MEDIUM✓ PATCH🇬🇧 English

CVE-2023-32655

CVSS 6.7v3.1pub. 2023-11-14upd. 2024-11-21

Path transversal in some Intel(R) NUC Kits & Mini PCs - NUC8i7HVK & NUC8HNK USB Type C power delivery controller installatio software before version 1.0.10.3 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
  • Intel Nuc 8 Business Nuc8i7hnkqc

    HW
    Intel
    wszystkie wersje
  • Intel Nuc 8 Enthusiast Nuc8i7hvkva

    HW
    Intel
    wszystkie wersje
  • Intel Nuc 8 Enthusiast Nuc8i7hvkvaw

    HW
    Intel
    wszystkie wersje
  • Intel Nuc Kit Nuc8i7hnk

    HW
    Intel
    wszystkie wersje
  • Intel Nuc Kit Nuc8i7hvk

    HW
    Intel
    wszystkie wersje
  • Intel Usb Type C Power Delivery Controller

    APP
    Intel
    < 1.0.10.3
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Path Traversal
CWE
Referencje

Powiązane podatności

CVE-2022-36372HIGH7.5ten sam produkt

Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially ena...

CVE-2022-21794HIGH7.7ten sam produkt

Improper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Ent...

CVE-2020-0530HIGH7.8ten sam produkt

Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enabl...

CVE-2019-11094HIGH7.8ten sam produkt

Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to pote...

CVE-2018-12176HIGH8.2ten sam produkt

Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute ar...