1. Home
  2. CVE Database
  3. CVE-2020-0530
HIGH · 7.8

CVE-2020-0530

Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in i...

Vulnerability Description

Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
IntelNuc Kit Nuc8I7Bek Firmwarebecfl357.86a.0077
IntelNuc Kit Nuc8I7Bek-
IntelNuc 8 Enthusiast Pc Nuc8I7Bekqa Firmwarebecfl357.86a.0077
IntelNuc 8 Enthusiast Pc Nuc8I7Bekqa-
IntelNuc Kit Nuc8I7Hnk Firmwarehnkbli70.86a.0059
IntelNuc Kit Nuc8I7Hnk-
IntelNuc 8 Business Pc Nuc8I7Hnkqc Firmwarehnkbli70.86a.0059
IntelNuc 8 Business Pc Nuc8I7Hnkqc-
IntelNuc 8 Mainstream-G Kit Nuc8I7Inh Firmwareinwhl357.0036
IntelNuc 8 Mainstream-G Kit Nuc8I7Inh-
IntelNuc 8 Mainstream-G Kit Nuc8I5Inh Firmwareinwhl357.0036
IntelNuc 8 Mainstream-G Kit Nuc8I5Inh-
IntelNuc 8 Mainstream-G Mini Pc Nuc8I7Inh Firmwareinwhl357.0036
IntelNuc 8 Mainstream-G Mini Pc Nuc8I7Inh-
IntelNuc 8 Rugged Kit Nuc8Cchkr Firmwarechaplcel.0047
IntelNuc 8 Rugged Kit Nuc8Cchkr-
IntelNuc Board Nuc8Cchb Firmwarechaplcel.0047
IntelNuc Board Nuc8Cchb-
IntelNuc 8 Home Pc Nuc8I3Cysm Firmwarecycnli35.86a.0044
IntelNuc 8 Home Pc Nuc8I3Cysm-

Related Weaknesses (CWE)

CWE-120

References

FAQ

What is CVE-2020-0530?

CVE-2020-0530 is a vulnerability with a CVSS score of 7.8 (HIGH). Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in i...

How severe is CVE-2020-0530?

CVE-2020-0530 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-0530?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Nuc Kit Nuc8I7Bek Firmware, Intel Nuc Kit Nuc8I7Bek, Intel Nuc 8 Enthusiast Pc Nuc8I7Bekqa Firmware, Intel Nuc 8 Enthusiast Pc Nuc8I7Bekqa, Intel Nuc Kit Nuc8I7Hnk Firmware.