CVE-2017-5722

{"id": "CVE-2017-5722", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.4, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 0.8}]}, "published": "2017-10-11T00:29:00.333", "references": [{"url": "http://www.securityfocus.com/bid/101236", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@intel.com"}, {"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr", "tags": ["Patch", "Third Party Advisory"], "source": "secure@intel.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-269"}]}], "descriptions": [{"lang": "en", "value": "Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass enforcement of integrity protections via manipulation of firmware storage."}, {"lang": "es", "value": "Cumplimiento incorrecto de pol\u00edticas en el firmware del sistema para Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH en versiones BN0049 e inferiores permite que atacantes con acceso local o f\u00edsico omitan el cumplimiento de protecciones de integridad mediante la manipulaci\u00f3n del almacenamiento del firmware."}], "lastModified": "2019-10-03T00:03:26.223", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28E7338F-E97C-4C2A-8320-0BAEA1FB365C"}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91A1F20D-B5A6-4010-B94B-399329B426FC"}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D356830-1DBB-43DE-A7E9-6A777EE39FA8"}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "311F7D11-90D4-4702-9767-2C8540783937"}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D6F051E-D237-4F87-B802-0DC0579E242F"}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5F63727-A885-4D30-AF0D-7041160D807F"}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D44A0DD6-9FA9-4116-BB65-DC92F67412C4"}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68B87539-80FB-4204-82AF-5284B6E16190"}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "776638A5-1CB9-4706-A8DD-8DBEEC0F0A1A"}, {"criteria": "cpe:2.3:o:intel:nuc7i7bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "775C4FDA-94EE-47D7-8940-0FECC60DB1C8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc7i7bnh:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ACBE1C0D-69EF-45B5-9E70-C4DBD0A401BF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C540E10-88AA-4EFF-99DE-4BE606A1C734"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46AC578B-5063-47D7-887C-040B7DDAE41B"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDF95B5C-C4EF-4CF3-84C7-4789F79F7AB5"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A8293A0-3A36-41BF-AC70-CC48C5A93B8B"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFAE844D-523B-45EA-83D9-B97810245819"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC2C1007-EC35-4624-9EF7-325EFB9D51A4"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF3DCB3E-C437-428C-AAFB-C5D57DD1443E"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA87C97F-FC0B-42E2-8EBC-C39C778BD36F"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36E5D240-4014-44BC-8440-C92FABCB4417"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FFA85BEE-61CB-4033-B6B4-6A32AD1F2C67"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc7i5bnh:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CA8FFEF7-5140-44F6-91CD-B9468F20692F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08C0B75D-2A2C-4437-AE72-35BFB2C6F41A"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F074D06A-B828-49EA-B1C2-0FCF71A83E4B"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBF75171-EF1D-4ADF-9125-4C9B4EF347CB"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C28D8E17-7A98-4C5E-A9AB-5B56826460DF"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B39A87F9-9C0B-4CD9-82EB-C7220F02BED9"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2316FA59-3FAB-4D68-8016-F82649AA56A0"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5C9EEAE-8DA8-485F-ACFE-062F8062DCFA"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F4DEB05-EC57-465F-9721-BA2D82955982"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:syskli35.86a.0062:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "468CF14F-D5F7-47EB-BCD1-628BBEBFD648"}, {"criteria": "cpe:2.3:o:intel:nuc7i5bnk_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "265BB588-1CB8-4F2C-B716-58FF6A6B0EB4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc7i5bnk:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EBF91B19-0FA1-4CE8-B729-A09612466725"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0367FBB9-1E31-4BED-8E6F-AF4275D372AA"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8361A20E-EB65-4C6C-9977-6A988D7414D0"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0777E301-8278-4937-9B9C-0560985A1B85"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73FE5A99-12CA-400F-9B7A-CCC477FF5192"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "509EE9C7-C13E-4EEC-ABC1-403B15A6DED0"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE740CB3-7D90-4B00-B3FF-116B74EA5249"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CBE67A7F-9ABB-47D9-A576-4FE7E665477E"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21CBBF36-F05A-4190-9C11-6DA2B7CA503F"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE611A09-0D29-4163-8616-7A7CC12C6ADC"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7143E57A-504B-414B-B22C-F1C8FB929E22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc7i3bnh:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DC5EC4E6-B529-48DC-9251-73633807E4A7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22DDB889-967C-4924-8B5C-92B2D561E55A"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EED1ABBA-E6F0-4E1C-A327-220508EBE960"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6915BBE5-8F58-4652-A5EC-B0153628F696"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B550844-0CFE-465C-B383-05FA21253F1E"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C80B6A2B-A318-4A6C-9EDE-C749019E911B"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11E0F74B-EEA3-4656-8CF2-318E0EA42183"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A860E39-FB9A-4288-99B0-2692995BCD1B"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F212139-E8B6-4CFE-856B-BCD9E2EBC1C4"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:syskli35.86a.0062:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A017F978-9BD3-4830-85EC-538F0E513F65"}, {"criteria": "cpe:2.3:o:intel:nuc7i3bnk_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA512D48-426B-4C13-809A-719AA2B241FF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc7i3bnk:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A810CE8E-3B2C-458D-BAE4-BA3AEC4FA5CA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "secure@intel.com"}