Improper Access Control in Intel NUC HDMI Firmware Update Tool
CVE-2021-33089

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Nuc Hdmi Firmware Update Tool For Nuc8i3be, Nuc8i5be, Nuc8i7be
Vendor: CVE Published:; 17 November 2021

What is CVE-2021-33089?

The Intel NUC HDMI Firmware Update Tool presents an improper access control vulnerability affecting specific NUC models. An authenticated user may exploit this vulnerability to escalate privileges through local access, potentially compromising system integrity. It is crucial for users of the affected NUC8i3BE, NUC8i5BE, and NUC8i7BE models to update to version 1.78.4.0.4 or later to safeguard against these risks.

Affected Version(s)

Intel(R) NUC HDMI Firmware Update Tool for NUC8i3BE, NUC8i5BE, NUC8i7BE before version 1.78.4.0.4

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 17, 2021
Vulnerability Reserved
May 18, 2021