{"containers": {"cna": {"affected": [{"product": "Intel(R) NUC Kits and Intel(R) Compute Cards", "vendor": "Intel Corporation", "versions": [{"status": "affected", "version": "Multiple Intel(R) NUC Kits and Intel(R) Compute Cards (see list in Intel advisory)."}]}], "datePublic": "2018-09-11T00:00:00", "descriptions": [{"lang": "en", "value": "Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access."}], "problemTypes": [{"descriptions": [{"description": "Escalation of Privilege, Denial of Service, Information Disclosure", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-09-12T18:57:01", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@intel.com", "DATE_PUBLIC": "2018-09-11T00:00:00", "ID": "CVE-2018-12176", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Intel(R) NUC Kits and Intel(R) Compute Cards", "version": {"version_data": [{"version_value": "Multiple Intel(R) NUC Kits and Intel(R) Compute Cards (see list in Intel advisory)."}]}}]}, "vendor_name": "Intel Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Escalation of Privilege, Denial of Service, Information Disclosure"}]}]}, "references": {"reference_data": [{"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html", "refsource": "CONFIRM", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T08:30:58.991Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"}]}]}, "cveMetadata": {"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2018-12176", "datePublished": "2018-09-12T19:00:00Z", "dateReserved": "2018-06-11T00:00:00", "dateUpdated": "2024-09-16T19:47:25.259Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc_kit_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "71AA56A6-EB26-4A62-83EC-6961BC24D4DA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc_kit_d33217gke:-:*:*:*:*:*:*:*", "matchCriteriaId": "02BFB59F-D932-43E5-9A41-3AE3A9047DCE", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_d53427rke:-:*:*:*:*:*:*:*", "matchCriteriaId": "412647D8-EA12-4EE6-A2D3-71DDFD963BF4", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_d54250wyb:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8DB94BE-7F38-4029-954E-EFE1AC614798", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_de3815tybe:-:*:*:*:*:*:*:*", "matchCriteriaId": "F83FBC94-6D65-4A44-992D-2A5AECC59E49", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_dn2820fykh:-:*:*:*:*:*:*:*", "matchCriteriaId": "738AD9B2-1055-42D0-8D16-205340BE3BE7", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5cpyh:-:*:*:*:*:*:*:*", "matchCriteriaId": "4EB62714-4F2E-4980-9898-BBC4B06085F2", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i3myhe:-:*:*:*:*:*:*:*", "matchCriteriaId": "97B8B238-D4DA-40A8-92CD-42B0EB6B1E2E", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i5myhe:-:*:*:*:*:*:*:*", "matchCriteriaId": "FB5226BE-680C-4915-AB23-EABC588DCC0B", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5i7ryh:-:*:*:*:*:*:*:*", "matchCriteriaId": "03D56B57-D4CD-47E9-AE86-B1307D3609B7", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_nuc5pgyh:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9ED06A8-FABF-431E-A5F4-F1B50E1F51B8", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_nuc6cays:-:*:*:*:*:*:*:*", "matchCriteriaId": "5A261B82-5F54-4556-B1D1-53F0CFDF1830", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_nuc6i5syh:-:*:*:*:*:*:*:*", "matchCriteriaId": "3892CA36-86BF-4861-8C32-657212EABC92", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_nuc6i7kyk:-:*:*:*:*:*:*:*", "matchCriteriaId": "5CC80B8F-D912-40D3-90AF-00DDF6A91AED", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7cjyh:-:*:*:*:*:*:*:*", "matchCriteriaId": "573F0989-6A34-4595-A298-EA1B88C61BD9", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i3dnhe:-:*:*:*:*:*:*:*", "matchCriteriaId": "3143ABA5-9741-4CD2-AB9A-A7600EA6E32F", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i5dnke:-:*:*:*:*:*:*:*", "matchCriteriaId": "2EF7E820-8567-4E9A-8247-5E1665FFF8BC", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i7bnh:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0DE3105-8418-4CA3-80B0-5EE4E394D58F", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i7dnke:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DFDFEB2-B10D-489E-B51C-10FA84E65858", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:*", "matchCriteriaId": "244CD6EC-780A-405E-8CFA-666A666FF7D5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:compute_card_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F811493-1AB4-47BC-B942-2E93A7349843", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:compute_card_cd1iv128mk:-:*:*:*:*:*:*:*", "matchCriteriaId": "CFEA643F-FE21-45B0-AC74-D87D7D864D10", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:compute_card_cd1m3128mk:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1FA6131-F3C8-4B98-B4E8-C320C262F750", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:compute_card_cd1p64gk:-:*:*:*:*:*:*:*", "matchCriteriaId": "5E3D93D1-5772-4806-9428-9AB26B32D210", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:compute_stick_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "202B4308-A49D-487D-A04D-FE34235F61C5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:compute_stick_stck1a32wfc:-:*:*:*:*:*:*:*", "matchCriteriaId": "E453448C-AA11-48E3-8423-60E62A10D0CA", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:compute_stick_stk1aw32sc:-:*:*:*:*:*:*:*", "matchCriteriaId": "3A8B7517-4313-4DA8-953E-B36279157FC3", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:compute_stick_stk2m3w64cc:-:*:*:*:*:*:*:*", "matchCriteriaId": "B9A90BE5-6136-43A9-BC91-9474D3D0EEF6", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B0C9D80-37A3-43E5-B818-55532F613436", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access."}, {"lang": "es", "value": "Validaci\u00f3n de entradas incorrecta en el firmware para Intel NUC Kits podr\u00eda permitir que un usuario privilegiado ejecute c\u00f3digo arbitrario, lo que resulta en una divulgaci\u00f3n de informaci\u00f3n, escalado de privilegios y/o una denegaci\u00f3n de servicio (DoS) mediante acceso local."}], "id": "CVE-2018-12176", "lastModified": "2024-11-21T03:44:42.123", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.5, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-09-12T19:29:02.247", "references": [{"source": "secure@intel.com", "tags": ["Vendor Advisory"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00176.html"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}