7.7
CVE-2022-21794
- EPSS 0.12%
- Veröffentlicht 11.11.2022 16:15:11
- Zuletzt bearbeitet 05.02.2025 21:15:14
- Quelle secure@intel.com
- CVE-Watchlists
- Unerledigt
LoginImproper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067 may allow a privileged user to potentially enable escalation of privilege via local access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Intel ≫ Nuc Kit Nuc8i7hnk Firmware Version < hn0067
Intel ≫ Nuc Kit Nuc8i7hvk Firmware Version < hn0067
Intel ≫ Nuc 8 Enthusiast Nuc8i7hvkva Firmware Version < hn0067
Intel ≫ Nuc 8 Enthusiast Nuc8i7hvkvaw Firmware Version < hn0067
Intel ≫ Nuc 8 Business Nuc8i7hnkqc Firmware Version < hn0067
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.306 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| secure@intel.com | 7.7 | 1.1 | 6 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.