Search criteria
22 vulnerabilities found for nuc_11_pro_kit_nuc11tnhi30p_firmware by intel
CVE-2023-40540 (GCVE-0-2023-40540)
Vulnerability from nvd – Published: 2023-11-14 19:05 – Updated: 2024-08-30 15:16
VLAI?
Summary
Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.
Severity ?
4.1 (Medium)
CWE
- information disclosure
- CWE-1303 - Non-Transparent Sharing of Microarchitectural Resources
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC BIOS firmware |
Affected:
some Intel(R) NUC BIOS firmware
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:50.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40540",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T15:15:56.197787Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T15:16:20.978Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC BIOS firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "some Intel(R) NUC BIOS firmware"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-1303",
"description": "Non-Transparent Sharing of Microarchitectural Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T19:05:06.268Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-40540",
"datePublished": "2023-11-14T19:05:06.268Z",
"dateReserved": "2023-08-23T03:00:02.616Z",
"dateUpdated": "2024-08-30T15:16:20.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29494 (GCVE-0-2023-29494)
Vulnerability from nvd – Published: 2023-08-11 02:37 – Updated: 2024-10-18 18:14
VLAI?
Summary
Improper input validation in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
7.5 (High)
CWE
- escalation of privilege
- CWE-20 - Improper input validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:07:46.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:bios_firmware:intel_r_nucs:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "intel_r_nucs",
"vendor": "bios_firmware",
"versions": [
{
"status": "unknown",
"version": "0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29494",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T18:01:42.330891Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T18:14:51.786Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-11T02:37:19.124Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-29494",
"datePublished": "2023-08-11T02:37:19.124Z",
"dateReserved": "2023-05-05T03:00:03.707Z",
"dateUpdated": "2024-10-18T18:14:51.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27887 (GCVE-0-2023-27887)
Vulnerability from nvd – Published: 2023-08-11 02:37 – Updated: 2024-10-02 13:28
VLAI?
Summary
Improper initialization in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable information disclosure via local access.
Severity ?
6.1 (Medium)
CWE
- information disclosure
- CWE-665 - Improper initialization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:29.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27887",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T13:12:12.358213Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T13:28:01.306Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper initialization in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-665",
"description": "Improper initialization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-11T02:37:19.659Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-27887",
"datePublished": "2023-08-11T02:37:19.659Z",
"dateReserved": "2023-05-05T03:00:03.797Z",
"dateUpdated": "2024-10-02T13:28:01.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22444 (GCVE-0-2023-22444)
Vulnerability from nvd – Published: 2023-08-11 02:37 – Updated: 2024-10-01 20:52
VLAI?
Summary
Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.
Severity ?
6 (Medium)
CWE
- information disclosure
- CWE-665 - Improper initialization
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22444",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T20:52:40.000061Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T20:52:50.781Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-665",
"description": "Improper initialization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-11T02:37:30.199Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22444",
"datePublished": "2023-08-11T02:37:30.199Z",
"dateReserved": "2023-02-17T04:00:04.804Z",
"dateUpdated": "2024-10-01T20:52:50.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-32582 (GCVE-0-2022-32582)
Vulnerability from nvd – Published: 2023-05-10 13:16 – Updated: 2025-01-27 18:08
VLAI?
Summary
Improper access control in firmware for some Intel(R) NUC Boards, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Pro Compute Element may allow a privileged user to potentially enable denial of service via local access.
Severity ?
5.3 (Medium)
CWE
- denial of service
- CWE-284 - Improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC Boards, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Pro Compute Element |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-32582",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:27:01.865840Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:08:35.083Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC Boards, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Pro Compute Element",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in firmware for some Intel(R) NUC Boards, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Pro Compute Element may allow a privileged user to potentially enable denial of service via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en"
},
{
"cweId": "CWE-284",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:16:48.845Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-32582",
"datePublished": "2023-05-10T13:16:48.845Z",
"dateReserved": "2022-06-19T03:00:05.167Z",
"dateUpdated": "2025-01-27T18:08:35.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24382 (GCVE-0-2022-24382)
Vulnerability from nvd – Published: 2022-05-12 16:35 – Updated: 2025-05-05 16:24
VLAI?
Summary
Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:07:02.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-24382",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:30:38.255932Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:24:12.155Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-12T16:35:51.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-24382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUCs",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-24382",
"datePublished": "2022-05-12T16:35:51.000Z",
"dateReserved": "2022-02-03T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:24:12.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24297 (GCVE-0-2022-24297)
Vulnerability from nvd – Published: 2022-05-12 16:35 – Updated: 2025-05-05 16:24
VLAI?
