Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for nuc_x15_laptop_kit_lapkc71f_firmware by intel

    CVE-2024-34163 (GCVE-0-2024-34163)

    Vulnerability from nvd – Published: 2024-08-14 13:45 – Updated: 2024-08-16 14:08
    VLAI
    Summary
    Improper input validation in firmware for some Intel(R) NUC may allow a privileged user to potentially enableescalation of privilege via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • escalation of privilege
    • CWE-20 - Improper input validation
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUC Affected: See references
    intel lapac71g_firmware Affected: 0 , < 0065 (custom)
        cpe:2.3:o:intel:lapac71g_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    intel lapac71h_firmware Affected: 0 , < 0065 (custom)
        cpe:2.3:o:intel:lapac71h_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    intel lapbc510_firmware Affected: 0 , < 0083 (custom)
        cpe:2.3:o:intel:lapbc510_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    intel lapbc710_firmware Affected: 0 , < 0083 (custom)
        cpe:2.3:o:intel:lapbc710_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    intel laprc510_firmware Affected: 0 , < 0066 (custom)
        cpe:2.3:o:intel:laprc510_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    intel laprc710_firmware Affected: 0 , < 0066 (custom)
        cpe:2.3:o:intel:laprc710_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    intel lapkc51e_firmware Affected: 0 , < 0048 (custom)
        cpe:2.3:o:intel:lapkc51e_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    intel lapkc71e_firmware Affected: 0 , < 0048 (custom)
        cpe:2.3:o:intel:lapkc71e_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    intel lapkc71f_firmware Affected: 0 , < 0048 (custom)
        cpe:2.3:o:intel:lapkc71f_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:intel:lapac71g_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lapac71g_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0065",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:intel:lapac71h_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lapac71h_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0065",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:intel:lapbc510_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lapbc510_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0083",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:intel:lapbc710_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lapbc710_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0083",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:intel:laprc510_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "laprc510_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0066",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:intel:laprc710_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "laprc710_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0066",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:intel:lapkc51e_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lapkc51e_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0048",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:intel:lapkc71e_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lapkc71e_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0048",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:intel:lapkc71f_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lapkc71f_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0048",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-34163",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-16T04:01:34.221329Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-16T14:08:31.790Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Intel(R) NUC",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper input validation in firmware for some Intel(R) NUC may allow a privileged user to potentially enableescalation of privilege via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "privilegesRequired": "HIGH",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "escalation of privilege",
                  "lang": "en"
                },
                {
                  "cweId": "CWE-20",
                  "description": "Improper input validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-14T13:45:38.963Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01022.html",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01022.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2024-34163",
        "datePublished": "2024-08-14T13:45:38.963Z",
        "dateReserved": "2024-05-23T17:14:54.807Z",
        "dateUpdated": "2024-08-16T14:08:31.790Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-25561 (GCVE-0-2024-25561)

