fkie_cve-2016-8103
Vulnerability from fkie_nvd
Published
2016-12-08 17:59
Modified
2025-04-12 10:46
Severity ?
Summary
SMM call out in all Intel Branded NUC Kits allows a local privileged user to access the System Management Mode and take full control of the platform.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secure@intel.com | http://www.securityfocus.com/bid/95012 | Third Party Advisory, VDB Entry | |
| secure@intel.com | https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00057&languageid=en-fr | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95012 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00057&languageid=en-fr | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | city_bios | * | |
| intel | stk2m3w64cc | - | |
| intel | canyon_bios | * | |
| intel | nuc6i7kyb | - | |
| intel | canyon_bios | * | |
| intel | nuc5cpyh | - | |
| intel | nuc5pgyh | - | |
| intel | nuc5ppyh | - | |
| intel | city_bios | ccsklm30.86a | |
| intel | stk2mv64cc | - | |
| intel | canyon_bios | * | |
| intel | dn2820fyb | - | |
| intel | city_bios | * | |
| intel | stk2m3w64cc | - | |
| intel | swift_canyon_bios | * | |
| intel | nuc6i3syb | - | |
| intel | nuc6i5syb | - | |
| intel | citry_bios | * | |
| intel | stk1aw32sc | - | |
| intel | canyon_bios | * | |
| intel | nuc5i3mybe | - | |
| intel | canyon_bios | * | |
| intel | nuc5i3mybe | - | |
| intel | city_bios | * | |
| intel | stk1a32sc | - | |
| intel | stk1aw32sc | - | |
| intel | canyon_bios | * | |
| intel | nuc5i3ryb | - | |
| intel | nuc5i5ryb | - | |
| intel | nuc5i7rykh | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:city_bios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F0CE04C-A5D0-471C-8B23-2D5B41D130D0",
"versionEndIncluding": "ccsklm5v.86a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:stk2m3w64cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "123782EB-5B44-492A-86B1-D10C03C89D64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:canyon_bios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07BD9752-DE75-4F3D-BB09-5A301D400C0E",
"versionEndIncluding": "kyskli70.86a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc6i7kyb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C68C682E-7C48-4CBC-B930-56EB93765480",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:canyon_bios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88D4C2C3-6CF9-4A18-9523-F29B9BA6C269",
"versionEndIncluding": "pybwcel.86a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc5cpyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AEC08E1-22C7-4C2F-AB3E-1A65C09B1CFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc5pgyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA76A826-FA4E-4B1E-8B24-77799D3727DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc5ppyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83C621C2-6FA8-427F-BE2C-2DB6B5A910E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:city_bios:ccsklm30.86a:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F4857B-08FC-4516-BFB1-12A0021894C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:stk2mv64cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9497CA1C-A3CA-4CC4-8192-69DF58630575",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:canyon_bios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D641BC47-E80C-4BA2-AD3E-3BC0DCC17069",
"versionEndIncluding": "fybyt10h.86a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:dn2820fyb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06AE2097-A3C0-4241-9B8D-540AD1E71A67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:city_bios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04A09FCF-F784-4DBC-9676-9ACDCC5101F2",
"versionEndIncluding": "ccsklm30.86a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:stk2m3w64cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "123782EB-5B44-492A-86B1-D10C03C89D64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:swift_canyon_bios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAA69CC5-704E-492E-B5DD-EB7C62735057",
"versionEndIncluding": "syskli35.86a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc6i3syb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2399979E-026B-4A1B-953F-CEE188ECB305",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc6i5syb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9C1CE90-5183-49B9-A477-3B78D186DC70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:citry_bios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C730B3C5-6F79-49FA-8A17-D818D8776DA3",
"versionEndIncluding": "scchtax5.86a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:stk1aw32sc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B7E1240-3DAB-40A1-A7C5-20FDBFC344A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:canyon_bios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2620DC57-3EAE-4026-A378-66D338886F60",
"versionEndIncluding": "mybdwi5v.86a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc5i3mybe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3371249-3123-49D8-80C1-A2EFFF1FC859",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:canyon_bios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9AAD87-59E0-4708-87E8-26931FA088AF",
"versionEndIncluding": "mybdwi30.86a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc5i3mybe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3371249-3123-49D8-80C1-A2EFFF1FC859",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:city_bios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A14C8D9-1F2F-4519-B645-693B51F06A52",
"versionEndIncluding": "scchtax5.86a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:stk1a32sc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A109261-534E-4D0C-B94A-2194CBF2FF13",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:stk1aw32sc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B7E1240-3DAB-40A1-A7C5-20FDBFC344A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:canyon_bios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21A69392-379C-43BF-8BB6-5BBC6AE3E588",
"versionEndIncluding": "rybdwi35.86a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc5i3ryb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB003BB8-022A-4DDB-A025-38363EDCEB17",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc5i5ryb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F6B597-D173-4F9E-A6BB-3E7E56251A4A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:nuc5i7rykh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E95E0035-96A5-40D8-BE5B-1DF95EC25687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SMM call out in all Intel Branded NUC Kits allows a local privileged user to access the System Management Mode and take full control of the platform."
},
{
"lang": "es",
"value": "Llamada SMM en todos los Intel Branded NUC Kits permite a usuarios locales privilegiados acceder al System Management Mode y tomar el control completo de la plataforma."
}
],
"id": "CVE-2016-8103",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-12-08T17:59:01.583",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95012"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00057\u0026languageid=en-fr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00057\u0026languageid=en-fr"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…