Summary
Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:07:02.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-24297",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:30:37.000426Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:24:31.198Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-12T16:35:52.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-24297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUCs",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-24297",
"datePublished": "2022-05-12T16:35:52.000Z",
"dateReserved": "2022-02-03T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:24:31.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21237 (GCVE-0-2022-21237)
Vulnerability from nvd – Published: 2022-05-12 16:35 – Updated: 2025-05-05 16:34
VLAI?
Summary
Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:59.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-21237",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:30:35.450578Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:34:30.936Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-12T16:35:53.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-21237",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUCs",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-21237",
"datePublished": "2022-05-12T16:35:53.000Z",
"dateReserved": "2021-11-30T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:34:30.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33086 (GCVE-0-2021-33086)
Vulnerability from nvd – Published: 2021-11-17 18:59 – Updated: 2024-08-03 23:42
VLAI?
Summary
Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of service via local access.
Severity ?
No CVSS data available.
CWE
- denial of service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:42:19.995Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00567.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of service via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-17T18:59:09",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00567.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2021-33086",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUCs",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of service via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00567.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00567.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2021-33086",
"datePublished": "2021-11-17T18:59:09",
"dateReserved": "2021-05-18T00:00:00",
"dateUpdated": "2024-08-03T23:42:19.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-0067 (GCVE-0-2021-0067)
Vulnerability from nvd – Published: 2021-06-09 19:07 – Updated: 2024-08-03 15:25
VLAI?
Summary
Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
No CVSS data available.
CWE
- escalation of privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "\u0026nbsp;Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-09T19:07:34",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2021-0067",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUCs",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "\u0026nbsp;Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2021-0067",
"datePublished": "2021-06-09T19:07:34",
"dateReserved": "2020-10-22T00:00:00",
"dateUpdated": "2024-08-03T15:25:01.820Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-0054 (GCVE-0-2021-0054)
Vulnerability from nvd – Published: 2021-06-09 19:07 – Updated: 2024-08-03 15:25
VLAI?
Summary
Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
No CVSS data available.
CWE
- escalation of privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-09T19:07:39",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2021-0054",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUCs",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2021-0054",
"datePublished": "2021-06-09T19:07:39",
"dateReserved": "2020-10-22T00:00:00",
"dateUpdated": "2024-08-03T15:25:01.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40540 (GCVE-0-2023-40540)
Vulnerability from cvelistv5 – Published: 2023-11-14 19:05 – Updated: 2024-08-30 15:16
VLAI?
Summary
Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.
Severity ?
4.1 (Medium)
CWE
- information disclosure
- CWE-1303 - Non-Transparent Sharing of Microarchitectural Resources
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC BIOS firmware |
Affected:
some Intel(R) NUC BIOS firmware
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:50.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40540",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T15:15:56.197787Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T15:16:20.978Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC BIOS firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "some Intel(R) NUC BIOS firmware"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-1303",
"description": "Non-Transparent Sharing of Microarchitectural Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T19:05:06.268Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-40540",
"datePublished": "2023-11-14T19:05:06.268Z",
"dateReserved": "2023-08-23T03:00:02.616Z",
"dateUpdated": "2024-08-30T15:16:20.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22444 (GCVE-0-2023-22444)
Vulnerability from cvelistv5 – Published: 2023-08-11 02:37 – Updated: 2024-10-01 20:52
VLAI?
Summary
Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.
Severity ?
6 (Medium)
CWE
- information disclosure
- CWE-665 - Improper initialization
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22444",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T20:52:40.000061Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T20:52:50.781Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-665",
"description": "Improper initialization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-11T02:37:30.199Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22444",
"datePublished": "2023-08-11T02:37:30.199Z",
"dateReserved": "2023-02-17T04:00:04.804Z",
"dateUpdated": "2024-10-01T20:52:50.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27887 (GCVE-0-2023-27887)
Vulnerability from cvelistv5 – Published: 2023-08-11 02:37 – Updated: 2024-10-02 13:28
VLAI?
Summary
Improper initialization in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable information disclosure via local access.
Severity ?
6.1 (Medium)
CWE
- information disclosure
- CWE-665 - Improper initialization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:29.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27887",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T13:12:12.358213Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T13:28:01.306Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper initialization in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-665",
"description": "Improper initialization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-11T02:37:19.659Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-27887",
"datePublished": "2023-08-11T02:37:19.659Z",
"dateReserved": "2023-05-05T03:00:03.797Z",
"dateUpdated": "2024-10-02T13:28:01.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29494 (GCVE-0-2023-29494)
Vulnerability from cvelistv5 – Published: 2023-08-11 02:37 – Updated: 2024-10-18 18:14
VLAI?