    Vulnerability from nvd – Published: 2024-08-14 13:45 – Updated: 2024-08-16 16:10
    VLAI
    Summary
    Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • escalation of privilege
    • CWE-277 - Insecure inherited permissions
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) HID Event Filter software installers Affected: before version 2.2.2.1
    intel hid_event_filter_driver Affected: 0 , < 2.2.2.1 (custom)
        cpe:2.3:a:intel:hid_event_filter_driver:*:*:*:*:*:*:*:*
    Create a notification for this product.
    intel nuc_m15_laptop_kit_lapbc510 Affected: 0 , < * (custom)
        cpe:2.3:h:intel:nuc_m15_laptop_kit_lapbc510:*:*:*:*:*:*:*:*
    Create a notification for this product.
    intel nuc_m15_laptop_kit_lapbc710 Affected: 0 , < * (custom)
        cpe:2.3:h:intel:nuc_m15_laptop_kit_lapbc710:*:*:*:*:*:*:*:*
    Create a notification for this product.
    intel nuc_m15_laptop_kit_laprc710 Affected: 0 , < * (custom)
        cpe:2.3:h:intel:nuc_m15_laptop_kit_laprc710:*:*:*:*:*:*:*:*
    Create a notification for this product.
    intel nuc_m15_laptop_kit_laprc510 Affected: 0 , < * (custom)
        cpe:2.3:h:intel:nuc_m15_laptop_kit_laprc510:*:*:*:*:*:*:*:*
    Create a notification for this product.
    intel nuc_x15_laptop_kit_lapac71g Affected: 0 , < * (custom)
        cpe:2.3:h:intel:nuc_x15_laptop_kit_lapac71g:*:*:*:*:*:*:*:*
    Create a notification for this product.
    intel nuc_x15_laptop_kit_lapac71h Affected: 0 , < * (custom)
        cpe:2.3:h:intel:nuc_x15_laptop_kit_lapac71h:*:*:*:*:*:*:*:*
    Create a notification for this product.
    intel nuc_x15_laptop_kit_lapkc71f Affected: 0 , < * (custom)
        cpe:2.3:h:intel:nuc_x15_laptop_kit_lapkc71f:*:*:*:*:*:*:*:*
    Create a notification for this product.
    intel nuc_x15_laptop_kit_lapkc51e Affected: 0 , < * (custom)
        cpe:2.3:h:intel:nuc_x15_laptop_kit_lapkc51e:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:intel:hid_event_filter_driver:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "hid_event_filter_driver",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "2.2.2.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:intel:nuc_m15_laptop_kit_lapbc510:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nuc_m15_laptop_kit_lapbc510",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:intel:nuc_m15_laptop_kit_lapbc710:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nuc_m15_laptop_kit_lapbc710",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:intel:nuc_m15_laptop_kit_laprc710:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nuc_m15_laptop_kit_laprc710",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:intel:nuc_m15_laptop_kit_laprc510:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nuc_m15_laptop_kit_laprc510",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapac71g:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nuc_x15_laptop_kit_lapac71g",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapac71h:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nuc_x15_laptop_kit_lapac71h",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapkc71f:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nuc_x15_laptop_kit_lapkc71f",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapkc51e:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nuc_x15_laptop_kit_lapkc51e",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-25561",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-16T15:52:53.546168Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-16T16:10:26.685Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Intel(R) HID Event Filter software installers",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before version 2.2.2.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "escalation of privilege",
                  "lang": "en"
                },
                {
                  "cweId": "CWE-277",
                  "description": "Insecure inherited permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-14T13:45:29.925Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01089.html",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01089.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2024-25561",
        "datePublished": "2024-08-14T13:45:29.925Z",
        "dateReserved": "2024-02-14T04:00:11.470Z",
        "dateUpdated": "2024-08-16T16:10:26.685Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-40540 (GCVE-0-2023-40540)

    Vulnerability from nvd – Published: 2023-11-14 19:05 – Updated: 2024-08-30 15:16
    VLAI
    Summary
    Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • information disclosure
    • CWE-1303 - Non-Transparent Sharing of Microarchitectural Resources
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUC BIOS firmware Affected: some Intel(R) NUC BIOS firmware
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.394Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40540",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-30T15:15:56.197787Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-30T15:16:20.978Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Intel(R) NUC BIOS firmware",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "some Intel(R) NUC BIOS firmware"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information disclosure",
                  "lang": "en"
                },
                {
                  "cweId": "CWE-1303",
                  "description": "Non-Transparent Sharing of Microarchitectural Resources",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-14T19:05:06.268Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2023-40540",
        "datePublished": "2023-11-14T19:05:06.268Z",
        "dateReserved": "2023-08-23T03:00:02.616Z",
        "dateUpdated": "2024-08-30T15:16:20.978Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-22444 (GCVE-0-2023-22444)

    Vulnerability from nvd – Published: 2023-08-11 02:37 – Updated: 2024-10-01 20:52
    VLAI
    Summary
    Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • information disclosure
    • CWE-665 - Improper initialization
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T10:07:06.582Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html",
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-22444",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-01T20:52:40.000061Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-01T20:52:50.781Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information disclosure",
                  "lang": "en"
                },
                {
                  "cweId": "CWE-665",
                  "description": "Improper initialization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-11T02:37:30.199Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html",
              "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2023-22444",
        "datePublished": "2023-08-11T02:37:30.199Z",
        "dateReserved": "2023-02-17T04:00:04.804Z",
        "dateUpdated": "2024-10-01T20:52:50.781Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-34163 (GCVE-0-2024-34163)

    Vulnerability from cvelistv5 – Published: 2024-08-14 13:45 – Updated: 2024-08-16 14:08
    VLAI
    Summary
    Improper input validation in firmware for some Intel(R) NUC may allow a privileged user to potentially enableescalation of privilege via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • escalation of privilege
    • CWE-20 - Improper input validation
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUC Affected: See references
    intel lapac71g_firmware Affected: 0 , < 0065 (custom)
        cpe:2.3:o:intel:lapac71g_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    intel lapac71h_firmware Affected: 0 , < 0065 (custom)
        cpe:2.3:o:intel:lapac71h_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    intel lapbc510_firmware Affected: 0 , < 0083 (custom)
        cpe:2.3:o:intel:lapbc510_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    intel lapbc710_firmware Affected: 0 , < 0083 (custom)
        cpe:2.3:o:intel:lapbc710_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    intel laprc510_firmware Affected: 0 , < 0066 (custom)
        cpe:2.3:o:intel:laprc510_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    intel laprc710_firmware Affected: 0 , < 0066 (custom)
        cpe:2.3:o:intel:laprc710_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    intel lapkc51e_firmware Affected: 0 , < 0048 (custom)
        cpe:2.3:o:intel:lapkc51e_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    intel lapkc71e_firmware Affected: 0 , < 0048 (custom)
        cpe:2.3:o:intel:lapkc71e_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    intel lapkc71f_firmware Affected: 0 , < 0048 (custom)
        cpe:2.3:o:intel:lapkc71f_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:intel:lapac71g_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lapac71g_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0065",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:intel:lapac71h_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lapac71h_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0065",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:intel:lapbc510_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lapbc510_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0083",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:intel:lapbc710_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lapbc710_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0083",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:intel:laprc510_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "laprc510_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0066",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:intel:laprc710_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "laprc710_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0066",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:intel:lapkc51e_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lapkc51e_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0048",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:intel:lapkc71e_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lapkc71e_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0048",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:intel:lapkc71f_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lapkc71f_firmware",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "0048",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-34163",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-16T04:01:34.221329Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-16T14:08:31.790Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Intel(R) NUC",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper input validation in firmware for some Intel(R) NUC may allow a privileged user to potentially enableescalation of privilege via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "privilegesRequired": "HIGH",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "escalation of privilege",
                  "lang": "en"
                },
                {
                  "cweId": "CWE-20",
                  "description": "Improper input validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-14T13:45:38.963Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01022.html",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01022.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2024-34163",
        "datePublished": "2024-08-14T13:45:38.963Z",
        "dateReserved": "2024-05-23T17:14:54.807Z",
        "dateUpdated": "2024-08-16T14:08:31.790Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-25561 (GCVE-0-2024-25561)

