CVE-2020-0526

Name: CVE-2020-0526
Creator: NVD / NIST
Published: 2020-03-12T21:15:13.937+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 6.7/10EPSS 0.34%

Last modified Jun 17, 2026

CVE-2020-0526 is a medium-severity vulnerability rated 6.7/10 on the CVSS scale. Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html. EPSS estimates a 0.34% chance of exploitation in the next 30 days.

Description

Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html

Metrics

CVSS 3.1

6.7/10

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

0.34%

25.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-20

Affected Software

Vendor	Product	Versions
Intel	Nuc Kit Nuc8i7bek Firmware	becfl357.86a.0077
Intel	Nuc 8 Enthusiast Pc Nuc8i7bekqa Firmware	becfl357.86a.0077
Intel	Nuc Kit Nuc8i7hnk Firmware	hnkbli70.86a.0059
Intel	Nuc 8 Business Pc Nuc8i7hnkqc Firmware	hnkbli70.86a.0059
Intel	Nuc 8 Mainstream-G Kit Nuc8i7inh Firmware	inwhl357.0036
Intel	Nuc 8 Mainstream-G Kit Nuc8i5inh Firmware	inwhl357.0036
Intel	Nuc 8 Mainstream-G Mini Pc Nuc8i7inh Firmware	inwhl357.0036
Intel	Nuc 8 Rugged Kit Nuc8cchkr Firmware	chaplcel.0047
Intel	Nuc Board Nuc8cchb Firmware	chaplcel.0047
Intel	Nuc 8 Home Pc Nuc8i3cysm Firmware	cycnli35.86a.0044
Intel	Nuc Kit Nuc7i7dnke Firmware	dnkbli7v.86a.0067
Intel	Nuc Kit Nuc7i7dnhe Firmware	dnkbli7v.86a.0067
Intel	Nuc Kit Nuc7i5dnke Firmware	dnkbli5v.86a.0067
Intel	Nuc Kit Nuc7i5dnhe Firmware	dnkbli5v.86a.0067
Intel	Nuc Kit Nuc7i3dnke Firmware	dnkbli30.86a.0067
Intel	Nuc Kit Nuc7i3dnhe Firmware	dnkbli30.86a.0067
Intel	Nuc Board Nuc7i7dnbe Firmware	dnkbli7v.86a.0067
Intel	Nuc Board Nuc7i5dnbe Firmware	dnkbli5v.86a.0067
Intel	Nuc Board Nuc7i3dnbe Firmware	dnkbli30.86a.0067
Intel	Compute Stick Stk2m3w64cc Firmware	ccsklm30.86a.0062
Intel	Compute Stick Stk2m364cc Firmware	ccsklm30.86a.0062
Intel	Compute Stick Stk1a32sc Firmware	sc0045
Intel	Compute Stick Stk1aw32sc Firmware	sc0045
Intel	Nuc Kit Nuc6i7kyk Firmware	kyskli70.86a.0066
Intel	Nuc 7 Essential Pc Nuc7cjysal Firmware	jyglkcpx.86a.0053
Intel	Nuc Kit Nuc7cjyh Firmware	jyglkcpx.86a.0053
Intel	Nuc Kit Nuc7pjyh Firmware	jyglkcpx.86a.0053
Intel	Nuc Kit Nuc7i7bnh Firmware	bnkbl357.86a.0081
Intel	Nuc Kit Nuc7i5bnk Firmware	bnkbl357.86a.0081
Intel	Nuc Kit Nuc7i3bnh Firmware	bnkbl357.86a.0081
Intel	Nuc Kit Nuc7i5bnh Firmware	bnkbl357.86a.0081
Intel	Nuc Kit Nuc7i3bnk Firmware	bnkbl357.86a.0081
Intel	Nuc Kit Nuc7i7bnhx1 Firmware	bnkbl357.86a.0081
Intel	Nuc Kit Nuc7i5bnhx1 Firmware	bnkbl357.86a.0081
Intel	Nuc Kit Nuc7i3bnhx1 Firmware	bnkbl357.86a.0081
Intel	Nuc 7 Enthusiast Pc Nuc7i7bnhxg Firmware	bnkbl357.86a.0081
Intel	Nuc 7 Home A Mini Pc Nuc7i5bnhxf Firmware	bnkbl357.86a.0081
Intel	Nuc 7 Home A Mini Pc Nuc7i3bnhxf Firmware	bnkbl357.86a.0081
Intel	Nuc 7 Home A Mini Pc Nuc7i5bnkp Firmware	bnkbl357.86a.0081
Intel	Nuc Kit Nuc6cays Firmware	ayaplcel.86a.0066
Intel	Nuc Kit Nuc6cayh Firmware	ayaplcel.86a.0066
Intel	Nuc Kit De3815tykhe Firmware	tybyt20h.86a.0024
Intel	Nuc Board De3815tybe Firmware	tybyt20h.86a.0024
Intel	Nuc Kit Nuc6i3syh Firmware	syskli35.86a.0072
Intel	Nuc Kit Nuc6i5syh Firmware	syskli35.86a.0072
Intel	Nuc Kit Nuc6i3syk Firmware	syskli35.86a.0072
Intel	Nuc Kit Nuc6i5syk Firmware	syskli35.86a.0072
Intel	Nuc Kit Nuc5pgyh Firmware	pybswcel.86a.0078
Intel	Nuc Kit Nuc5ppyh Firmware	pybswcel.86a.0078
Intel	Nuc Kit Nuc5cpyh Firmware	pybswcel.86a.0078

Showing 50 of 70 affected configurations. See NVD for the full list.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.htmlVendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.htmlVendor Advisory

Timeline

Published: Mar 12, 2020
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2020-0526?

How severe is CVE-2020-0526?

CVE-2020-0526 has a CVSS score of 6.7/10 (MEDIUM severity). The EPSS model estimates a 0.34% probability of exploitation in the next 30 days.

How do I fix CVE-2020-0526?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-0526?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST