Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-33176
HistoryNov 11, 2022 - 4:15 p.m.

CVE-2022-33176

2022-11-1116:15:15
CWE-20
[email protected]
web.nvd.nist.gov
25
4
cve-2022-33176
bios firmware
intel nuc
input validation
escalation of privilege
nvd

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.7%

JSON

Improper input validation in BIOS firmware for some Intelยฎ NUC 11 Performance kits and Intelยฎ NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local access.

Affected configurations

NVD
Node
intelnuc_11_performance_kit_nuc11pahi30z_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11pahi30zMatch-
Node
intelnuc_11_performance_kit_nuc11pahi50z_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11pahi50zMatch-
Node
intelnuc_11_performance_kit_nuc11pahi70z_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11pahi70zMatch-
Node
intelnuc_11_performance_kit_nuc11pahi3_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11pahi3Match-
Node
intelnuc_11_performance_kit_nuc11pahi5_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11pahi5Match-
Node
intelnuc_11_performance_kit_nuc11pahi7_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11pahi7Match-
Node
intelnuc_11_performance_kit_nuc11paki3_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11paki3Match-
Node
intelnuc_11_performance_kit_nuc11paki5_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11paki5Match-
Node
intelnuc_11_performance_kit_nuc11paki7_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_kit_nuc11paki7Match-
Node
intelnuc_11_performance_mini_pc_nuc11paqi50wa_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_mini_pc_nuc11paqi50waMatch-
Node
intelnuc_11_performance_mini_pc_nuc11paqi70qa_firmwareRange<patgl357.0042
AND
intelnuc_11_performance_mini_pc_nuc11paqi70qaMatch-

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs",
    "versions": [
      {
        "version": "before version PATGL357.0042",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Social References

More

Related

nvd 1
cvelist 1
prion 1
intel 1
nvd
nvd
CVE-2022-33176
2022-11-11 16:15:15
cvelist
cvelist
CVE-2022-33176
2022-11-11 15:48:49
prion
prion
Input validation
2022-11-11 16:15:00
intel
intel
Intelยฎ NUC Firmware Advisory
2023-02-16 00:00:00

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.7%

JSON
Related for CVE-2022-33176
nvd1cvelist1prion1intel1