7.8
CVE-2023-38587
- EPSS 0.05%
- Veröffentlicht 19.01.2024 20:15:10
- Zuletzt bearbeitet 21.11.2024 08:13:53
- Quelle secure@intel.com
- Teams Watchlist Login
- Unerledigt Login
Improper input validation in some Intel NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Intel ≫ Nuc 8 Home Nuc8i3behfa Firmware Versionbecfl357.0095
Intel ≫ Nuc 8 Home Nuc8i5behfa Firmware Versionbecfl357.0095
Intel ≫ Nuc 8 Home Nuc8i5bekpa Firmware Versionbecfl357.0095
Intel ≫ Nuc 8 Enthusiast Nuc8i7behga Firmware Versionbecfl357.0095
Intel ≫ Nuc 8 Enthusiast Nuc8i7bekqa Firmware Versionbecfl357.0095
Intel ≫ Nuc Kit Nuc8i3beh Firmware Versionbecfl357.0095
Intel ≫ Nuc Kit Nuc8i3bek Firmware Versionbecfl357.0095
Intel ≫ Nuc Kit Nuc8i5beh Firmware Versionbecfl357.0095
Intel ≫ Nuc Kit Nuc8i5bek Firmware Versionbecfl357.0095
Intel ≫ Nuc Kit Nuc8i7beh Firmware Versionbecfl357.0095
Intel ≫ Nuc Kit Nuc8i3behs Firmware Versionbecfl357.0095
Intel ≫ Nuc Kit Nuc8i5behs Firmware Versionbecfl357.0095
Intel ≫ Nuc Kit Nuc8i7bek Firmware Versionbecfl357.0095
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.162 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| secure@intel.com | 7.5 | 0.8 | 6 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.