
]
}
] ,
"configurations" : [
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i7bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "28E7338F-E97C-4C2A-8320-0BAEA1FB365C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i7bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "91A1F20D-B5A6-4010-B94B-399329B426FC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i7bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2D356830-1DBB-43DE-A7E9-6A777EE39FA8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i7bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "311F7D11-90D4-4702-9767-2C8540783937"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i7bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2D6F051E-D237-4F87-B802-0DC0579E242F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i7bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E5F63727-A885-4D30-AF0D-7041160D807F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i7bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D44A0DD6-9FA9-4116-BB65-DC92F67412C4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i7bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "68B87539-80FB-4204-82AF-5284B6E16190"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i7bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "776638A5-1CB9-4706-A8DD-8DBEEC0F0A1A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i7bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "775C4FDA-94EE-47D7-8940-0FECC60DB1C8"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:intel:nuc7i7bnh:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "ACBE1C0D-69EF-45B5-9E70-C4DBD0A401BF"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3C540E10-88AA-4EFF-99DE-4BE606A1C734"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "46AC578B-5063-47D7-887C-040B7DDAE41B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EDF95B5C-C4EF-4CF3-84C7-4789F79F7AB5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0A8293A0-3A36-41BF-AC70-CC48C5A93B8B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AFAE844D-523B-45EA-83D9-B97810245819"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FC2C1007-EC35-4624-9EF7-325EFB9D51A4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AF3DCB3E-C437-428C-AAFB-C5D57DD1443E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AA87C97F-FC0B-42E2-8EBC-C39C778BD36F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "36E5D240-4014-44BC-8440-C92FABCB4417"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FFA85BEE-61CB-4033-B6B4-6A32AD1F2C67"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:intel:nuc7i5bnh:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CA8FFEF7-5140-44F6-91CD-B9468F20692F"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnk_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "08C0B75D-2A2C-4437-AE72-35BFB2C6F41A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnk_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F074D06A-B828-49EA-B1C2-0FCF71A83E4B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnk_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BBF75171-EF1D-4ADF-9125-4C9B4EF347CB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnk_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C28D8E17-7A98-4C5E-A9AB-5B56826460DF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnk_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B39A87F9-9C0B-4CD9-82EB-C7220F02BED9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnk_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2316FA59-3FAB-4D68-8016-F82649AA56A0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnk_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A5C9EEAE-8DA8-485F-ACFE-062F8062DCFA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnk_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7F4DEB05-EC57-465F-9721-BA2D82955982"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnk_firmware:syskli35.86a.0062:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "468CF14F-D5F7-47EB-BCD1-628BBEBFD648"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i5bnk_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "265BB588-1CB8-4F2C-B716-58FF6A6B0EB4"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:intel:nuc7i5bnk:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EBF91B19-0FA1-4CE8-B729-A09612466725"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0367FBB9-1E31-4BED-8E6F-AF4275D372AA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8361A20E-EB65-4C6C-9977-6A988D7414D0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0777E301-8278-4937-9B9C-0560985A1B85"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "73FE5A99-12CA-400F-9B7A-CCC477FF5192"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "509EE9C7-C13E-4EEC-ABC1-403B15A6DED0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BE740CB3-7D90-4B00-B3FF-116B74EA5249"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CBE67A7F-9ABB-47D9-A576-4FE7E665477E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "21CBBF36-F05A-4190-9C11-6DA2B7CA503F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BE611A09-0D29-4163-8616-7A7CC12C6ADC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7143E57A-504B-414B-B22C-F1C8FB929E22"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:intel:nuc7i3bnh:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DC5EC4E6-B529-48DC-9251-73633807E4A7"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnk_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "22DDB889-967C-4924-8B5C-92B2D561E55A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnk_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EED1ABBA-E6F0-4E1C-A327-220508EBE960"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnk_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6915BBE5-8F58-4652-A5EC-B0153628F696"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnk_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3B550844-0CFE-465C-B383-05FA21253F1E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnk_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C80B6A2B-A318-4A6C-9EDE-C749019E911B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnk_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "11E0F74B-EEA3-4656-8CF2-318E0EA42183"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnk_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0A860E39-FB9A-4288-99B0-2692995BCD1B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnk_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0F212139-E8B6-4CFE-856B-BCD9E2EBC1C4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnk_firmware:syskli35.86a.0062:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A017F978-9BD3-4830-85EC-538F0E513F65"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:intel:nuc7i3bnk_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AA512D48-426B-4C13-809A-719AA2B241FF"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:intel:nuc7i3bnk:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A810CE8E-3B2C-458D-BAE4-BA3AEC4FA5CA"
}
]
}
]
}
] ,
"references" : [
{
"url" : "http://www.securityfocus.com/bid/101236" ,
"source" : "secure@intel.com" ,
"tags" : [
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr" ,
"source" : "secure@intel.com" ,
"tags" : [
"Patch" ,
"Third Party Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "http://www.securityfocus.com/bid/101236" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch" ,
"Third Party Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
