Login Sign Up

CVE-2020-24525

7.8 HIGH

📋 TL;DR

This vulnerability in Intel NUC firmware update tools allows authenticated local users to escalate privileges due to insecure inherited permissions. Attackers could gain elevated system access by exploiting improper permission inheritance during firmware update operations. Affected users are those running vulnerable Intel NUC systems with the firmware update tool installed.

💻 Affected Systems

Products:
  • Intel NUC (Next Unit of Computing) systems with vulnerable firmware update tools
Versions: Specific firmware versions as listed in Intel advisory SA-00414
Operating Systems: Windows, Linux (where firmware update tools are installed)
Default Config Vulnerable: ⚠️ Yes
Notes: Requires local authenticated access and the vulnerable firmware update tool to be present. Not all NUC models are affected - check Intel advisory for specific models.

📦 What is this software?

Nuc 8 Mainstream G Kit Nuc8i5inh Firmware by Intel

View all CVEs affecting Nuc 8 Mainstream G Kit Nuc8i5inh Firmware →

Nuc 8 Mainstream G Kit Nuc8i7inh Firmware by Intel

View all CVEs affecting Nuc 8 Mainstream G Kit Nuc8i7inh Firmware →

Nuc 8 Mainstream G Mini Pc Nuc8i5inh Firmware by Intel

View all CVEs affecting Nuc 8 Mainstream G Mini Pc Nuc8i5inh Firmware →

Nuc 8 Mainstream G Mini Pc Nuc8i7inh Firmware by Intel

View all CVEs affecting Nuc 8 Mainstream G Mini Pc Nuc8i7inh Firmware →

Nuc 8 Pro Board Nuc8i3pnb Firmware by Intel

View all CVEs affecting Nuc 8 Pro Board Nuc8i3pnb Firmware →

Nuc 8 Pro Kit Nuc8i3pnh Firmware by Intel

View all CVEs affecting Nuc 8 Pro Kit Nuc8i3pnh Firmware →

Nuc 8 Pro Kit Nuc8i3pnk Firmware by Intel

View all CVEs affecting Nuc 8 Pro Kit Nuc8i3pnk Firmware →

Nuc 8 Pro Mini Pc Nuc8i3pnk Firmware by Intel

View all CVEs affecting Nuc 8 Pro Mini Pc Nuc8i3pnk Firmware →

Nuc 8 Rugged Kit Nuc8cchkr Firmware by Intel

View all CVEs affecting Nuc 8 Rugged Kit Nuc8cchkr Firmware →

Nuc 9 Pro Kit Nuc9v7qnx Firmware by Intel

View all CVEs affecting Nuc 9 Pro Kit Nuc9v7qnx Firmware →

Nuc 9 Pro Kit Nuc9vxqnx Firmware by Intel

View all CVEs affecting Nuc 9 Pro Kit Nuc9vxqnx Firmware →

Nuc Board H27002 400 Firmware by Intel

View all CVEs affecting Nuc Board H27002 400 Firmware →

Nuc Board H27002 401 Firmware by Intel

View all CVEs affecting Nuc Board H27002 401 Firmware →

Nuc Board H27002 402 Firmware by Intel

View all CVEs affecting Nuc Board H27002 402 Firmware →

Nuc Board H27002 404 Firmware by Intel

View all CVEs affecting Nuc Board H27002 404 Firmware →

Nuc Board H27002 500 Firmware by Intel

View all CVEs affecting Nuc Board H27002 500 Firmware →

Nuc Board Nuc8cchb Firmware by Intel

View all CVEs affecting Nuc Board Nuc8cchb Firmware →

Nuc Kit H26998 401 Firmware by Intel

View all CVEs affecting Nuc Kit H26998 401 Firmware →

Nuc Kit H26998 402 Firmware by Intel

View all CVEs affecting Nuc Kit H26998 402 Firmware →

Nuc Kit H26998 403 Firmware by Intel

View all CVEs affecting Nuc Kit H26998 403 Firmware →

Nuc Kit H26998 404 Firmware by Intel

View all CVEs affecting Nuc Kit H26998 404 Firmware →

Nuc Kit H26998 405 Firmware by Intel

View all CVEs affecting Nuc Kit H26998 405 Firmware →

Nuc Kit H26998 500 Firmware by Intel

View all CVEs affecting Nuc Kit H26998 500 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with administrative/root privileges, allowing complete control over the affected system, installation of persistent malware, and lateral movement within the network.

🟠

Likely Case

Local privilege escalation to SYSTEM/root level, enabling installation of additional malware, credential theft, and bypassing security controls on the compromised host.

🟢

If Mitigated

Limited impact with proper access controls, user privilege separation, and network segmentation preventing lateral movement.

🌐 Internet-Facing: LOW - This vulnerability requires local authenticated access and cannot be exploited remotely over the internet.
🏢 Internal Only: HIGH - Significant risk in internal environments where authenticated users could exploit this to gain administrative privileges on their workstations or shared systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated local access. The vulnerability involves permission inheritance issues that could be exploited through standard file manipulation techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware updates as specified in Intel advisory SA-00414

Vendor Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414

Restart Required: Yes

Instructions:

1. Visit Intel's security advisory SA-00414. 2. Identify your specific NUC model. 3. Download the appropriate firmware update from Intel's support site. 4. Run the firmware update tool following Intel's instructions. 5. Reboot the system as required.

🔧 Temporary Workarounds

Remove vulnerable firmware update tool

all

Uninstall the vulnerable firmware update tool if not needed for regular operations

Windows: Use 'Add or remove programs' to uninstall Intel firmware update tools
Linux: Use package manager to remove intel-firmware-update packages

Restrict local user permissions

all

Implement least privilege principles to limit what authenticated users can do

Windows: Use Group Policy to restrict standard user permissions
Linux: Configure sudoers file to limit privilege escalation

🧯 If You Can't Patch

  • Implement strict access controls and limit local user privileges
  • Segment affected systems from critical network resources and monitor for suspicious activity

🔍 How to Verify

Check if Vulnerable:

Check Intel advisory SA-00414 for affected NUC models and firmware versions. On Windows, check installed programs for Intel firmware update tools. On Linux, check package manager for intel-firmware-update packages.

Check Version:

Windows: Check BIOS/UEFI version in System Information (msinfo32). Linux: Check dmesg or /sys/class/dmi/id/bios_version

Verify Fix Applied:

Verify firmware version has been updated to patched version using Intel's system information tools or BIOS/UEFI settings. Confirm the firmware update tool version matches patched versions in advisory.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected privilege escalation events
  • Unauthorized access to firmware update directories
  • Suspicious process creation with elevated privileges

Network Indicators:

  • Unusual outbound connections from NUC systems post-exploitation
  • Lateral movement attempts from compromised NUC systems

SIEM Query:

EventID=4688 AND ProcessName LIKE '%firmware%' AND NewProcessName LIKE '%cmd%' OR EventID=4672 FROM NUC systems

📊 Metadata

CVE ID: CVE-2020-24525
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-732
Published: November 12, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-24525, you might also want to check these:

CVE-2021-33509 9.9

This vulnerability allows remote authenticated managers in Plone to perform arbitrary disk I/O opera...

Same vulnerability type (CWE-732)
CVE-2024-5618 9.9

This vulnerability allows attackers to access functionality they shouldn't have permission to use in...

Same vulnerability type (CWE-732)
CVE-2023-40622 9.9

This vulnerability in SAP BusinessObjects Business Intelligence Platform allows authenticated attack...

Same vulnerability type (CWE-732)