CVE-2020-12336: Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via…

high7.8CVSS 3.1

AVLACLPRLUINSUCHIHAH

Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected

23 ranges

Vendor	Product	Version range	Fixed in
intel	nuc_8_mainstream-g_kit_nuc8i5inh_firmware	—	—
intel	nuc_8_mainstream-g_kit_nuc8i7inh_firmware	—	—
intel	nuc_8_mainstream-g_mini_pc_nuc8i5inh_firmware	—	—
intel	nuc_8_mainstream-g_mini_pc_nuc8i7inh_firmware	—	—
intel	nuc_8_pro_board_nuc8i3pnb_firmware	—	—
intel	nuc_8_pro_kit_nuc8i3pnh_firmware	—	—
intel	nuc_8_pro_kit_nuc8i3pnk_firmware	—	—
intel	nuc_8_pro_mini_pc_nuc8i3pnk_firmware	—	—
intel	nuc_8_rugged_kit_nuc8cchkr_firmware	—	—
intel	nuc_9_pro_kit_nuc9v7qnx_firmware	—	—
intel	nuc_9_pro_kit_nuc9vxqnx_firmware	—	—
intel	nuc_board_h27002-400_firmware	—	—
intel	nuc_board_h27002-401_firmware	—	—
intel	nuc_board_h27002-402_firmware	—	—
intel	nuc_board_h27002-404_firmware	—	—
intel	nuc_board_h27002-500_firmware	—	—
intel	nuc_board_nuc8cchb_firmware	—	—
intel	nuc_kit_h26998-401_firmware	—	—
intel	nuc_kit_h26998-402_firmware	—	—
intel	nuc_kit_h26998-403_firmware	—	—
intel	nuc_kit_h26998-404_firmware	—	—
intel	nuc_kit_h26998-405_firmware	—	—
intel	nuc_kit_h26998-500_firmware	—	—