{"api_version":"1","generated_at":"2026-04-23T18:03:12+00:00","cve":"CVE-2017-5685","urls":{"html":"https://cve.report/CVE-2017-5685","api":"https://cve.report/api/cve/CVE-2017-5685.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2017-5685","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2017-5685"},"summary":{"title":"CVE-2017-5685","description":"The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information.","state":"PUBLIC","assigner":"secure@intel.com","published_at":"2017-04-03 21:59:00","updated_at":"2019-10-03 00:03:00"},"problem_types":["CWE-276"],"metrics":[],"references":[{"url":"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073&languageid=en-fr","name":"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073&languageid=en-fr","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"Intel® Product Security Center","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/97408","name":"97408","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"Intel NUC and Compute Stick DCI Multiple Local Information Disclosure Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2017-5685","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5685","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2017","cve_id":"5685","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"intel","cpe5":"nuc6i7kyk","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"5685","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"intel","cpe5":"nuc6i7kyk","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"5685","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"intel","cpe5":"nuc6i7kyk_bios","cpe6":"kyskli70.86a.0042.2016.0929.1933","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"5685","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"intel","cpe5":"nuc6i7kyk_bios","cpe6":"kyskli70.86a.0042.2016.0929.1933","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"secure@intel.com","ID":"CVE-2017-5685","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Intel NUC NUC6i7KYK","version":{"version_data":[{"version_value":"Before KY0045"}]}}]},"vendor_name":"Intel"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Information Disclosure"}]}]},"references":{"reference_data":[{"name":"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073&languageid=en-fr","refsource":"CONFIRM","url":"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00073&languageid=en-fr"},{"name":"97408","refsource":"BID","url":"http://www.securityfocus.com/bid/97408"}]}},"nvd":{"publishedDate":"2017-04-03 21:59:00","lastModifiedDate":"2019-10-03 00:03:00","problem_types":["CWE-276"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":3.9,"baseSeverity":"LOW"},"exploitabilityScore":0.3,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":2.1},"severity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":true,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:intel:nuc6i7kyk_bios:kyskli70.86a.0042.2016.0929.1933:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:intel:nuc6i7kyk:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2017","CveId":"5685","Ordinal":"102267","Title":"CVE-2017-5685","CVE":"CVE-2017-5685","Year":"2017"},"notes":[{"CveYear":"2017","CveId":"5685","Ordinal":"1","NoteData":"The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information.","Type":"Description","Title":null},{"CveYear":"2017","CveId":"5685","Ordinal":"2","NoteData":"2017-04-03","Type":"Other","Title":"Published"},{"CveYear":"2017","CveId":"5685","Ordinal":"3","NoteData":"2017-04-06","Type":"Other","Title":"Modified"}]}}}