CVE-2018-12176
https://notcve.org/view.php?id=CVE-2018-12176
Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access. Validación de entradas incorrecta en el firmware para Intel NUC Kits podría permitir que un usuario privilegiado ejecute código arbitrario, lo que resulta en una divulgación de información, escalado de privilegios y/o una denegación de servicio (DoS) mediante acceso local. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html • CWE-20: Improper Input Validation •
CVE-2017-5721
https://notcve.org/view.php?id=CVE-2017-5721
Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory. Insuficiente validación de entradas en el firmware del sistema para Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH en versiones BN0049 e inferiores permite que atacantes locales ejecuten código arbitrario mediante la manipulación de la memoria. • https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr • CWE-20: Improper Input Validation •
CVE-2017-5701
https://notcve.org/view.php?id=CVE-2017-5701
Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery. Configuración de la plataforma insegura en el firmware del sistema para Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH en versiones BN0049 e inferiores permite que un atacante con presencia física ejecute código arbitrario mediante la modificación sin autorización del firmware durante BIOS Recovery. • http://www.securityfocus.com/bid/101257 https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr •
CVE-2017-5700
https://notcve.org/view.php?id=CVE-2017-5700
Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator and User passwords via access to password storage. Insuficiente protección del almacenamiento de contraseñas en el firmware del sistema para Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH en versiones BN0049 e inferiores permite que atacantes locales omitan las contraseñas Administrator y User mediante el acceso al almacenamiento de contraseñas. • http://www.securityfocus.com/bid/101241 https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr • CWE-522: Insufficiently Protected Credentials •
CVE-2017-5722
https://notcve.org/view.php?id=CVE-2017-5722
Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass enforcement of integrity protections via manipulation of firmware storage. Cumplimiento incorrecto de políticas en el firmware del sistema para Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH en versiones BN0049 e inferiores permite que atacantes con acceso local o físico omitan el cumplimiento de protecciones de integridad mediante la manipulación del almacenamiento del firmware. • http://www.securityfocus.com/bid/101236 https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr • CWE-269: Improper Privilege Management •