CVE-2017-5701 | Vulnerability Database | Aqua Security

Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary code via unauthorized firmware modification during BIOS Recovery.

Affected Software

Name	Vendor	Start Version	End Version
Nuc7i7bnh_firmware	Intel	ayaplcel.86a.0041 (including)	ayaplcel.86a.0041 (including)
Nuc7i7bnh_firmware	Intel	bnkbl357.86a.0052 (including)	bnkbl357.86a.0052 (including)
Nuc7i7bnh_firmware	Intel	ccsklm5v.86a.0052 (including)	ccsklm5v.86a.0052 (including)
Nuc7i7bnh_firmware	Intel	ccsklm30.86a.0052 (including)	ccsklm30.86a.0052 (including)
Nuc7i7bnh_firmware	Intel	dnkbli5v.86a.0026 (including)	dnkbli5v.86a.0026 (including)
Nuc7i7bnh_firmware	Intel	dnkbli30.86a.0026 (including)	dnkbli30.86a.0026 (including)
Nuc7i7bnh_firmware	Intel	kyskli70.86a.0050 (including)	kyskli70.86a.0050 (including)
Nuc7i7bnh_firmware	Intel	rybdwi35.86a.0366 (including)	rybdwi35.86a.0366 (including)
Nuc7i7bnh_firmware	Intel	syskli35.86a.0062 (including)	syskli35.86a.0062 (including)
Nuc7i7bnh_firmware	Intel	tybyt20h.86a.0015 (including)	tybyt20h.86a.0015 (including)

References

http://www.securityfocus.com/bid/101257
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084\u0026languageid=en-fr

NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-5701
CWE	https://cwe.mitre.org/data/definitions/.html