CVE-2016-8103
medium
CVSS v3
6.7
CVSS v4 NEW
โ
VIR risk
6.7
Description
SMM call out in all Intel Branded NUC Kits allows a local privileged user to access the System Management Mode and take full control of the platform.
Predictions
Exploit likelihood
66%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| intel | city_bios | {"endIncluding":"ccsklm5v.86a"} | |
| intel | stk2m3w64cc | - | |
| intel | canyon_bios | {"endIncluding":"kyskli70.86a"} | |
| intel | nuc6i7kyb | - | |
| intel | canyon_bios | {"endIncluding":"pybwcel.86a"} | |
| intel | nuc5cpyh | - | |
| intel | nuc5pgyh | - | |
| intel | nuc5ppyh | - | |
| intel | city_bios | ccsklm30.86a | |
| intel | stk2mv64cc | - | |
| intel | canyon_bios | {"endIncluding":"fybyt10h.86a"} | |
| intel | dn2820fyb | - | |
| intel | city_bios | {"endIncluding":"ccsklm30.86a"} | |
| intel | swift_canyon_bios | {"endIncluding":"syskli35.86a"} | |
| intel | nuc6i3syb | - | |
| intel | nuc6i5syb | - | |
| intel | citry_bios | {"endIncluding":"scchtax5.86a"} | |
| intel | stk1aw32sc | - | |
| intel | canyon_bios | {"endIncluding":"mybdwi5v.86a"} | |
| intel | nuc5i3mybe | - | |
| intel | canyon_bios | {"endIncluding":"mybdwi30.86a"} | |
| intel | city_bios | {"endIncluding":"scchtax5.86a"} | |
| intel | stk1a32sc | - | |
| intel | canyon_bios | {"endIncluding":"rybdwi35.86a"} | |
| intel | nuc5i3ryb | - | |
| intel | nuc5i5ryb | - | |
| intel | nuc5i7rykh | - | |
References
CWEs
CWE-264
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.