Lucene search
HistoryNov 14, 2023 - 7:15 p.m.
CVE-2023-28377
intel
nuc11ph
usb
firmware
authentication
vulnerability
privilege escalation
windows
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Improper authentication in some Intelยฎ NUC Kit NUC11PH USB firmware installation software before version 1.1 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.
Affected configurations
Node
intelnuc_11_enthusiast_kit_nuc11phki7cMatch-
ORintelnuc_11_enthusiast_mini_pc_nuc11phki7caaMatch-
intelusb_firmwareRange<1.1windows
| Vendor | Product | Version | CPE |
|---|---|---|---|
| intel | nuc_11_enthusiast_kit_nuc11phki7c | - | cpe:2.3:h:intel:nuc_11_enthusiast_kit_nuc11phki7c:-:*:*:*:*:*:*:* |
| intel | nuc_11_enthusiast_mini_pc_nuc11phki7caa | - | cpe:2.3:h:intel:nuc_11_enthusiast_mini_pc_nuc11phki7caa:-:*:*:*:*:*:*:* |
| intel | usb_firmware | * | cpe:2.3:o:intel:usb_firmware:*:*:*:*:*:windows:*:* |
Related
prion
prion
Authentication flaw
2023-11-14 19:15:00
vulnrichment
vulnrichment
CVE-2023-28377
2023-11-14 19:04:48
cvelist
cvelist
CVE-2023-28377
2023-11-14 19:04:48
cve
cve
CVE-2023-28377
2023-11-14 19:15:21
intel
intel
Intelยฎ NUC Software Advisory
2023-11-14 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2023-28377