Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-28699 (GCVE-0-2022-28699)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:16 – Updated: 2025-01-27 18:09
VLAI?
EPSS
Summary
Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
7.5 (High)
CWE
- escalation of privilege
- CWE-20 - Improper input validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC BIOS firmware |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:52.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-28699",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:28:30.890717Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:09:29.351Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC BIOS firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:16:46.127Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-28699",
"datePublished": "2023-05-10T13:16:46.127Z",
"dateReserved": "2022-06-09T05:41:11.430Z",
"dateUpdated": "2025-01-27T18:09:29.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html\", \"name\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T06:03:52.130Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-28699\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-27T17:28:30.890717Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-27T17:28:32.484Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"Intel(R) NUC BIOS firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"See references\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html\", \"name\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"escalation of privilege\"}, {\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"Improper input validation\"}]}], \"providerMetadata\": {\"orgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"shortName\": \"intel\", \"dateUpdated\": \"2023-05-10T13:16:46.127Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-28699\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-27T18:09:29.351Z\", \"dateReserved\": \"2022-06-09T05:41:11.430Z\", \"assignerOrgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"datePublished\": \"2023-05-10T13:16:46.127Z\", \"assignerShortName\": \"intel\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2023-AVI-0371
Vulnerability from certfr_avis - Published: 2023-05-10 - Updated: 2023-05-10
De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- 2023.2 IPU – BIOS
- DSP Builder pour Intel FPGAs Pro Edition Software
- Intel NUC BIOS Firmware
- Intel Connect M Android App
- Intel DCM Software
- Intel DCM
- Intel EMA Configuration Tool and Intel MC Software
- Intel EMA Software
- Intel FPGA Firmware
- Intel IPP Cryptography
- Intel MacCPUID Software
- Intel NUC BIOS Update Software
- Intel NUC Laptop Element Software
- Intel NUC Pro Software Suite
- Intel NUC Software Studio Service Installer
- Intel OFU Software
- Intel Pathfinder pour RISC-V
- Intel QAT Driver
- Intel QAT Engine pour OpenSSL
- Intel QAT
- Intel Quartus Prime Pro Software
- Intel Retail Edge Mobile App
- Intel SCS Add-on Software Installer
- Intel SCS Software
- Intel SUR Software
- Intel Server Board BMC Firmware
- Intel Smart Campus Android App
- Intel Trace Analyzer and Collector Software
- Intel Unite Android App
- Intel Unite Client Software
- Intel Unite Plugin SDK
- Intel VROC Software
- Intel VTune™ Profiler
- Intel i915 Graphics Drivers pour Linux
- Intel oneAPI Toolkit and Component Software Installers
- Open CAS
- WULT Software
Pour plus d'informations, veuillez-vous référer aux avis de l'éditeur.
Impacted products
| Vendor | Product | Description |
|---|
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003e2023.2 IPU \u2013 BIOS\u003c/li\u003e \u003cli\u003eDSP Builder pour Intel FPGAs Pro Edition Software\u003c/li\u003e \u003cli\u003eIntel NUC BIOS Firmware\u003c/li\u003e \u003cli\u003eIntel Connect M Android App\u003c/li\u003e \u003cli\u003eIntel DCM Software\u003c/li\u003e \u003cli\u003eIntel DCM\u003c/li\u003e \u003cli\u003eIntel EMA Configuration Tool and Intel MC Software\u003c/li\u003e \u003cli\u003eIntel EMA Software\u003c/li\u003e \u003cli\u003eIntel FPGA Firmware\u003c/li\u003e \u003cli\u003eIntel IPP Cryptography\u003c/li\u003e \u003cli\u003eIntel MacCPUID Software\u003c/li\u003e \u003cli\u003eIntel NUC BIOS Update Software\u003c/li\u003e \u003cli\u003eIntel NUC Laptop Element Software\u003c/li\u003e \u003cli\u003eIntel NUC Pro Software Suite\u003c/li\u003e \u003cli\u003eIntel NUC Software Studio Service Installer\u003c/li\u003e \u003cli\u003eIntel OFU Software\u003c/li\u003e \u003cli\u003eIntel Pathfinder pour RISC-V\u003c/li\u003e \u003cli\u003eIntel QAT Driver\u003c/li\u003e \u003cli\u003eIntel QAT Engine pour OpenSSL\u003c/li\u003e \u003cli\u003eIntel QAT\u003c/li\u003e \u003cli\u003eIntel Quartus Prime Pro Software\u003c/li\u003e \u003cli\u003eIntel Retail Edge Mobile App\u003c/li\u003e \u003cli\u003eIntel SCS Add-on Software Installer\u003c/li\u003e \u003cli\u003eIntel SCS Software\u003c/li\u003e \u003cli\u003eIntel SUR Software\u003c/li\u003e \u003cli\u003eIntel Server Board BMC Firmware\u003c/li\u003e \u003cli\u003eIntel Smart Campus Android App\u003c/li\u003e \u003cli\u003eIntel Trace Analyzer and Collector Software\u003c/li\u003e \u003cli\u003eIntel Unite Android App\u003c/li\u003e \u003cli\u003eIntel Unite Client Software\u003c/li\u003e \u003cli\u003eIntel Unite Plugin SDK\u003c/li\u003e \u003cli\u003eIntel VROC Software\u003c/li\u003e \u003cli\u003eIntel VTune\u2122 Profiler\u003c/li\u003e \u003cli\u003eIntel i915 Graphics Drivers pour Linux\u003c/li\u003e \u003cli\u003eIntel oneAPI Toolkit and Component Software Installers\u003c/li\u003e \u003cli\u003eOpen CAS\u003c/li\u003e \u003cli\u003eWULT Software\u003c/li\u003e \u003c/ul\u003e \u003cp\u003ePour plus d\u0027informations, veuillez-vous r\u00e9f\u00e9rer aux avis de l\u0027\u00e9diteur.\u003c/p\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-23910",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23910"
},
{
"name": "CVE-2023-22443",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22443"
},
{
