HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2022-21794

CVSS 7.7v3.1pub. 2022-11-11upd. 2025-02-05

Improper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
  • Intel Nuc 8 Business Nuc8i7hnkqc

    HW
    Intel
    wszystkie wersje
  • Intel Nuc 8 Business Nuc8i7hnkqc Firmware

    OS
    Intel
    < hn0067
  • Intel Nuc 8 Enthusiast Nuc8i7hvkva

    HW
    Intel
    wszystkie wersje
  • Intel Nuc 8 Enthusiast Nuc8i7hvkva Firmware

    OS
    Intel
    < hn0067
  • Intel Nuc 8 Enthusiast Nuc8i7hvkvaw

    HW
    Intel
    wszystkie wersje
  • Intel Nuc 8 Enthusiast Nuc8i7hvkvaw Firmware

    OS
    Intel
    < hn0067
  • Intel Nuc Kit Nuc8i7hnk

    HW
    Intel
    wszystkie wersje
  • Intel Nuc Kit Nuc8i7hnk Firmware

    OS
    Intel
    < hn0067
  • Intel Nuc Kit Nuc8i7hvk

    HW
    Intel
    wszystkie wersje
  • Intel Nuc Kit Nuc8i7hvk Firmware

    OS
    Intel
    < hn0067
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2022-36372HIGH7.5ten sam produkt

Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially ena...

CVE-2020-0530HIGH7.8ten sam produkt

Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enabl...

CVE-2019-11094HIGH7.8ten sam produkt

Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to pote...

CVE-2018-12176HIGH8.2ten sam produkt

Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute ar...

CVE-2021-46748MEDIUM5.5ten sam produkt

Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside ...