Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00042.

Exploitation none

Automatable no

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
n/a Intel(R) NUC BIOS firmware unaffected
Version Status Constraints
See references affected

Configuration 1 [-]

AND
cpe:2.3:o:intel:nuc_8_compute_element_cm8i3cb4n_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_8_compute_element_cm8i3cb4n:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:intel:nuc_8_compute_element_cm8i5cb8n_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_8_compute_element_cm8i5cb8n:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:intel:nuc_8_compute_element_cm8i7cb8n_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_8_compute_element_cm8i7cb8n:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:intel:nuc_8_compute_element_cm8ccb4r_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_8_compute_element_cm8ccb4r:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:intel:nuc_8_compute_element_cm8pcb4r_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_8_compute_element_cm8pcb4r:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:intel:nuc_pro_kit_nuc8i3pnb_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_pro_kit_nuc8i3pnb:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:intel:nuc_pro_kit_nuc8i3pnh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_pro_kit_nuc8i3pnh:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:intel:nuc_pro_kit_nuc8i3pnk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_pro_kit_nuc8i3pnk:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:intel:nuc_pro_board_nuc8i3pnb_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_pro_board_nuc8i3pnb:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:intel:nuc_pro_board_nuc8i3pnh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_pro_board_nuc8i3pnh:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:intel:nuc_pro_board_nuc8i3pnk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_pro_board_nuc8i3pnk:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:intel:nuc_rugged_kit_nuc8cchb_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_rugged_kit_nuc8cchb:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:intel:nuc_rugged_kit_nuc8cchbn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_rugged_kit_nuc8cchbn:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:intel:nuc_rugged_kit_nuc8cchkrn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_rugged_kit_nuc8cchkrn:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:intel:nuc_rugged_kit_nuc8cchkr_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_rugged_kit_nuc8cchkr:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:intel:nuc_pro_compute_element_nuc9v7qnb_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_pro_compute_element_nuc9v7qnb:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:intel:nuc_pro_compute_element_nuc9v7qnx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_pro_compute_element_nuc9v7qnx:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:intel:nuc_pro_compute_element_nuc9vxqnb_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_pro_compute_element_nuc9vxqnb:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:intel:nuc_pro_compute_element_nuc9vxqnx_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_pro_compute_element_nuc9vxqnx:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:intel:nuc_business_nuc8i7hnkqc_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_business_nuc8i7hnkqc:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:intel:nuc_business_nuc8i7hvkva_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_business_nuc8i7hvkva:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:intel:nuc_business_nuc8i7hvkvaw_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_business_nuc8i7hvkvaw:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:intel:nuc_business_nuc8i7hvk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_business_nuc8i7hvk:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:intel:nuc_business_nuc8i7hnk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_business_nuc8i7hnk:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:intel:nuc_enthusiast_nuc8i7hnkqc_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_enthusiast_nuc8i7hnkqc:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:intel:nuc_enthusiast_nuc8i7hvkva_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_enthusiast_nuc8i7hvkva:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND
cpe:2.3:o:intel:nuc_enthusiast_nuc8i7hvkvaw_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_enthusiast_nuc8i7hvkvaw:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND
