CVE-2020-24525 – Insecure inherited permissions in firmware update tool for some Intel(R)

Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.

 

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24525

Reference (s):

• FULLDISC:20201116 Intel NUC – Local Privilege Escalation Vulnerability
• URL: http://seclists.org/fulldisclosure/2020/Nov/26
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414
• URL: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00414