Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00063.

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

Vendors Products
Intel Subscribe
Nuc7cjyh Subscribe
Nuc7cjyh Firmware Subscribe
Nuc7cjyhn Subscribe
Nuc7cjyhn Firmware Subscribe
Nuc7cjysal Subscribe
Nuc7cjysal Firmware Subscribe
Nuc7cjysamn Subscribe
Nuc7cjysamn Firmware Subscribe
Nuc7pjyh Subscribe
Nuc7pjyh Firmware Subscribe
Nuc7pjyhn Subscribe
Nuc7pjyhn Firmware Subscribe
Nuc8cchb Subscribe
Nuc8cchb Firmware Subscribe
Nuc8cchbn Subscribe
Nuc8cchbn Firmware Subscribe
Nuc8cchkr Subscribe
Nuc8cchkr Firmware Subscribe
Nuc8cchkrn Subscribe
Nuc8cchkrn Firmware Subscribe
Nuc8i3cysn Subscribe
Nuc8i3cysn Firmware Subscribe
Nuc8i5inh Subscribe
Nuc8i5inh Firmware Subscribe
Nuc8i7hnk Subscribe
Nuc8i7hnk Firmware Subscribe
Nuc8i7hnkqc Subscribe
Nuc8i7hnkqc Firmware Subscribe
Nuc8i7hvk Subscribe
Nuc8i7hvk Firmware Subscribe
Nuc8i7hvkva Subscribe
Nuc8i7hvkva Firmware Subscribe
Nuc8i7hvkvaw Subscribe
Nuc8i7hvkvaw Firmware Subscribe
Nuc8i7inh Subscribe
Nuc8i7inh Firmware Subscribe
Stk2mv64cc Subscribe
Stk2mv64cc Firmware Subscribe

Configuration 1 [-]

AND
cpe:2.3:o:intel:nuc8cchb_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc8cchb:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:intel:nuc8cchbn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc8cchbn:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:intel:nuc8cchkrn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc8cchkrn:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:intel:nuc8cchkr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc8cchkr:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:intel:nuc8i7hnkqc_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc8i7hnkqc:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:intel:nuc8i7hvkva_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc8i7hvkva:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:intel:nuc8i7hvkvaw_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc8i7hvkvaw:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:intel:nuc8i7hvk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc8i7hvk:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:intel:nuc8i7hnk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc8i7hnk:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:intel:stk2mv64cc_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:stk2mv64cc:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:intel:nuc7cjysamn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7cjysamn:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:intel:nuc7cjysal_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7cjysal:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:intel:nuc7cjyhn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7cjyhn:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:intel:nuc7pjyhn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7pjyhn:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:intel:nuc7pjyh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7pjyh:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:intel:nuc7cjyh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7cjyh:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:intel:nuc8i3cysn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc8i3cysn:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:intel:nuc8i7inh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc8i7inh:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:intel:nuc8i5inh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc8i5inh:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:intel:nuc8i7inh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc8i7inh:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:intel:nuc8i5inh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc8i5inh:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:intel:nuc7cjysamn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7cjysamn:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:intel:nuc7cjysal_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7cjysal:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:intel:nuc7cjyhn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7cjyhn:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:intel:nuc7pjyhn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7pjyhn:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:intel:nuc7pjyh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7pjyh:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND
cpe:2.3:o:intel:nuc7cjyh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc7cjyh:-:*:*:*:*:*:*:*

No data.

No data.

Advisories
Source ID Title
EUVD EUVD EUVD-2022-33141 Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html cve-icon cve-icon
History

Mon, 27 Jan 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: intel

Published:

Updated: 2025-01-27T18:09:29.351Z

Reserved: 2022-06-09T05:41:11.430Z

Link: CVE-2022-28699

cve-icon Vulnrichment

Updated: 2024-08-03T06:03:52.130Z

cve-icon NVD

Status : Modified

Published: 2023-05-10T14:15:11.267

Modified: 2024-11-21T06:57:45.670

Link: CVE-2022-28699

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses