Lucene search

K
cve[email protected]CVE-2022-33176
HistoryNov 11, 2022 - 4:15 p.m.

CVE-2022-33176

2022-11-1116:15:15
CWE-20
web.nvd.nist.gov
24
4
cve-2022-33176
bios firmware
intel nuc
input validation
escalation of privilege
nvd

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.6%

Improper input validation in BIOS firmware for some Intelยฎ NUC 11 Performance kits and Intelยฎ NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local access.

Affected configurations

NVD
Node
intelnuc_11_performance_kit_nuc11pahi30z_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11pahi30zMatch-
Node
intelnuc_11_performance_kit_nuc11pahi50z_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11pahi50zMatch-
Node
intelnuc_11_performance_kit_nuc11pahi70z_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11pahi70zMatch-
Node
intelnuc_11_performance_kit_nuc11pahi3_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11pahi3Match-
Node
intelnuc_11_performance_kit_nuc11pahi5_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11pahi5Match-
Node
intelnuc_11_performance_kit_nuc11pahi7_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11pahi7Match-
Node
intelnuc_11_performance_kit_nuc11paki3_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11paki3Match-
Node
intelnuc_11_performance_kit_nuc11paki5_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11paki5Match-
Node
intelnuc_11_performance_kit_nuc11paki7_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11paki7Match-
Node
intelnuc_11_performance_mini_pc_nuc11paqi50wa_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_mini_pc_nuc11paqi50waMatch-
Node
intelnuc_11_performance_mini_pc_nuc11paqi70qa_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_mini_pc_nuc11paqi70qaMatch-

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs",
    "versions": [
      {
        "version": "before version PATGL357.0042",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Social References

More

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.6%

Related for CVE-2022-33176