CVE-2020-8742

Improper input validation in the firmware for Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.

Published: Aug 13, 2020
Updated: Nov 16, 2025
CVE: CVE-2020-8742
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.7
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
intel / nuc8i7behga_firmware	-	becfl357.86a
intel / nuc8i7bekqa_firmware	-	becfl357.86a
intel / nuc8i3behfa_firmware	-	becfl357.86a
intel / nuc8i5behfa_firmware	-	becfl357.86a
intel / nuc8i5bekpa_firmware	-	becfl357.86a
intel / nuc8i3beh_firmware	-	becfl357.86a
intel / nuc8i3behs_firmware	-	becfl357.86a
intel / nuc8i3bek_firmware	-	becfl357.86a
intel / nuc8i5beh_firmware	-	becfl357.86a
intel / nuc8i5behs_firmware	-	becfl357.86a
intel / nuc8i5bek_firmware	-	becfl357.86a
intel / nuc8i7beh_firmware	-	becfl357.86a
intel / nuc8i7bek_firmware	-	becfl357.86a
intel / cd1c32gk_firmware	-	gkaplcpx.86a
intel / cd1c64gk_firmware	-	gkaplcpx.86a
intel / cd1p64gk_firmware	-	gkaplcpx.86a
intel / nuc8i7hnkqc_firmware	-	hnkbli70.86a
intel / nuc8i7hvkva_firmware	-	hnkbli70.86a
intel / nuc8i7hvkvaw_firmware	-	hnkbli70.86a
intel / nuc8i7hnk_firmware	-	hnkbli70.86a
intel / nuc8i7hvk_firmware	-	hnkbli70.86a
intel / nuc7i7dnbe_firmware	-	dnkbli7v.86a
intel / nuc7i7dnhe_firmware	-	dnkbli7v.86a
intel / nuc7i7dnke_firmware	-	dnkbli7v.86a
intel / nuc7i5dnkpc_firmware	-	dnkbli5v.86a
intel / nuc7i5dnbe_firmware	-	dnkbli5v.86a
intel / nuc7i5dnhe_firmware	-	dnkbli5v.86a
intel / nuc7i5dnke_firmware	-	dnkbli5v.86a
intel / nuc7i3dnhnc_firmware	-	dnkbli30.86a
intel / nuc7i3dnktc_firmware	-	dnkbli30.86a
intel / nuc7i3dnbe_firmware	-	dnkbli30.86a
intel / nuc7i3dnhe_firmware	-	dnkbli30.86a
intel / nuc7i3dnke_firmware	-	dnkbli30.86a
intel / stk2mv64cc_firmware	-	ccsklm5v.86a
intel / nuc6i7kyk_firmware	-	kyskli70.86a
intel / nuc7cjysal_firmware	-	jyglkcpx.86a
intel / nuc7cjyh_firmware	-	jyglkcpx.86a
intel / nuc7pjyh_firmware	-	jyglkcpx.86a
intel / nuc7i7bnhxg_firmware	-	bnkbl357.86a
intel / nuc7i7bnkq_firmware	-	bnkbl357.86a
intel / nuc7i3bnhxf_firmware	-	bnkbl357.86a
intel / nuc7i5bnhxf_firmware	-	bnkbl357.86a
intel / nuc7i5bnkp_firmware	-	bnkbl357.86a
intel / nuc7i3bnb_firmware	-	bnkbl357.86a
intel / nuc7i5bnb_firmware	-	bnkbl357.86a
intel / nuc7i7bnb_firmware	-	bnkbl357.86a
intel / nuc7i3bnh_firmware	-	bnkbl357.86a
intel / nuc7i3bnhx1_firmware	-	bnkbl357.86a
intel / nuc7i3bnk_firmware	-	bnkbl357.86a
intel / nuc7i5bnh_firmware	-	bnkbl357.86a
intel / nuc7i5bnhx1_firmware	-	bnkbl357.86a
intel / nuc7i5bnk_firmware	-	bnkbl357.86a
intel / nuc7i7bnh_firmware	-	bnkbl357.86a
intel / nuc7i7bnhx1_firmware	-	bnkbl357.86a
intel / nuc6cayh_firmware	-	ayaplcel.86a
intel / nuc6cays_firmware	-	ayaplcel.86a
intel / de3815tybe_firmware	-	tybyt20h.86a
intel / de3815tykhe_firmware	-	tybyt20h.86a
intel / de3815tybe_firmware	-	tybyt10h.86a
intel / de3815tykhe_firmware	-	tybyt10h.86a
intel / nuc5cpyh_firmware	-	pybswcel.86a
intel / nuc5pgyh_firmware	-	pybswcel.86a
intel / nuc5ppyh_firmware	-	pybswcel.86a
intel / nuc5i3ryh_firmware	-	pybswcel.86a
intel / nuc5i3ryhs_firmware	-	pybswcel.86a
intel / nuc5i3ryhsn_firmware	-	pybswcel.86a
intel / nuc5i3ryk_firmware	-	pybswcel.86a
intel / nuc5i5ryh_firmware	-	pybswcel.86a
intel / nuc5i5ryhs_firmware	-	pybswcel.86a
intel / nuc5i5ryk_firmware	-	pybswcel.86a
intel / nuc5i7ryh_firmware	-	pybswcel.86a
intel / nuc5i5mybe_firmware	-	mybdwi5v.86a
intel / nuc5i5myhe_firmware	-	mybdwi5v.86a
intel / nuc5i3mybe_firmware	-	mybdwi5v.86a
intel / nuc5i3myhe_firmware	-	mybdwi5v.86a

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00392.html

Vulnerability Database

308,681

CVE-2020-8742

Deep Security Visibility Without the Complexity