CVE-2018-12176

Summary

CVE	CVE-2018-12176
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2018-09-12 19:29:00 UTC
Updated	2019-10-03 00:03:00 UTC
Description	Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.

Risk And Classification

Problem Types: CWE-20

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Intel	Compute Card Cd1iv128mk	-	All	All	All
Hardware	Intel	Compute Card Cd1iv128mk	-	All	All	All
Hardware	Intel	Compute Card Cd1m3128mk	-	All	All	All
Hardware	Intel	Compute Card Cd1m3128mk	-	All	All	All
Hardware	Intel	Compute Card Cd1p64gk	-	All	All	All
Hardware	Intel	Compute Card Cd1p64gk	-	All	All	All
Operating System	Intel	Compute Card Firmware	-	All	All	All
Operating System	Intel	Compute Card Firmware	-	All	All	All
Operating System	Intel	Compute Stick Firmware	-	All	All	All
Operating System	Intel	Compute Stick Firmware	-	All	All	All
Hardware	Intel	Compute Stick Stck1a32wfc	-	All	All	All
Hardware	Intel	Compute Stick Stck1a32wfc	-	All	All	All
Hardware	Intel	Compute Stick Stk1aw32sc	-	All	All	All
Hardware	Intel	Compute Stick Stk1aw32sc	-	All	All	All
Hardware	Intel	Compute Stick Stk2m3w64cc	-	All	All	All
Hardware	Intel	Compute Stick Stk2m3w64cc	-	All	All	All
Hardware	Intel	Compute Stick Stk2mv64cc	-	All	All	All
Hardware	Intel	Compute Stick Stk2mv64cc	-	All	All	All
Hardware	Intel	Nuc Kit D33217gke	-	All	All	All
Hardware	Intel	Nuc Kit D33217gke	-	All	All	All
Hardware	Intel	Nuc Kit D53427rke	-	All	All	All
Hardware	Intel	Nuc Kit D53427rke	-	All	All	All
Hardware	Intel	Nuc Kit D54250wyb	-	All	All	All
Hardware	Intel	Nuc Kit D54250wyb	-	All	All	All
Hardware	Intel	Nuc Kit De3815tybe	-	All	All	All
Hardware	Intel	Nuc Kit De3815tybe	-	All	All	All
Hardware	Intel	Nuc Kit Dn2820fykh	-	All	All	All
Hardware	Intel	Nuc Kit Dn2820fykh	-	All	All	All
Operating System	Intel	Nuc Kit Firmware	-	All	All	All
Operating System	Intel	Nuc Kit Firmware	-	All	All	All
Hardware	Intel	Nuc Kit Nuc5cpyh	-	All	All	All
Hardware	Intel	Nuc Kit Nuc5cpyh	-	All	All	All
Hardware	Intel	Nuc Kit Nuc5i3myhe	-	All	All	All
Hardware	Intel	Nuc Kit Nuc5i3myhe	-	All	All	All
Hardware	Intel	Nuc Kit Nuc5i5myhe	-	All	All	All
Hardware	Intel	Nuc Kit Nuc5i5myhe	-	All	All	All
Hardware	Intel	Nuc Kit Nuc5i7ryh	-	All	All	All
Hardware	Intel	Nuc Kit Nuc5i7ryh	-	All	All	All
Hardware	Intel	Nuc Kit Nuc5pgyh	-	All	All	All
Hardware	Intel	Nuc Kit Nuc5pgyh	-	All	All	All
Hardware	Intel	Nuc Kit Nuc6cays	-	All	All	All
Hardware	Intel	Nuc Kit Nuc6cays	-	All	All	All
Hardware	Intel	Nuc Kit Nuc6i5syh	-	All	All	All
Hardware	Intel	Nuc Kit Nuc6i5syh	-	All	All	All
Hardware	Intel	Nuc Kit Nuc6i7kyk	-	All	All	All
Hardware	Intel	Nuc Kit Nuc6i7kyk	-	All	All	All
Hardware	Intel	Nuc Kit Nuc7cjyh	-	All	All	All
Hardware	Intel	Nuc Kit Nuc7cjyh	-	All	All	All
Hardware	Intel	Nuc Kit Nuc7i3dnhe	-	All	All	All
Hardware	Intel	Nuc Kit Nuc7i3dnhe	-	All	All	All
Hardware	Intel	Nuc Kit Nuc7i5dnke	-	All	All	All
Hardware	Intel	Nuc Kit Nuc7i5dnke	-	All	All	All
Hardware	Intel	Nuc Kit Nuc7i7bnh	-	All	All	All
Hardware	Intel	Nuc Kit Nuc7i7bnh	-	All	All	All
Hardware	Intel	Nuc Kit Nuc7i7dnke	-	All	All	All
Hardware	Intel	Nuc Kit Nuc7i7dnke	-	All	All	All
Hardware	Intel	Nuc Kit Nuc8i7hnk	-	All	All	All
Hardware	Intel	Nuc Kit Nuc8i7hnk	-	All	All	All

References

Reference	Source	Link	Tags
INTEL-SA-00176	CONFIRM	www.intel.com	Vendor Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.