Lucene search
HistoryNov 11, 2022 - 4:15 p.m.
CVE-2021-33164
bios firmware
intel nucs
access control
cve-2021-33164
privilege escalation
8.2 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
12.7%
Improper access control in BIOS firmware for some Intelยฎ NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access.
Affected configurations
Node
intelnuc_8_mainstream-g_kit_nuc8i7inh_firmwareRange<inwhl357.0046
intelnuc_8_mainstream-g_kit_nuc8i7inhMatch-
Node
intelnuc_8_mainstream-g_mini_pc_nuc8i7inh_firmwareRange<inwhl357.0046
intelnuc_8_mainstream-g_mini_pc_nuc8i7inhMatch-
Node
intelnuc_8_mainstream-g_kit_nuc8i5inh_firmwareRange<inwhl357.0046
intelnuc_8_mainstream-g_kit_nuc8i5inhMatch-
Node
intelnuc_8_mainstream-g_mini_pc_nuc8i5inh_firmwareRange<inwhl357.0046
intelnuc_8_mainstream-g_mini_pc_nuc8i5inhMatch-
CNA Affected
[
{
"vendor": "n/a",
"product": "Intel(R) NUCs",
"versions": [
{
"version": "before version INWHL357.0046",
"status": "affected"
}
],
"defaultStatus": "unaffected"
}
]Social References
More
Related
prion
prion
Improper access control
2022-11-11 16:15:00
cert
cert
Multiple race conditions due to TOCTOU flaws in various UEFI Implementations
2022-11-08 00:00:00
cvelist
cvelist
CVE-2021-33164
2022-11-11 15:48:49
nvd
nvd
CVE-2021-33164
2022-11-11 16:15:11
f5
f5
K51494034 : Intel NUC BIOS firmware vulnerability CVE-2021-33164
2022-11-16 00:00:00
intel
intel
Intelยฎ NUC Firmware Advisory
2023-02-16 00:00:00
8.2 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
12.7%
Related for CVE-2021-33164