CVE-2017-5700 Information

Description

Insufficient protection of password storage in system firmware for Intel NUC7i3BNK NUC7i3BNH NUC7i5BNK NUC7i5BNH NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator and User passwords via access to password storage.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

http://www.securityfocus.com/bid/101241 https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.4