1. Home
  2. CVE Database
  3. CVE-2017-3718
MEDIUM · 6.2

CVE-2017-3718

Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access.

Vulnerability Description

Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access.

CVSS Score

6.2

MEDIUM

CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
IntelNuc Kit Firmware-
IntelNuc Kit D33217Gke-
IntelNuc Kit D53427Rke-
IntelNuc Kit D54250Wyb-
IntelNuc Kit De3815Tybe-
IntelNuc Kit Dn2820Fykh-
IntelNuc Kit Nuc5Cpyh-
IntelNuc Kit Nuc5I3Myhe-
IntelNuc Kit Nuc5I5Myhe-
IntelNuc Kit Nuc5I7Ryh-
IntelNuc Kit Nuc5Pgyh-
IntelNuc Kit Nuc6Cays-
IntelNuc Kit Nuc6I5Syh-
IntelNuc Kit Nuc6I7Kyk-
IntelNuc Kit Nuc7Cjyh-
IntelNuc Kit Nuc7I3Dnhe-
IntelNuc Kit Nuc7I5Dnke-
IntelNuc Kit Nuc7I7Bnh-
IntelNuc Kit Nuc7I7Dnke-
IntelNuc Kit Nuc8I7Hnk-

References

FAQ

What is CVE-2017-3718?

CVE-2017-3718 is a vulnerability with a CVSS score of 6.2 (MEDIUM). Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access.

How severe is CVE-2017-3718?

CVE-2017-3718 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-3718?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Nuc Kit Firmware, Intel Nuc Kit D33217Gke, Intel Nuc Kit D53427Rke, Intel Nuc Kit D54250Wyb, Intel Nuc Kit De3815Tybe.