Improper input validation in BIOS firmware for some Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00023.

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Vendors Products
Intel
  • Nuc 10 Performance Kit Nuc10i3fnh
  • Nuc 10 Performance Kit Nuc10i3fnh Firmware
  • Nuc 10 Performance Kit Nuc10i3fnhf
  • Nuc 10 Performance Kit Nuc10i3fnhf Firmware
  • Nuc 10 Performance Kit Nuc10i3fnhn
  • Nuc 10 Performance Kit Nuc10i3fnhn Firmware
  • Nuc 10 Performance Kit Nuc10i3fnk
  • Nuc 10 Performance Kit Nuc10i3fnk Firmware
  • Nuc 10 Performance Kit Nuc10i3fnkn
  • Nuc 10 Performance Kit Nuc10i3fnkn Firmware
  • Nuc 10 Performance Kit Nuc10i5fnh
  • Nuc 10 Performance Kit Nuc10i5fnh Firmware
  • Nuc 10 Performance Kit Nuc10i5fnhf
  • Nuc 10 Performance Kit Nuc10i5fnhf Firmware
  • Nuc 10 Performance Kit Nuc10i5fnhj
  • Nuc 10 Performance Kit Nuc10i5fnhj Firmware
  • Nuc 10 Performance Kit Nuc10i5fnhn
  • Nuc 10 Performance Kit Nuc10i5fnhn Firmware
  • Nuc 10 Performance Kit Nuc10i5fnk
  • Nuc 10 Performance Kit Nuc10i5fnk Firmware
  • Nuc 10 Performance Kit Nuc10i5fnkn
  • Nuc 10 Performance Kit Nuc10i5fnkn Firmware
  • Nuc 10 Performance Kit Nuc10i5fnkp
  • Nuc 10 Performance Kit Nuc10i5fnkp Firmware
  • Nuc 10 Performance Kit Nuc10i7fnh
  • Nuc 10 Performance Kit Nuc10i7fnh Firmware
  • Nuc 10 Performance Kit Nuc10i7fnhc
  • Nuc 10 Performance Kit Nuc10i7fnhc Firmware
  • Nuc 10 Performance Kit Nuc10i7fnhn
  • Nuc 10 Performance Kit Nuc10i7fnhn Firmware
  • Nuc 10 Performance Kit Nuc10i7fnk
  • Nuc 10 Performance Kit Nuc10i7fnk Firmware
  • Nuc 10 Performance Kit Nuc10i7fnkn
  • Nuc 10 Performance Kit Nuc10i7fnkn Firmware
  • Nuc 10 Performance Kit Nuc10i7fnkp
  • Nuc 10 Performance Kit Nuc10i7fnkp Firmware
  • Nuc 10 Performance Mini Pc Nuc10i3fnhfa
  • Nuc 10 Performance Mini Pc Nuc10i3fnhfa Firmware
  • Nuc 10 Performance Mini Pc Nuc10i3fnhja
  • Nuc 10 Performance Mini Pc Nuc10i3fnhja Firmware
  • Nuc 10 Performance Mini Pc Nuc10i5fnhca
  • Nuc 10 Performance Mini Pc Nuc10i5fnhca Firmware
  • Nuc 10 Performance Mini Pc Nuc10i5fnhja
  • Nuc 10 Performance Mini Pc Nuc10i5fnhja Firmware
  • Nuc 10 Performance Mini Pc Nuc10i5fnkpa
  • Nuc 10 Performance Mini Pc Nuc10i5fnkpa Firmware
  • Nuc 10 Performance Mini Pc Nuc10i7fnhaa
  • Nuc 10 Performance Mini Pc Nuc10i7fnhaa Firmware
  • Nuc 10 Performance Mini Pc Nuc10i7fnhja
  • Nuc 10 Performance Mini Pc Nuc10i7fnhja Firmware
  • Nuc 10 Performance Mini Pc Nuc10i7fnkpa
  • Nuc 10 Performance Mini Pc Nuc10i7fnkpa Firmware

Configuration 1 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i7fnhn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i7fnhn:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i5fnkn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i5fnkn:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i5fnhn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i5fnhn:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i7fnkn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i7fnkn:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i3fnhn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i3fnhn:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i3fnkn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i3fnkn:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_mini_pc_nuc10i5fnhja_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_mini_pc_nuc10i5fnhja:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i3fnhf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i3fnhf:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_mini_pc_nuc10i7fnkpa_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_mini_pc_nuc10i7fnkpa:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_mini_pc_nuc10i5fnhca_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_mini_pc_nuc10i5fnhca:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_mini_pc_nuc10i3fnhfa_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_mini_pc_nuc10i3fnhfa:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i5fnhj_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i5fnhj:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i7fnhc_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i7fnhc:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_mini_pc_nuc10i7fnhja_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_mini_pc_nuc10i7fnhja:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_mini_pc_nuc10i3fnhja_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_mini_pc_nuc10i3fnhja:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i3fnk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i3fnk:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_mini_pc_nuc10i7fnhaa_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_mini_pc_nuc10i7fnhaa:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i5fnh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i5fnh:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i5fnk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i5fnk:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i7fnh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i7fnh:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i5fnhf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i5fnhf:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_mini_pc_nuc10i5fnkpa_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_mini_pc_nuc10i5fnkpa:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i3fnh_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i3fnh:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i7fnk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i7fnk:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i7fnkp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i7fnkp:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i5fnkp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i5fnkp:-:*:*:*:*:*:*:*

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html cve-icon cve-icon
History

Wed, 02 Oct 2024 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}
cve-icon MITRE

Status: PUBLISHED

Assigner: intel

Published:

Updated: 2024-10-02T13:27:03.292Z

Reserved: 2022-08-10T03:00:25.333Z

Link: CVE-2022-37336

cve-icon Vulnrichment

Updated: 2024-08-03T10:29:20.651Z

cve-icon NVD

Status : Modified

Published: 2023-08-11T03:15:13.423

Modified: 2024-11-21T07:14:46.933

Link: CVE-2022-37336

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.