    Vulnerability from cvelistv5 – Published: 2024-08-14 13:45 – Updated: 2024-08-16 16:10
    VLAI
    Summary
    Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • escalation of privilege
    • CWE-277 - Insecure inherited permissions
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) HID Event Filter software installers Affected: before version 2.2.2.1
    intel hid_event_filter_driver Affected: 0 , < 2.2.2.1 (custom)
        cpe:2.3:a:intel:hid_event_filter_driver:*:*:*:*:*:*:*:*
    Create a notification for this product.
    intel nuc_m15_laptop_kit_lapbc510 Affected: 0 , < * (custom)
        cpe:2.3:h:intel:nuc_m15_laptop_kit_lapbc510:*:*:*:*:*:*:*:*
    Create a notification for this product.
    intel nuc_m15_laptop_kit_lapbc710 Affected: 0 , < * (custom)
        cpe:2.3:h:intel:nuc_m15_laptop_kit_lapbc710:*:*:*:*:*:*:*:*
    Create a notification for this product.
    intel nuc_m15_laptop_kit_laprc710 Affected: 0 , < * (custom)
        cpe:2.3:h:intel:nuc_m15_laptop_kit_laprc710:*:*:*:*:*:*:*:*
    Create a notification for this product.
    intel nuc_m15_laptop_kit_laprc510 Affected: 0 , < * (custom)
        cpe:2.3:h:intel:nuc_m15_laptop_kit_laprc510:*:*:*:*:*:*:*:*
    Create a notification for this product.
    intel nuc_x15_laptop_kit_lapac71g Affected: 0 , < * (custom)
        cpe:2.3:h:intel:nuc_x15_laptop_kit_lapac71g:*:*:*:*:*:*:*:*
    Create a notification for this product.
    intel nuc_x15_laptop_kit_lapac71h Affected: 0 , < * (custom)
        cpe:2.3:h:intel:nuc_x15_laptop_kit_lapac71h:*:*:*:*:*:*:*:*
    Create a notification for this product.
    intel nuc_x15_laptop_kit_lapkc71f Affected: 0 , < * (custom)
        cpe:2.3:h:intel:nuc_x15_laptop_kit_lapkc71f:*:*:*:*:*:*:*:*
    Create a notification for this product.
    intel nuc_x15_laptop_kit_lapkc51e Affected: 0 , < * (custom)
        cpe:2.3:h:intel:nuc_x15_laptop_kit_lapkc51e:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:intel:hid_event_filter_driver:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "hid_event_filter_driver",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "2.2.2.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:intel:nuc_m15_laptop_kit_lapbc510:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nuc_m15_laptop_kit_lapbc510",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:intel:nuc_m15_laptop_kit_lapbc710:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nuc_m15_laptop_kit_lapbc710",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:intel:nuc_m15_laptop_kit_laprc710:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nuc_m15_laptop_kit_laprc710",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:intel:nuc_m15_laptop_kit_laprc510:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nuc_m15_laptop_kit_laprc510",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapac71g:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nuc_x15_laptop_kit_lapac71g",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapac71h:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nuc_x15_laptop_kit_lapac71h",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapkc71f:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nuc_x15_laptop_kit_lapkc71f",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:intel:nuc_x15_laptop_kit_lapkc51e:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nuc_x15_laptop_kit_lapkc51e",
                "vendor": "intel",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-25561",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-16T15:52:53.546168Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-16T16:10:26.685Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Intel(R) HID Event Filter software installers",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before version 2.2.2.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "escalation of privilege",
                  "lang": "en"
                },
                {
                  "cweId": "CWE-277",
                  "description": "Insecure inherited permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-14T13:45:29.925Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01089.html",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01089.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2024-25561",
        "datePublished": "2024-08-14T13:45:29.925Z",
        "dateReserved": "2024-02-14T04:00:11.470Z",
        "dateUpdated": "2024-08-16T16:10:26.685Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-40540 (GCVE-0-2023-40540)

    Vulnerability from cvelistv5 – Published: 2023-11-14 19:05 – Updated: 2024-08-30 15:16
    VLAI
    Summary
    Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • information disclosure
    • CWE-1303 - Non-Transparent Sharing of Microarchitectural Resources
    Assigner
    Impacted products
    Vendor Product Version
    n/a Intel(R) NUC BIOS firmware Affected: some Intel(R) NUC BIOS firmware
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.394Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40540",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-30T15:15:56.197787Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-30T15:16:20.978Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Intel(R) NUC BIOS firmware",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "some Intel(R) NUC BIOS firmware"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information disclosure",
                  "lang": "en"
                },
                {
                  "cweId": "CWE-1303",
                  "description": "Non-Transparent Sharing of Microarchitectural Resources",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-14T19:05:06.268Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2023-40540",
        "datePublished": "2023-11-14T19:05:06.268Z",
        "dateReserved": "2023-08-23T03:00:02.616Z",
        "dateUpdated": "2024-08-30T15:16:20.978Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-22444 (GCVE-0-2023-22444)

    Vulnerability from cvelistv5 – Published: 2023-08-11 02:37 – Updated: 2024-10-01 20:52
    VLAI
    Summary
    Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • information disclosure
    • CWE-665 - Improper initialization
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T10:07:06.582Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html",
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-22444",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-01T20:52:40.000061Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-01T20:52:50.781Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "See references"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board and Intel(R) NUC Pro Mini PC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information disclosure",
                  "lang": "en"
                },
                {
                  "cweId": "CWE-665",
                  "description": "Improper initialization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-11T02:37:30.199Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html",
              "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2023-22444",
        "datePublished": "2023-08-11T02:37:30.199Z",
        "dateReserved": "2023-02-17T04:00:04.804Z",
        "dateUpdated": "2024-10-01T20:52:50.781Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }