Strix
26.1K

CVE-2017-5701

UnknownEPSS 0.33%

Last modified

CVE-2017-5701 is a vulnerability of currently unknown severity. Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery.. EPSS estimates a 0.33% chance of exploitation in the next 30 days.

Description

Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery.

Metrics

EPSS Probability
0.33%

24.5th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
IntelNuc7i7bnh Firmwareayaplcel.86a.0041
IntelNuc7i7bnh Firmwarebnkbl357.86a.0052
IntelNuc7i7bnh Firmwareccsklm5v.86a.0052
IntelNuc7i7bnh Firmwareccsklm30.86a.0052
IntelNuc7i7bnh Firmwarednkbli5v.86a.0026
IntelNuc7i7bnh Firmwarednkbli30.86a.0026
IntelNuc7i7bnh Firmwarekyskli70.86a.0050
IntelNuc7i7bnh Firmwarerybdwi35.86a.0366
IntelNuc7i7bnh Firmwaresyskli35.86a.0062
IntelNuc7i7bnh Firmwaretybyt20h.86a.0015
IntelNuc7i5bnh Firmwareayaplcel.86a.0041
IntelNuc7i5bnh Firmwarebnkbl357.86a.0052
IntelNuc7i5bnh Firmwareccsklm5v.86a.0052
IntelNuc7i5bnh Firmwareccsklm30.86a.0052
IntelNuc7i5bnh Firmwarednkbli5v.86a.0026
IntelNuc7i5bnh Firmwarednkbli30.86a.0026
IntelNuc7i5bnh Firmwarekyskli70.86a.0050
IntelNuc7i5bnh Firmwarerybdwi35.86a.0366
IntelNuc7i5bnh Firmwaresyskli35.86a.0062
IntelNuc7i5bnh Firmwaretybyt20h.86a.0015
IntelNuc7i5bnk Firmwareayaplcel.86a.0041
IntelNuc7i5bnk Firmwarebnkbl357.86a.0052
IntelNuc7i5bnk Firmwareccsklm5v.86a.0052
IntelNuc7i5bnk Firmwareccsklm30.86a.0052
IntelNuc7i5bnk Firmwarednkbli5v.86a.0026
IntelNuc7i5bnk Firmwarednkbli30.86a.0026
IntelNuc7i5bnk Firmwarekyskli70.86a.0050
IntelNuc7i5bnk Firmwarerybdwi35.86a.0366
IntelNuc7i5bnk Firmwaresyskli35.86a.0062
IntelNuc7i5bnk Firmwaretybyt20h.86a.0015
IntelNuc7i3bnh Firmwareayaplcel.86a.0041
IntelNuc7i3bnh Firmwarebnkbl357.86a.0052
IntelNuc7i3bnh Firmwareccsklm5v.86a.0052
IntelNuc7i3bnh Firmwareccsklm30.86a.0052
IntelNuc7i3bnh Firmwarednkbli5v.86a.0026
IntelNuc7i3bnh Firmwarednkbli30.86a.0026
IntelNuc7i3bnh Firmwarekyskli70.86a.0050
IntelNuc7i3bnh Firmwarerybdwi35.86a.0366
IntelNuc7i3bnh Firmwaresyskli35.86a.0062
IntelNuc7i3bnh Firmwaretybyt20h.86a.0015
IntelNuc7i3bnk Firmwareayaplcel.86a.0041
IntelNuc7i3bnk Firmwarebnkbl357.86a.0052
IntelNuc7i3bnk Firmwareccsklm5v.86a.0052
IntelNuc7i3bnk Firmwareccsklm30.86a.0052
IntelNuc7i3bnk Firmwarednkbli5v.86a.0026
IntelNuc7i3bnk Firmwarednkbli30.86a.0026
IntelNuc7i3bnk Firmwarekyskli70.86a.0050
IntelNuc7i3bnk Firmwarerybdwi35.86a.0366
IntelNuc7i3bnk Firmwaresyskli35.86a.0062
IntelNuc7i3bnk Firmwaretybyt20h.86a.0015

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2017-5701?
Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery.
How severe is CVE-2017-5701?
Severity scoring for CVE-2017-5701 is pending analysis. The EPSS model estimates a 0.33% probability of exploitation in the next 30 days.
How do I fix CVE-2017-5701?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-5701?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST