Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveIntelCVE-2022-34152
HistoryNov 11, 2022 - 4:15 p.m.

CVE-2022-34152

2022-11-1116:15:15
CWE-20
intel
web.nvd.nist.gov
27
4
cve-2022-34152
intel
nuc
bios
firmware
input validation
privilege escalation
security vulnerability

CVSS3

7.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

EPSS

0

Percentile

12.6%

JSON

Improper input validation in BIOS firmware for some Intelยฎ NUC Boards, Intelยฎ NUC Kits before version TY0070 may allow a privileged user to potentially enable escalation of privilege via local access.

Affected configurations

Nvd
Node
intelnuc_board_de3815tybe_firmwareRange<ty0070
AND
intelnuc_board_de3815tybeMatch-
Node
intelnuc_kit_de3815tykhe_firmwareRange<ty0070
AND
intelnuc_kit_de3815tykheMatch-
VendorProductVersionCPE
intelnuc_board_de3815tybe_firmware*cpe:2.3:o:intel:nuc_board_de3815tybe_firmware:*:*:*:*:*:*:*:*
intelnuc_board_de3815tybe-cpe:2.3:h:intel:nuc_board_de3815tybe:-:*:*:*:*:*:*:*
intelnuc_kit_de3815tykhe_firmware*cpe:2.3:o:intel:nuc_kit_de3815tykhe_firmware:*:*:*:*:*:*:*:*
intelnuc_kit_de3815tykhe-cpe:2.3:h:intel:nuc_kit_de3815tykhe:-:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) NUC Boards, Intel(R) NUC Kits",
    "versions": [
      {
        "version": "before version TY0070",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Social References

More

Related

prion 1
cvelist 1
nvd 1
intel 1
prion
prion
Input validation
2022-11-11 16:15:00
cvelist
cvelist
CVE-2022-34152
2022-11-11 15:48:51
nvd
nvd
CVE-2022-34152
2022-11-11 16:15:15
intel
intel
Intelยฎ NUC Firmware Advisory
2023-02-16 00:00:00

CVSS3

7.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

EPSS

0

Percentile

12.6%

JSON
Related for CVE-2022-34152
prion1cvelist1nvd1intel1