Summary
Improper input validation in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
7.5 (High)
CWE
- escalation of privilege
- CWE-20 - Improper input validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:07:46.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:bios_firmware:intel_r_nucs:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "intel_r_nucs",
"vendor": "bios_firmware",
"versions": [
{
"status": "unknown",
"version": "0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29494",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T18:01:42.330891Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T18:14:51.786Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-11T02:37:19.124Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-29494",
"datePublished": "2023-08-11T02:37:19.124Z",
"dateReserved": "2023-05-05T03:00:03.707Z",
"dateUpdated": "2024-10-18T18:14:51.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-32582 (GCVE-0-2022-32582)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:16 – Updated: 2025-01-27 18:08
VLAI?
Summary
Improper access control in firmware for some Intel(R) NUC Boards, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Pro Compute Element may allow a privileged user to potentially enable denial of service via local access.
Severity ?
5.3 (Medium)
CWE
- denial of service
- CWE-284 - Improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC Boards, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Pro Compute Element |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-32582",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:27:01.865840Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:08:35.083Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC Boards, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Pro Compute Element",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in firmware for some Intel(R) NUC Boards, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Pro Compute Element may allow a privileged user to potentially enable denial of service via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en"
},
{
"cweId": "CWE-284",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:16:48.845Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-32582",
"datePublished": "2023-05-10T13:16:48.845Z",
"dateReserved": "2022-06-19T03:00:05.167Z",
"dateUpdated": "2025-01-27T18:08:35.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21237 (GCVE-0-2022-21237)
Vulnerability from cvelistv5 – Published: 2022-05-12 16:35 – Updated: 2025-05-05 16:34
VLAI?
Summary
Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:59.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-21237",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:30:35.450578Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:34:30.936Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-12T16:35:53.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-21237",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUCs",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-21237",
"datePublished": "2022-05-12T16:35:53.000Z",
"dateReserved": "2021-11-30T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:34:30.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24297 (GCVE-0-2022-24297)
Vulnerability from cvelistv5 – Published: 2022-05-12 16:35 – Updated: 2025-05-05 16:24
VLAI?
Summary
Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:07:02.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-24297",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:30:37.000426Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:24:31.198Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-12T16:35:52.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-24297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUCs",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-24297",
"datePublished": "2022-05-12T16:35:52.000Z",
"dateReserved": "2022-02-03T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:24:31.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24382 (GCVE-0-2022-24382)
Vulnerability from cvelistv5 – Published: 2022-05-12 16:35 – Updated: 2025-05-05 16:24
VLAI?
Summary
Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:07:02.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-24382",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:30:38.255932Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:24:12.155Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-12T16:35:51.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-24382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUCs",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00654.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-24382",
"datePublished": "2022-05-12T16:35:51.000Z",
"dateReserved": "2022-02-03T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:24:12.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33086 (GCVE-0-2021-33086)
Vulnerability from cvelistv5 – Published: 2021-11-17 18:59 – Updated: 2024-08-03 23:42
VLAI?
Summary
Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of service via local access.
Severity ?
No CVSS data available.
CWE
- denial of service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:42:19.995Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00567.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of service via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-17T18:59:09",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00567.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2021-33086",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUCs",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of service via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00567.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00567.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2021-33086",
"datePublished": "2021-11-17T18:59:09",
"dateReserved": "2021-05-18T00:00:00",
"dateUpdated": "2024-08-03T23:42:19.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-0054 (GCVE-0-2021-0054)
Vulnerability from cvelistv5 – Published: 2021-06-09 19:07 – Updated: 2024-08-03 15:25
VLAI?
Summary
Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
No CVSS data available.
CWE
- escalation of privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-09T19:07:39",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2021-0054",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUCs",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2021-0054",
"datePublished": "2021-06-09T19:07:39",
"dateReserved": "2020-10-22T00:00:00",
"dateUpdated": "2024-08-03T15:25:01.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-0067 (GCVE-0-2021-0067)
Vulnerability from cvelistv5 – Published: 2021-06-09 19:07 – Updated: 2024-08-03 15:25
VLAI?
Summary
Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
No CVSS data available.
CWE
- escalation of privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "\u0026nbsp;Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-09T19:07:34",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2021-0067",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUCs",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "\u0026nbsp;Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2021-0067",
"datePublished": "2021-06-09T19:07:34",
"dateReserved": "2020-10-22T00:00:00",
"dateUpdated": "2024-08-03T15:25:01.820Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}