"name": "CVE-2022-40974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40974"
},
{
"name": "CVE-2022-41628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41628"
},
{
"name": "CVE-2022-43465",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43465"
},
{
"name": "CVE-2022-43475",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43475"
},
{
"name": "CVE-2022-25976",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25976"
},
{
"name": "CVE-2022-21239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21239"
},
{
"name": "CVE-2022-40972",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40972"
},
{
"name": "CVE-2023-27382",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27382"
},
{
"name": "CVE-2022-37409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37409"
},
{
"name": "CVE-2023-22355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22355"
},
{
"name": "CVE-2022-44619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44619"
},
{
"name": "CVE-2022-34855",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34855"
},
{
"name": "CVE-2022-41801",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41801"
},
{
"name": "CVE-2022-36391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36391"
},
{
"name": "CVE-2023-25175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25175"
},
{
"name": "CVE-2022-41699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41699"
},
{
"name": "CVE-2023-22312",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22312"
},
{
"name": "CVE-2022-34848",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34848"
},
{
"name": "CVE-2022-46279",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46279"
},
{
"name": "CVE-2022-46645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46645"
},
{
"name": "CVE-2023-25771",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25771"
},
{
"name": "CVE-2023-22440",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22440"
},
{
"name": "CVE-2022-38087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38087"
},
{
"name": "CVE-2022-43507",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43507"
},
{
"name": "CVE-2022-32578",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32578"
},
{
"name": "CVE-2023-22297",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22297"
},
{
"name": "CVE-2023-22447",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22447"
},
{
"name": "CVE-2022-45128",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45128"
},
{
"name": "CVE-2022-30338",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30338"
},
{
"name": "CVE-2023-25776",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25776"
},
{
"name": "CVE-2023-22379",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22379"
},
{
"name": "CVE-2022-42465",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42465"
},
{
"name": "CVE-2022-42878",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42878"
},
{
"name": "CVE-2023-23573",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23573"
},
{
"name": "CVE-2022-36339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36339"
},
{
"name": "CVE-2022-41982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41982"
},
{
"name": "CVE-2023-27298",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27298"
},
{
"name": "CVE-2022-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41771"
},
{
"name": "CVE-2023-28410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28410"
},
{
"name": "CVE-2023-25179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25179"
},
{
"name": "CVE-2023-23909",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23909"
},
{
"name": "CVE-2022-38787",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38787"
},
{
"name": "CVE-2023-27386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27386"
},
{
"name": "CVE-2023-23569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23569"
},
{
"name": "CVE-2022-41769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41769"
},
{
"name": "CVE-2022-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38103"
},
{
"name": "CVE-2022-31477",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31477"
},
{
"name": "CVE-2022-33894",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33894"
},
{
"name": "CVE-2022-28699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28699"
},
{
"name": "CVE-2022-46656",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46656"
},
{
"name": "CVE-2022-43474",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43474"
},
{
"name": "CVE-2022-41784",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41784"
},
{
"name": "CVE-2022-40685",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40685"
},
{
"name": "CVE-2023-28411",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28411"
},
{
"name": "CVE-2022-41658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41658"
},
{
"name": "CVE-2022-32766",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32766"
},
{
"name": "CVE-2022-29919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29919"
},
{
"name": "CVE-2022-38101",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38101"
},
{
"name": "CVE-2023-25545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25545"
},
{
"name": "CVE-2022-29508",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29508"
},
{
"name": "CVE-2023-22661",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22661"
},
{
"name": "CVE-2022-34147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34147"
},
{
"name": "CVE-2022-41690",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41690"
},
{
"name": "CVE-2023-22442",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22442"
},
{
"name": "CVE-2022-41979",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41979"
},
{
"name": "CVE-2022-41693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41693"
},
{
"name": "CVE-2022-25772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25772"
},
{
"name": "CVE-2022-27180",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27180"