cpe:2.3:o:intel:nuc_enthusiast_nuc8i7hvk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_enthusiast_nuc8i7hvk:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND
cpe:2.3:o:intel:nuc_enthusiast_nuc8i7hnk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_enthusiast_nuc8i7hnk:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND
cpe:2.3:o:intel:nuc_kit_nuc8i7hnkqc_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_kit_nuc8i7hnkqc:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND
cpe:2.3:o:intel:nuc_kit_nuc8i7hvkva_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_kit_nuc8i7hvkva:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND
cpe:2.3:o:intel:nuc_kit_nuc8i7hvkvaw_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_kit_nuc8i7hvkvaw:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND
cpe:2.3:o:intel:nuc_kit_nuc8i7hvk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_kit_nuc8i7hvk:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND
cpe:2.3:o:intel:nuc_kit_nuc8i7hnk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors Products
Intel Subscribe
Bios Subscribe
Nuc 8 Compute Element Cm8ccb4r Subscribe
Nuc 8 Compute Element Cm8ccb4r Firmware Subscribe
Nuc 8 Compute Element Cm8i3cb4n Subscribe
Nuc 8 Compute Element Cm8i3cb4n Firmware Subscribe
Nuc 8 Compute Element Cm8i5cb8n Subscribe
Nuc 8 Compute Element Cm8i5cb8n Firmware Subscribe
Nuc 8 Compute Element Cm8i7cb8n Subscribe
Nuc 8 Compute Element Cm8i7cb8n Firmware Subscribe
Nuc 8 Compute Element Cm8pcb4r Subscribe
Nuc 8 Compute Element Cm8pcb4r Firmware Subscribe
Nuc Business Nuc8i7hnk Subscribe
Nuc Business Nuc8i7hnk Firmware Subscribe
Nuc Business Nuc8i7hnkqc Subscribe
Nuc Business Nuc8i7hnkqc Firmware Subscribe
Nuc Business Nuc8i7hvk Subscribe
Nuc Business Nuc8i7hvk Firmware Subscribe
Nuc Business Nuc8i7hvkva Subscribe
Nuc Business Nuc8i7hvkva Firmware Subscribe
Nuc Business Nuc8i7hvkvaw Subscribe
Nuc Business Nuc8i7hvkvaw Firmware Subscribe
Nuc Enthusiast Nuc8i7hnk Subscribe
Nuc Enthusiast Nuc8i7hnk Firmware Subscribe
Nuc Enthusiast Nuc8i7hnkqc Subscribe
Nuc Enthusiast Nuc8i7hnkqc Firmware Subscribe
Nuc Enthusiast Nuc8i7hvk Subscribe
Nuc Enthusiast Nuc8i7hvk Firmware Subscribe
Nuc Enthusiast Nuc8i7hvkva Subscribe
Nuc Enthusiast Nuc8i7hvkva Firmware Subscribe
Nuc Enthusiast Nuc8i7hvkvaw Subscribe
Nuc Enthusiast Nuc8i7hvkvaw Firmware Subscribe
Nuc Kit Nuc8i7hnk Subscribe
Nuc Kit Nuc8i7hnk Firmware Subscribe
Nuc Kit Nuc8i7hnkqc Subscribe
Nuc Kit Nuc8i7hnkqc Firmware Subscribe
Nuc Kit Nuc8i7hvk Subscribe
Nuc Kit Nuc8i7hvk Firmware Subscribe
Nuc Kit Nuc8i7hvkva Subscribe
Nuc Kit Nuc8i7hvkva Firmware Subscribe
Nuc Kit Nuc8i7hvkvaw Subscribe
Nuc Kit Nuc8i7hvkvaw Firmware Subscribe
Nuc Pro Board Nuc8i3pnb Subscribe
Nuc Pro Board Nuc8i3pnb Firmware Subscribe
Nuc Pro Board Nuc8i3pnh Subscribe
Nuc Pro Board Nuc8i3pnh Firmware Subscribe
Nuc Pro Board Nuc8i3pnk Subscribe
Nuc Pro Board Nuc8i3pnk Firmware Subscribe
Nuc Pro Compute Element Nuc9v7qnb Subscribe
Nuc Pro Compute Element Nuc9v7qnb Firmware Subscribe
Nuc Pro Compute Element Nuc9v7qnx Subscribe
Nuc Pro Compute Element Nuc9v7qnx Firmware Subscribe
Nuc Pro Compute Element Nuc9vxqnb Subscribe
Nuc Pro Compute Element Nuc9vxqnb Firmware Subscribe
Nuc Pro Compute Element Nuc9vxqnx Subscribe
Nuc Pro Compute Element Nuc9vxqnx Firmware Subscribe
Nuc Pro Kit Nuc8i3pnb Subscribe
Nuc Pro Kit Nuc8i3pnb Firmware Subscribe
Nuc Pro Kit Nuc8i3pnh Subscribe
Nuc Pro Kit Nuc8i3pnh Firmware Subscribe
Nuc Pro Kit Nuc8i3pnk Subscribe
Nuc Pro Kit Nuc8i3pnk Firmware Subscribe
Nuc Rugged Kit Nuc8cchb Subscribe
Nuc Rugged Kit Nuc8cchb Firmware Subscribe
Nuc Rugged Kit Nuc8cchbn Subscribe
Nuc Rugged Kit Nuc8cchbn Firmware Subscribe
Nuc Rugged Kit Nuc8cchkr Subscribe
Nuc Rugged Kit Nuc8cchkr Firmware Subscribe
Nuc Rugged Kit Nuc8cchkrn Subscribe
Nuc Rugged Kit Nuc8cchkrn Firmware Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2022-39086 Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html cve-icon cve-icon
History

Wed, 09 Oct 2024 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Intel bios
CPEs cpe:2.3:o:intel:bios:-:*:*:*:*:*:*:*
Vendors & Products Intel bios
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: intel

Published:

Updated: 2024-10-09T16:27:13.433Z

Reserved: 2022-07-22T03:00:26.783Z

Link: CVE-2022-36372

cve-icon Vulnrichment

Updated: 2024-08-03T10:00:04.282Z

cve-icon NVD

Status : Modified

Published: 2023-08-11T03:15:13.040

Modified: 2024-11-21T07:12:53.297

Link: CVE-2022-36372

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses