Intel® NUC BIOS SW SMI Call-Out

Intel ID: INTEL-SA-00110
Product family: Intel® NUC Kits
Impact of vulnerability: Elevation of Privilege
Severity rating: Important
Original release: Apr 17, 2018
Last revised: Apr 17, 2018
Summary:

This update will improve the security of system firmware for the below listed Intel NUC models.

Description:

Intel has identified a potential vulnerability in Intel NUC kits with insufficient input validation in system firmware that potentially allows a local attacker to elevate privileges to System Management Mode (SMM).

Affected products:

Affected Platform
BIOS ID
Mitigated BIOS
Downloadcenter.intel.com link to BIOS
Kaby Lake Y i3
MKKBLY35.86A
MK0047
Kaby Lake Y i5 VPro
MKKBLi5v.86A
MKV0024
Apollo Lake
GKAPLCPX.86A
GK0041
Kaby Lake R i7
DNKBLi7v.86A
DN0039
Kaby Lake U i5 VPro
DNKBLi5v.86A
DN0039
Kaby Lake U i3
DNKBLi30.86A
DN0039
Kaby Lake Ui3, i5, i7
BNKBL357.86A
BN0062
Apollo Lake
AYAPLCEL.86A
AY0047
Skylake U i5
SYSKLi35.86A
SY0065
Skylake H i7
KYSKLi70.86A
KY0051
Broadwell U i3, i5, i7
RYBDWi35.86A
RY0369
Broadwell U i5 VPro
MYBDWi5v.86A
MYi50044
Broadwell U i3
MYBDWi30.86A
MYi30048
BayTrail-I
TYBYT10H.86A
TY0063
BayTrail-MD
FYBYT10H.86A
FY0063
Skylake Y i5 VPro
CCSKLm5v.86A
CCV0054
Skylake Y i3
CCSKLm30.86A
CC0054

Recommendations:

Intel highly recommends that users update to the latest firmware version (see table above).

Acknowledgements:

Intel would like to thank Embedi for reporting this issue and working with us on coordinated disclosure.

Revision history:

Revision Date Description
1.0 17-April-2018 Initial Release

CVE Name: CVE-2018-3612


Source: Intel Product Security Center