},
{
"name": "CVE-2022-33963",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33963"
},
{
"name": "CVE-2023-24475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24475"
},
{
"name": "CVE-2022-41646",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41646"
},
{
"name": "CVE-2022-40207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40207"
},
{
"name": "CVE-2022-32577",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32577"
},
{
"name": "CVE-2022-40210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40210"
},
{
"name": "CVE-2022-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21804"
},
{
"name": "CVE-2022-44610",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44610"
},
{
"name": "CVE-2022-41621",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41621"
},
{
"name": "CVE-2022-41610",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41610"
},
{
"name": "CVE-2023-23580",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23580"
},
{
"name": "CVE-2022-41687",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41687"
},
{
"name": "CVE-2022-32576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32576"
},
{
"name": "CVE-2022-37327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37327"
},
{
"name": "CVE-2022-41998",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41998"
},
{
"name": "CVE-2022-41808",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41808"
},
{
"name": "CVE-2022-32582",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32582"
}
],
"initial_release_date": "2023-05-10T00:00:00",
"last_revision_date": "2023-05-10T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0371",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-05-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00809 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00809.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00816 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00816.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00886 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00886.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00797 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00797.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00819 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00798 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00798.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00796 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00796.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00853 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00853.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00825 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00825.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00771 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00771.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00807 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00807.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00805 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00855 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00855.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00847 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00847.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00802 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00802.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00692 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00692.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00854 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00854.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00799 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00799.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00785 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00785.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00784 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00784.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00834 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00834.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00792 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00792.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00824 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00824.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00782 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00782.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00778 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00778.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00839 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00839.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00806 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00806.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00772 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00772.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00780 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00780.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00779 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00779.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00788 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00788.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00808 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00808.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00777 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00832 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00832.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00723 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00723.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00827 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00827.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00815 du 09 mai 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00815.html"
}
]
}
FKIE_CVE-2022-28699
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 06:57
Severity ?
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | nuc8cchb_firmware | - | |
| intel | nuc8cchb | - | |
| intel | nuc8cchbn_firmware | - | |
| intel | nuc8cchbn | - | |
| intel | nuc8cchkrn_firmware | - | |
| intel | nuc8cchkrn | - | |
| intel | nuc8cchkr_firmware | - | |
| intel | nuc8cchkr | - | |
| intel | nuc8i7hnkqc_firmware | - | |
| intel | nuc8i7hnkqc | - | |
| intel | nuc8i7hvkva_firmware | - | |
| intel | nuc8i7hvkva | - | |
| intel | nuc8i7hvkvaw_firmware | - | |
| intel | nuc8i7hvkvaw | - | |
| intel | nuc8i7hvk_firmware | - | |
| intel | nuc8i7hvk | - | |
| intel | nuc8i7hnk_firmware | - | |
| intel | nuc8i7hnk | - | |
| intel | stk2mv64cc_firmware | - | |
| intel | stk2mv64cc | - | |
| intel | nuc7cjysamn_firmware | - | |
| intel | nuc7cjysamn | - | |
| intel | nuc7cjysal_firmware | - | |
| intel | nuc7cjysal | - | |
| intel | nuc7cjyhn_firmware | - | |
| intel | nuc7cjyhn | - | |
| intel | nuc7pjyhn_firmware | - | |
| intel | nuc7pjyhn | - | |
| intel | nuc7pjyh_firmware | - | |
| intel | nuc7pjyh | - | |
| intel | nuc7cjyh_firmware | - | |
| intel | nuc7cjyh | - | |
| intel | nuc8i3cysn_firmware | - | |
| intel | nuc8i3cysn | - | |
| intel | nuc8i7inh_firmware | - | |
| intel | nuc8i7inh | - | |
| intel | nuc8i5inh_firmware | - | |
| intel | nuc8i5inh | - | |
| intel | nuc8i7inh_firmware | - | |
| intel | nuc8i7inh | - | |
| intel | nuc8i5inh_firmware | - | |
| intel | nuc8i5inh | - | |
| intel | nuc7cjysamn_firmware | - | |
| intel | nuc7cjysamn | - | |
| intel | nuc7cjysal_firmware | - | |
| intel | nuc7cjysal | - | |
| intel | nuc7cjyhn_firmware | - | |
| intel | nuc7cjyhn | - | |
| intel | nuc7pjyhn_firmware | - | |
| intel | nuc7pjyhn | - | |
| intel | nuc7pjyh_firmware | - | |
| intel | nuc7pjyh | - | |
| intel | nuc7cjyh_firmware | - | |
| intel | nuc7cjyh | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8cchb_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F92166-04EA-490D-984D-F26AFBBAC7A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8cchb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD537400-953F-495C-B041-495884AC38C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8cchbn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E334171-B7BE-4F9A-89FC-116A3795DDB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8cchbn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B79A51E-4EBB-4195-BC08-8D7ACF5FC1AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8cchkrn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9F00DA-9890-4D56-9863-2A5D9A43C2AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8cchkrn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B686CB-E81E-49FB-810B-9931D24ADC3E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8cchkr_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D99588F-8B42-4C02-B7EC-D2C93DDDBA07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8cchkr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE6C67B-D982-47B5-9F63-649EC4D50BD0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i7hnkqc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2F17412-F144-4612-841B-3FDF98F9A067",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i7hnkqc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00149C0A-A05B-40D3-8DFD-0867B2A71436",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i7hvkva_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6809B350-9EE2-49F8-B0B4-147B52187B3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i7hvkva:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81544988-95CC-4CCF-938C-27A3DA94C479",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i7hvkvaw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74757B2E-0633-4E7C-BF5E-F9655F5E387B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i7hvkvaw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53EC7FA-8BB8-4021-9B56-75B2CCD4F2E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i7hvk_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "052F6AAA-9020-4CC6-A0B0-DB9FA3D204DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i7hvk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA600CE0-C6A5-4844-B8A4-17CA897060BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i7hnk_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA05987-622B-4EB0-84B3-3C1361E67CD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i7hnk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57B1FC17-80E8-432B-8757-9522D6433800",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:stk2mv64cc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1355BA7-702D-499C-B147-1E4FC84153C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:stk2mv64cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9497CA1C-A3CA-4CC4-8192-69DF58630575",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7cjysamn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65610A9F-FF96-45B5-9E7C-E371C62B1572",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7cjysamn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7F3EBD-45B3-4F7C-9F5E-50418AAFB538",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7cjysal_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCFEEE42-9380-4D4B-ACC2-86A1C2060390",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7cjysal:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D7883EA-D255-4611-A14B-2122A5873747",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7cjyhn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0DCFC-B952-4703-82D4-0F8600FF6B15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7cjyhn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A71B8FF-405E-42DE-B57C-E8063F3B6D0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7pjyhn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE72942-A804-40D7-9929-26117870D2F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7pjyhn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68DD1BAD-7E7A-41D0-8559-00C9F36C55BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7pjyh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "956673CA-14A2-4B18-89DF-096576DFE44A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7pjyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "458E0FF7-D70D-4B28-875F-22E485E69339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7cjyh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "230D51C3-D9DC-42B8-93DA-7D961C9373A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7cjyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64DA446C-B6D3-44AA-A5DE-ADDB6D879010",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i3cysn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31D17035-DDF9-476D-86A3-92DA9F3D7A23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i3cysn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A0EF5E-FE9B-4CE7-93E3-A6D7EF7AFBB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i7inh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D20BBDE-2952-4C35-83D6-E21E60C7AAD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i7inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2100AC82-E3E1-495D-9252-AA69D04405A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i5inh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA760F2-8CA7-4731-80B1-C9530ACC90F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i5inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42F0F0B6-D0BE-4B8D-BF9E-B64DA3F96550",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i7inh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D20BBDE-2952-4C35-83D6-E21E60C7AAD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i7inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2100AC82-E3E1-495D-9252-AA69D04405A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i5inh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA760F2-8CA7-4731-80B1-C9530ACC90F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i5inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42F0F0B6-D0BE-4B8D-BF9E-B64DA3F96550",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7cjysamn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65610A9F-FF96-45B5-9E7C-E371C62B1572",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7cjysamn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7F3EBD-45B3-4F7C-9F5E-50418AAFB538",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7cjysal_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCFEEE42-9380-4D4B-ACC2-86A1C2060390",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7cjysal:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D7883EA-D255-4611-A14B-2122A5873747",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7cjyhn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0DCFC-B952-4703-82D4-0F8600FF6B15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7cjyhn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A71B8FF-405E-42DE-B57C-E8063F3B6D0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7pjyhn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE72942-A804-40D7-9929-26117870D2F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7pjyhn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68DD1BAD-7E7A-41D0-8559-00C9F36C55BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7pjyh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "956673CA-14A2-4B18-89DF-096576DFE44A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7pjyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "458E0FF7-D70D-4B28-875F-22E485E69339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7cjyh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "230D51C3-D9DC-42B8-93DA-7D961C9373A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7cjyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64DA446C-B6D3-44AA-A5DE-ADDB6D879010",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"id": "CVE-2022-28699",
"lastModified": "2024-11-21T06:57:45.670",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:11.267",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-MPR4-2F6V-JF3Q
Vulnerability from github – Published: 2023-05-10 15:30 – Updated: 2024-04-04 03:58
VLAI?
Details
Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2022-28699"
],
"database_specific": {
"cwe_ids": [
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-10T14:15:11Z",
"severity": "MODERATE"
},
"details": "Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.",
"id": "GHSA-mpr4-2f6v-jf3q",
"modified": "2024-04-04T03:58:53Z",
"published": "2023-05-10T15:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28699"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2022-28699
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-28699",
"id": "GSD-2022-28699"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-28699"
],
"details": "Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.",
"id": "GSD-2022-28699",
"modified": "2023-12-13T01:19:34.476182Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-28699",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) NUC BIOS firmware",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
},
{
"cweId": "CWE-20",
"lang": "eng",
"value": "Improper input validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc8cchb_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc8cchb:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc8cchbn_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc8cchbn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc8cchkrn_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc8cchkrn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc8cchkr_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc8cchkr:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc8i7hnkqc_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc8i7hnkqc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc8i7hvkva_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc8i7hvkva:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc8i7hvkvaw_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc8i7hvkvaw:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc8i7hvk_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc8i7hvk:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc8i7hnk_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc8i7hnk:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:stk2mv64cc_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:stk2mv64cc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc7cjysamn_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc7cjysamn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc7cjysal_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc7cjysal:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc7cjyhn_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc7cjyhn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc7pjyhn_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc7pjyhn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc7pjyh_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc7pjyh:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc7cjyh_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc7cjyh:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc8i3cysn_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc8i3cysn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc8i7inh_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc8i7inh:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc8i5inh_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc8i5inh:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc8i7inh_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc8i7inh:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc8i5inh_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc8i5inh:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc7cjysamn_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc7cjysamn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc7cjysal_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc7cjysal:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc7cjyhn_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc7cjyhn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc7pjyhn_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc7pjyhn:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc7pjyh_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc7pjyh:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:nuc7cjyh_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:nuc7cjyh:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-28699"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-06-01T17:28Z",
"publishedDate": "2023-05-10T14:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…