Vulnerability Details : CVE-2017-5685
The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information.
Products affected by CVE-2017-5685
- cpe:2.3:o:intel:nuc6i7kyk_bios:kyskli70.86a.0042.2016.0929.1933:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-5685
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 10 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-5685
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST | |
3.9
|
LOW | CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
0.3
|
3.6
|
NIST |
CWE ids for CVE-2017-5685
-
During installation, installed file permissions are set to allow anyone to modify those files.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-5685
-
http://www.securityfocus.com/bid/97408
Intel NUC and Compute Stick DCI Multiple Local Information Disclosure VulnerabilitiesThird Party Advisory;VDB Entry
-
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073&languageid=en-fr
INTEL-SA-00073Vendor Advisory
Jump to