Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00046.

Exploitation none

Automatable no

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
n/a Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN unaffected
Version Status Constraints
before version 1.78.2.0.7 affected

Configuration 1 [-]

AND
cpe:2.3:o:intel:nuc7i3dnbe_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7i3dnbe:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:intel:nuc7i3dnhe_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7i3dnhe:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:intel:nuc7i3dnhnc_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7i3dnhnc:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:intel:nuc7i3dnke_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7i3dnke:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:intel:nuc7i3dnktc_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7i3dnktc:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:intel:nuc7i5dnbe_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7i5dnbe:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:intel:nuc7i5dnhe_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7i5dnhe:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:intel:nuc7i5dnke_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7i5dnke:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:intel:nuc7i7dnbe_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7i7dnbe:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:intel:nuc7i7dnhe_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7i7dnhe:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:intel:nuc7i7dnke_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7i7dnke:-:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors Products
Intel Subscribe
Nuc7i3dnbe Subscribe
Nuc7i3dnbe Firmware Subscribe
Nuc7i3dnhe Subscribe
Nuc7i3dnhe Firmware Subscribe
Nuc7i3dnhnc Subscribe
Nuc7i3dnhnc Firmware Subscribe
Nuc7i3dnke Subscribe
Nuc7i3dnke Firmware Subscribe
Nuc7i3dnktc Subscribe
Nuc7i3dnktc Firmware Subscribe
Nuc7i5dnbe Subscribe
Nuc7i5dnbe Firmware Subscribe
Nuc7i5dnhe Subscribe
Nuc7i5dnhe Firmware Subscribe
Nuc7i5dnke Subscribe
Nuc7i5dnke Firmware Subscribe
Nuc7i7dnbe Subscribe
Nuc7i7dnbe Firmware Subscribe
Nuc7i7dnhe Subscribe
Nuc7i7dnhe Firmware Subscribe
Nuc7i7dnke Subscribe
Nuc7i7dnke Firmware Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2022-30593 Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.html cve-icon cve-icon
History

Wed, 29 Jan 2025 21:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-281
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: intel

Published:

Updated: 2025-01-29T20:45:50.692Z

Reserved: 2022-03-21T23:31:41.445Z

Link: CVE-2022-26024

cve-icon Vulnrichment

Updated: 2024-08-03T04:56:37.465Z

cve-icon NVD

Status : Modified

Published: 2022-11-11T16:15:12.053

Modified: 2025-01-29T21:15:13.287

Link: CVE-2022-26024

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses