Intel released new firmware updates for its NUC (Next Unit of Computing) mini PC product line addressing several high-severity security vulnerabilities. The patches were released via Intel's security advisory INTEL-SA-00241 and cover multiple NUC generations.
The Vulnerabilities
The most significant vulnerability, CVE-2019-11140, is a potential security issue in the NUC system firmware that could allow an attacker with local access to the machine to escalate privileges, cause a denial of service condition, or potentially disclose sensitive information. The CVSS score for this vulnerability was rated as high severity.
Additional vulnerabilities addressed in the same update include issues affecting Intel Compute Sticks and other compact computing form factors in the Intel NUC family.
Affected Products
The vulnerabilities affect a wide range of Intel NUC kit generations. Intel recommends that all NUC owners update to the latest BIOS firmware version for their specific model. The firmware updates are available through Intel's Download Center and through the BIOS update utility built into affected systems.
How to Update Your Intel NUC
Intel recommends using their Express BIOS Update utility for the simplest update path:
- Visit the Intel Download Center and locate the firmware for your NUC model
- Download the Express BIOS Update (.exe for Windows or .bio for other methods)
- Run the update utility and follow the on-screen instructions
- Your NUC will restart automatically to apply the firmware update
Intel NUCs are popular compact desktop computers used in both home and business environments. If your business uses Intel NUCs and you're not sure whether your firmware is up to date, contact Landshark IT — we handle patch management as part of our managed services plans and can audit and update your NUC fleet.