How severe is CVE-2017-3718?

Medium severity. CVSS v3 base score is 6.2 out of 10.

Vulnerability in Intel Compute_card_cd1iv128mk

CVE-2017-3718

Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access.

EPSS: 0.003 (23.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.2 (Medium). Vector: CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Intel Compute_card_cd1iv128mk
Intel Compute_card_cd1m3128mk
Intel Compute_card_cd1p64gk
Intel Compute_card_firmware
Intel Compute_stick_firmware
Intel Compute_stick_stck1a32wfc
Intel Compute_stick_stk1aw32sc
Intel Compute_stick_stk2m3w64cc
Intel Compute_stick_stk2mv64cc
Intel Nuc_kit_d33217gke

References

secalert_us@oracle.com (x_refsource_CONFIRM, Patch, Vendor Advisory)

Frequently asked questions

What is CVE-2017-3718?: CVE-2017-3718 is a medium-severity vulnerability in Intel Compute_card_cd1iv128mk. CVSS score: 6.2/10. Published 2019-01-10.
How severe is CVE-2017-3718?: Medium severity. CVSS v3 base score is 6.2 out of 10.