← Back

CVE-2017-5700

nvd nist
Published: Oct 11, 2017Modified: May 13, 2026

JSON object

Loading...
8.4
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.5 / Impact: 5.9
Source: NVD

Description

Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator and User passwords via access to password storage.

Affected (50)

Intel
5 products
Nuc7i7bnh Firmware
Nuc7i5bnh Firmware
Nuc7i5bnk Firmware
Nuc7i3bnh Firmware
Nuc7i3bnk Firmware
Configuration A
10 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Intel
Nuc7i7bnh Firmware
Version ayaplcel.86a.0041
Nuc7i7bnh Firmware
Version bnkbl357.86a.0052
Nuc7i7bnh Firmware
Version ccsklm30.86a.0052
Nuc7i7bnh Firmware
Version ccsklm5v.86a.0052
Nuc7i7bnh Firmware
Version dnkbli30.86a.0026
Nuc7i7bnh Firmware
Version dnkbli5v.86a.0026
Nuc7i7bnh Firmware
Version kyskli70.86a.0050
Nuc7i7bnh Firmware
Version rybdwi35.86a.0366
Nuc7i7bnh Firmware
Version syskli35.86a.0062
Nuc7i7bnh Firmware
Version tybyt20h.86a.0015
Running on/withPlatform Versions
Intel
Nuc7i7bnh
All versions
Configuration B
10 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Intel
Nuc7i5bnh Firmware
Version ayaplcel.86a.0041
Nuc7i5bnh Firmware
Version bnkbl357.86a.0052
Nuc7i5bnh Firmware
Version ccsklm30.86a.0052
Nuc7i5bnh Firmware
Version ccsklm5v.86a.0052
Nuc7i5bnh Firmware
Version dnkbli30.86a.0026
Nuc7i5bnh Firmware
Version dnkbli5v.86a.0026
Nuc7i5bnh Firmware
Version kyskli70.86a.0050
Nuc7i5bnh Firmware
Version rybdwi35.86a.0366
Nuc7i5bnh Firmware
Version syskli35.86a.0062
Nuc7i5bnh Firmware
Version tybyt20h.86a.0015
Running on/withPlatform Versions
Intel
Nuc7i5bnh
All versions
Configuration C
10 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Intel
Nuc7i5bnk Firmware
Version ayaplcel.86a.0041
Nuc7i5bnk Firmware
Version bnkbl357.86a.0052
Nuc7i5bnk Firmware
Version ccsklm30.86a.0052
Nuc7i5bnk Firmware
Version ccsklm5v.86a.0052
Nuc7i5bnk Firmware
Version dnkbli30.86a.0026
Nuc7i5bnk Firmware
Version dnkbli5v.86a.0026
Nuc7i5bnk Firmware
Version kyskli70.86a.0050
Nuc7i5bnk Firmware
Version rybdwi35.86a.0366
Nuc7i5bnk Firmware
Version syskli35.86a.0062
Nuc7i5bnk Firmware
Version tybyt20h.86a.0015
Running on/withPlatform Versions
Intel
Nuc7i5bnk
All versions
Configuration D
10 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Intel
Nuc7i3bnh Firmware
Version ayaplcel.86a.0041
Nuc7i3bnh Firmware
Version bnkbl357.86a.0052
Nuc7i3bnh Firmware
Version ccsklm30.86a.0052
Nuc7i3bnh Firmware
Version ccsklm5v.86a.0052
Nuc7i3bnh Firmware
Version dnkbli30.86a.0026
Nuc7i3bnh Firmware
Version dnkbli5v.86a.0026
Nuc7i3bnh Firmware
Version kyskli70.86a.0050
Nuc7i3bnh Firmware
Version rybdwi35.86a.0366
Nuc7i3bnh Firmware
Version syskli35.86a.0062
Nuc7i3bnh Firmware
Version tybyt20h.86a.0015
Running on/withPlatform Versions
Intel
Nuc7i3bnh
All versions
Configuration E
10 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Intel
Nuc7i3bnk Firmware
Version ayaplcel.86a.0041
Nuc7i3bnk Firmware
Version bnkbl357.86a.0052
Nuc7i3bnk Firmware
Version ccsklm30.86a.0052
Nuc7i3bnk Firmware
Version ccsklm5v.86a.0052
Nuc7i3bnk Firmware
Version dnkbli30.86a.0026
Nuc7i3bnk Firmware
Version dnkbli5v.86a.0026
Nuc7i3bnk Firmware
Version kyskli70.86a.0050
Nuc7i3bnk Firmware
Version rybdwi35.86a.0366
Nuc7i3bnk Firmware
Version syskli35.86a.0062
Nuc7i3bnk Firmware
Version tybyt20h.86a.0015
Running on/withPlatform Versions
Intel
Nuc7i3bnk
All versions

Related CWEs

CWE-522
Insufficiently Protected Credentials
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References (4)

Source: secure@intel.com
Third Party AdvisoryVDB Entry
Source: secure@intel.com
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory

Timeline

No history available yet.