Lucene search

[email protected]CVE-2022-36372

HistoryAug 11, 2023 - 3:15 a.m.

CVE-2022-36372

2023-08-1103:15:13

CWE-119

CWE-92

[email protected]

web.nvd.nist.gov

cve-2022-36372

intel

nuc

bios

firmware

privilege escalation

local access

security vulnerability

7.5 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

9.1%

JSON

Improper buffer restrictions in some Intel® NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Affected configurations

NVD

Node

intelnuc_8_compute_element_cm8i3cb4n_firmwareMatch-

AND

intelnuc_8_compute_element_cm8i3cb4nMatch-

Node

intelnuc_8_compute_element_cm8i5cb8n_firmwareMatch-

AND

intelnuc_8_compute_element_cm8i5cb8nMatch-

Node

intelnuc_8_compute_element_cm8i7cb8n_firmwareMatch-

AND

intelnuc_8_compute_element_cm8i7cb8nMatch-

Node

intelnuc_8_compute_element_cm8ccb4r_firmwareMatch-

AND

intelnuc_8_compute_element_cm8ccb4rMatch-

Node

intelnuc_8_compute_element_cm8pcb4r_firmwareMatch-

AND

intelnuc_8_compute_element_cm8pcb4rMatch-

Node

intelnuc_pro_kit_nuc8i3pnb_firmwareMatch-

AND

intelnuc_pro_kit_nuc8i3pnbMatch-

Node

intelnuc_pro_kit_nuc8i3pnh_firmwareMatch-

AND

intelnuc_pro_kit_nuc8i3pnhMatch-

Node

intelnuc_pro_kit_nuc8i3pnk_firmwareMatch-

AND

intelnuc_pro_kit_nuc8i3pnkMatch-

Node

intelnuc_pro_board_nuc8i3pnb_firmwareMatch-

AND

intelnuc_pro_board_nuc8i3pnbMatch-

Node

intelnuc_pro_board_nuc8i3pnh_firmwareMatch-

AND

intelnuc_pro_board_nuc8i3pnhMatch-

Node

intelnuc_pro_board_nuc8i3pnk_firmwareMatch-

AND

intelnuc_pro_board_nuc8i3pnkMatch-

Node

intelnuc_rugged_kit_nuc8cchb_firmwareMatch-

AND

intelnuc_rugged_kit_nuc8cchbMatch-

Node

intelnuc_rugged_kit_nuc8cchbn_firmwareMatch-

AND

intelnuc_rugged_kit_nuc8cchbnMatch-

Node

intelnuc_rugged_kit_nuc8cchkrn_firmwareMatch-

AND

intelnuc_rugged_kit_nuc8cchkrnMatch-

Node

intelnuc_rugged_kit_nuc8cchkr_firmwareMatch-

AND

intelnuc_rugged_kit_nuc8cchkrMatch-

Node

intelnuc_pro_compute_element_nuc9v7qnb_firmwareMatch-

AND

intelnuc_pro_compute_element_nuc9v7qnbMatch-

Node

intelnuc_pro_compute_element_nuc9v7qnx_firmwareMatch-

AND

intelnuc_pro_compute_element_nuc9v7qnxMatch-

Node

intelnuc_pro_compute_element_nuc9vxqnb_firmwareMatch-

AND

intelnuc_pro_compute_element_nuc9vxqnbMatch-

Node

intelnuc_pro_compute_element_nuc9vxqnx_firmwareMatch-

AND

intelnuc_pro_compute_element_nuc9vxqnxMatch-

Node

intelnuc_business_nuc8i7hnkqc_firmwareMatch-

AND

intelnuc_business_nuc8i7hnkqcMatch-

Node

intelnuc_business_nuc8i7hvkva_firmwareMatch-

AND

intelnuc_business_nuc8i7hvkvaMatch-

Node

intelnuc_business_nuc8i7hvkvaw_firmwareMatch-

AND

intelnuc_business_nuc8i7hvkvawMatch-

Node

intelnuc_business_nuc8i7hvk_firmwareMatch-

AND

intelnuc_business_nuc8i7hvkMatch-

Node

intelnuc_business_nuc8i7hnk_firmwareMatch-

AND

intelnuc_business_nuc8i7hnkMatch-

Node

intelnuc_enthusiast_nuc8i7hnkqc_firmwareMatch-

AND

intelnuc_enthusiast_nuc8i7hnkqcMatch-

Node

intelnuc_enthusiast_nuc8i7hvkva_firmwareMatch-

AND

intelnuc_enthusiast_nuc8i7hvkvaMatch-

Node

intelnuc_enthusiast_nuc8i7hvkvaw_firmwareMatch-

AND

intelnuc_enthusiast_nuc8i7hvkvawMatch-

Node

intelnuc_enthusiast_nuc8i7hvk_firmwareMatch-

AND

intelnuc_enthusiast_nuc8i7hvkMatch-

Node

intelnuc_enthusiast_nuc8i7hnk_firmwareMatch-

AND

intelnuc_enthusiast_nuc8i7hnkMatch-

Node

intelnuc_kit_nuc8i7hnkqc_firmwareMatch-

AND

intelnuc_kit_nuc8i7hnkqcMatch-

Node

intelnuc_kit_nuc8i7hvkva_firmwareMatch-

AND

intelnuc_kit_nuc8i7hvkvaMatch-

Node

intelnuc_kit_nuc8i7hvkvaw_firmwareMatch-

AND

intelnuc_kit_nuc8i7hvkvawMatch-

Node

intelnuc_kit_nuc8i7hvk_firmwareMatch-

AND

intelnuc_kit_nuc8i7hvkMatch-

Node

intelnuc_kit_nuc8i7hnk_firmwareMatch-

AND

intelnuc_kit_nuc8i7hnkMatch-

CPENameOperatorVersion
intel:nuc_8_compute_element_cm8i3cb4n_firmwareintel nuc 8 compute element cm8i3cb4n firmwareeq-

CPE	Name	Operator	Version
intel:nuc_8_compute_element_cm8i3cb4n_firmware	intel nuc 8 compute element cm8i3cb4n firmware	eq	-

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) NUC BIOS firmware",
    "versions": [
      {
        "version": "See references",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]