Lucene search

IntelCVELIST:CVE-2022-36349

HistoryNov 11, 2022 - 3:48 p.m.

CVE-2022-36349

2022-11-1115:48:55

intel

www.cve.org

intel nuc

bios firmware

cve-2022-36349

denial of service

local access

CVSS3

5.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L

AI Score

5.6

Confidence

High

EPSS

Percentile

12.6%

JSON

Insecure default variable initialization in BIOS firmware for some Intel® NUC Boards and Intel® NUC Kits before version MYi30060 may allow an authenticated user to potentially enable denial of service via local access.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) NUC Boards and Intel(R) NUC Kits",
    "versions": [
      {
        "version": "before version MYi30060",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html

CVSS3

5.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L

AI Score

5.6

Confidence

High

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2022-36349