8.2
CVE-2022-33176
- EPSS 0.05%
- Veröffentlicht 11.11.2022 16:15:15
- Zuletzt bearbeitet 05.02.2025 21:15:18
- Quelle secure@intel.com
- Teams Watchlist Login
- Unerledigt Login
Improper input validation in BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Intel ≫ Nuc 11 Performance Kit Nuc11pahi30z Firmware Version < patgl357.0042
Intel ≫ Nuc 11 Performance Kit Nuc11pahi50z Firmware Version < patgl357.0042
Intel ≫ Nuc 11 Performance Kit Nuc11pahi70z Firmware Version < patgl357.0042
Intel ≫ Nuc 11 Performance Kit Nuc11pahi3 Firmware Version < patgl357.0042
Intel ≫ Nuc 11 Performance Kit Nuc11pahi5 Firmware Version < patgl357.0042
Intel ≫ Nuc 11 Performance Kit Nuc11pahi7 Firmware Version < patgl357.0042
Intel ≫ Nuc 11 Performance Kit Nuc11paki3 Firmware Version < patgl357.0042
Intel ≫ Nuc 11 Performance Kit Nuc11paki5 Firmware Version < patgl357.0042
Intel ≫ Nuc 11 Performance Kit Nuc11paki7 Firmware Version < patgl357.0042
Intel ≫ Nuc 11 Performance Mini Pc Nuc11paqi50wa Firmware Version < patgl357.0042
Intel ≫ Nuc 11 Performance Mini Pc Nuc11paqi70qa Firmware Version < patgl357.0042
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.137 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| secure@intel.com | 8.2 | 1.5 | 6 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.