CVE-2020-0526

Home/CVE/Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of p

CVE

Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of p

Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html.

MEDIUM · CVSS 6.7 EPSS 0.00056

Monitor

No active-exploitation, high-EPSS, or public-exploit signals - routine patching cadence

Sigma rules0 YARA rules0

⬡

Weakness Classification

CWE-20Improper Input Validation

▤

Affected Products & Versions

intel nuc kit nuc8i7bek firmwareall versions
intel nuc 8 enthusiast pc nuc8i7bekqa firmwareall versions
intel nuc kit nuc8i7hnk firmwareall versions
intel nuc 8 business pc nuc8i7hnkqc firmwareall versions
intel nuc 8 mainstream-g kit nuc8i7inh firmwareall versions
intel nuc 8 mainstream-g kit nuc8i5inh firmwareall versions
intel nuc 8 mainstream-g mini pc nuc8i7inh firmwareall versions
intel nuc 8 rugged kit nuc8cchkr firmwareall versions
Show all 60 affected productsintel nuc board nuc8cchb firmwareall versions
intel nuc 8 home pc nuc8i3cysm firmwareall versions
intel nuc kit nuc7i7dnke firmwareall versions
intel nuc kit nuc7i7dnhe firmwareall versions
intel nuc kit nuc7i5dnke firmwareall versions
intel nuc kit nuc7i5dnhe firmwareall versions
intel nuc kit nuc7i3dnke firmwareall versions
intel nuc kit nuc7i3dnhe firmwareall versions
intel nuc board nuc7i7dnbe firmwareall versions
intel nuc board nuc7i5dnbe firmwareall versions
intel nuc board nuc7i3dnbe firmwareall versions
intel compute stick stk2m3w64cc firmwareall versions
intel compute stick stk2m364cc firmwareall versions
intel compute stick stk1a32sc firmwareall versions
intel compute stick stk1aw32sc firmwareall versions
intel nuc kit nuc6i7kyk firmwareall versions
intel nuc 7 essential pc nuc7cjysal firmwareall versions
intel nuc kit nuc7cjyh firmwareall versions
intel nuc kit nuc7pjyh firmwareall versions
intel nuc kit nuc7i7bnh firmwareall versions
intel nuc kit nuc7i5bnk firmwareall versions
intel nuc kit nuc7i3bnh firmwareall versions
intel nuc kit nuc7i5bnh firmwareall versions
intel nuc kit nuc7i3bnk firmwareall versions
intel nuc kit nuc7i7bnhx1 firmwareall versions
intel nuc kit nuc7i5bnhx1 firmwareall versions
intel nuc kit nuc7i3bnhx1 firmwareall versions
intel nuc 7 enthusiast pc nuc7i7bnhxg firmwareall versions
intel nuc 7 home a mini pc nuc7i5bnhxf firmwareall versions
intel nuc 7 home a mini pc nuc7i3bnhxf firmwareall versions
intel nuc 7 home a mini pc nuc7i5bnkp firmwareall versions
intel nuc kit nuc6cays firmwareall versions
intel nuc kit nuc6cayh firmwareall versions
intel nuc kit de3815tykhe firmwareall versions
intel nuc board de3815tybe firmwareall versions
intel nuc kit nuc6i3syh firmwareall versions
intel nuc kit nuc6i5syh firmwareall versions
intel nuc kit nuc6i3syk firmwareall versions
intel nuc kit nuc6i5syk firmwareall versions
intel nuc kit nuc5pgyh firmwareall versions
intel nuc kit nuc5ppyh firmwareall versions
intel nuc kit nuc5cpyh firmwareall versions
intel nuc kit nuc5i5ryk firmwareall versions
intel nuc kit nuc5i3ryh firmwareall versions
intel nuc kit nuc5i3ryhs firmwareall versions
intel nuc kit nuc5i3ryhsn firmwareall versions
intel nuc kit nuc5i3ryk firmwareall versions
intel nuc kit nuc5i5ryh firmwareall versions
intel nuc kit nuc5i5ryhs firmwareall versions
intel nuc kit nuc5i7ryh firmwareall versions
intel nuc kit nuc5i3myhe firmwareall versions
intel nuc kit nuc5i5myhe firmwareall versions

▣

Scoring & Timeline

6.7

MEDIUM · CVSS v3.1 · secure@intel.com

View on NVD

Attack Vector

Network Adjacent Local Physical

Attack Complexity

Low High

Privileges Required

None Low High

User Interaction

None Required

Scope

Unchanged Changed

Confidentiality

None Low High

Integrity

None Low High

Availability

None Low High

Published to NVD12 Mar 2020 · 09:15 PM

CVSS VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

🔗

References & Sources

Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.htmlVendor Advisory

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

NVD CVE.org CISA Vulners Exploit-DB GitHub PoC VulnCheck KEV GreyNoise

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin