CVE-2020-0526

CVSS V2 Medium 4.6 CVSS V3 Medium 6.7
Description
Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html
Overview
  • CVE ID
  • CVE-2020-0526
  • Assigner
  • secure@intel.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2020-03-12T21:15:13
  • Last Modified Date
  • 2020-03-18T15:27:10
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:intel:nuc_kit_nuc8i7bek_firmware:becfl357.86a.0077:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc8i7bek:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_8_enthusiast_pc_nuc8i7bekqa_firmware:becfl357.86a.0077:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_8_enthusiast_pc_nuc8i7bekqa:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc8i7hnk_firmware:hnkbli70.86a.0059:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_8_business_pc_nuc8i7hnkqc_firmware:hnkbli70.86a.0059:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_8_business_pc_nuc8i7hnkqc:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_8_mainstream-g_kit_nuc8i7inh_firmware:inwhl357.0036:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_8_mainstream-g_kit_nuc8i7inh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_8_mainstream-g_kit_nuc8i5inh_firmware:inwhl357.0036:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_8_mainstream-g_kit_nuc8i5inh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_8_mainstream-g_mini_pc_nuc8i7inh_firmware:inwhl357.0036:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_8_mainstream-g_mini_pc_nuc8i7inh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_8_mainstream-g_mini_pc_nuc8i7inh_firmware:inwhl357.0036:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_8_mainstream-g_mini_pc_nuc8i7inh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_8_rugged_kit_nuc8cchkr_firmware:chaplcel.0047:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_8_rugged_kit_nuc8cchkr:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_board_nuc8cchb_firmware:chaplcel.0047:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_board_nuc8cchb:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_8_home_pc_nuc8i3cysm_firmware:cycnli35.86a.0044:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_8_home_pc_nuc8i3cysm:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc7i7dnke_firmware:dnkbli7v.86a.0067:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc7i7dnke:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc7i7dnhe_firmware:dnkbli7v.86a.0067:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc7i7dnhe:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc7i5dnke_firmware:dnkbli5v.86a.0067:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc7i5dnke:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc7i5dnhe_firmware:dnkbli5v.86a.0067:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc7i5dnhe:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc7i3dnke_firmware:dnkbli30.86a.0067:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc7i3dnke:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc7i3dnhe_firmware:dnkbli30.86a.0067:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc7i3dnhe:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_board_nuc7i7dnbe_firmware:dnkbli7v.86a.0067:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_board_nuc7i7dnbe:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_board_nuc7i5dnbe_firmware:dnkbli5v.86a.0067:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_board_nuc7i5dnbe:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_board_nuc7i3dnbe_firmware:dnkbli30.86a.0067:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_board_nuc7i3dnbe:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:compute_stick_stk2m3w64cc_firmware:ccsklm30.86a.0062:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:compute_stick_stk2m364cc_firmware:ccsklm30.86a.0062:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:compute_stick_stk2m364cc:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:compute_stick_stk1a32sc_firmware:sc0045:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:compute_stick_stk1a32sc:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:compute_stick_stk1aw32sc_firmware:sc0045:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:compute_stick_stk1aw32sc:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc6i7kyk_firmware:kyskli70.86a.0066:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc6i7kyk:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_7_essential_pc_nuc7cjysal_firmware:jyglkcpx.86a.0053:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_7_essential_pc_nuc7cjysal:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc7cjyh_firmware:jyglkcpx.86a.0053:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc7cjyh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc7pjyh_firmware:jyglkcpx.86a.0053:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc7pjyh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc7i7bnh_firmware:bnkbl357.86a.0081:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc7i7bnh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc7i5bnk_firmware:bnkbl357.86a.0081:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc7i5bnk:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc7i3bnh_firmware:bnkbl357.86a.0081:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc7i3bnh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc7i5bnh_firmware:bnkbl357.86a.0081:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc7i5bnh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc7i3bnk_firmware:bnkbl357.86a.0081:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc7i3bnk:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc7i7bnhx1_firmware:bnkbl357.86a.0081:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc7i7bnhx1:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc7i5bnhx1_firmware:bnkbl357.86a.0081:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc7i5bnhx1:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc7i3bnhx1_firmware:bnkbl357.86a.0081:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc7i3bnhx1:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_7_enthusiast_pc_nuc7i7bnhxg_firmware:bnkbl357.86a.0081:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_7_enthusiast_pc_nuc7i7bnhxg:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_7_home_a_mini_pc_nuc7i5bnhxf_firmware:bnkbl357.86a.0081:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_7_home_a_mini_pc_nuc7i5bnhxf:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_7_home_a_mini_pc_nuc7i3bnhxf_firmware:bnkbl357.86a.0081:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_7_home_a_mini_pc_nuc7i3bnhxf:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_7_home_a_mini_pc_nuc7i5bnkp_firmware:bnkbl357.86a.0081:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_7_home_a_mini_pc_nuc7i5bnkp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc6cays_firmware:ayaplcel.86a.0066:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc6cays:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc6cayh_firmware:ayaplcel.86a.0066:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc6cayh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_de3815tykhe_firmware:tybyt20h.86a.0024:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_de3815tykhe:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_board_de3815tybe_firmware:tybyt20h.86a.0024:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_board_de3815tybe:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc6i3syh_firmware:syskli35.86a.0072:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc6i3syh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc6i5syh_firmware:syskli35.86a.0072:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc6i5syh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc6i3syk_firmware:syskli35.86a.0072:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc6i3syk:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc6i5syk_firmware:syskli35.86a.0072:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc6i5syk:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc5pgyh_firmware:pybswcel.86a.0078:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc5pgyh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc5ppyh_firmware:pybswcel.86a.0078:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc5ppyh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc5cpyh_firmware:pybswcel.86a.0078:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc5cpyh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc5i5ryk_firmware:rybdwi35.86a.0383:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc5i5ryk:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc5i3ryh_firmware:rybdwi35.86a.0383:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc5i3ryh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc5i3ryhs_firmware:rybdwi35.86a.0383:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc5i3ryhs:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc5i3ryhsn_firmware:rybdwi35.86a.0383:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc5i3ryhsn:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc5i3ryk_firmware:rybdwi35.86a.0383:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc5i3ryk:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc5i5ryh_firmware:rybdwi35.86a.0383:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc5i5ryh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc5i5ryhs_firmware:rybdwi35.86a.0383:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc5i5ryhs:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc5i7ryh_firmware:rybdwi35.86a.0383:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc5i7ryh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc5i3myhe_firmware:mybdwi30.86a.0057:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc5i3myhe:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_nuc5i5myhe_firmware:mybdwi5v.86a.0056:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_nuc5i5myhe:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_board_nuc5i5mybe_firmware:mybdwi5v.86a.0056:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_board_nuc5i5mybe:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_board_nuc5i3mybe_firmware:mybdwi30.86a.0057:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_board_nuc5i3mybe:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_d54250wyk_firmware:wylpt10h.86a.0054:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_d54250wyk:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_board_d34010wyb_firmware:wylpt10h.86a.0054:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_board_d34010wyb:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_board_d54250wyb_firmware:wylpt10h.86a.0054:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_board_d54250wyb:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_d34010wyk_firmware:wylpt10h.86a.0054:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_d34010wyk:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_d34010wykh_firmware:wylpt10h.86a.0054:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_d34010wykh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:nuc_kit_d54250wykh_firmware:wylpt10h.86a.0054:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:nuc_kit_d54250wykh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:compute_stick_stck1a32wfc_firmware:stck1a32wfc:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:compute_stick_stck1a8lfc_firmware:stck1a8lfc:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:intel:compute_stick_stck1a8lfc:-:*:*:*:*:*:*:* 0 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:L/AC:L/Au:N/C:P/I:P/A:P
  • Access Vector
  • LOCAL
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • PARTIAL
  • Base Score
  • 4.6
  • Severity
  • MEDIUM
  • Exploitability Score
  • 3.9
  • Impact Score
  • 6.4
CVSS Version 3
  • Version
  • 3.1
  • Vector String
  • CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Attack Vector
  • LOCAL
  • Attack Compatibility
  • LOW
  • Privileges Required
  • HIGH
  • User Interaction
  • NONE
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • HIGH
  • Availability Impact
  • HIGH
  • Base Score
  • 6.7
  • Base Severity
  • MEDIUM
  • Exploitability Score
  • 0.8
  • Impact Score
  • 5.9
References
History
Created Old Value New Value Data Type Notes
2022-05-10 16:47:04 Added to TrackCVE
2022-12-04 12:44:38 2020-03-12T21:15Z 2020-03-12T21:15:13 CVE Published Date updated
2022-12-04 12:44:38 2020-03-18T15:27:10 CVE Modified Date updated
2022-12-04 12:44:38 Analyzed Vulnerability Status updated