Improper Initialization in Intel NUC Laptop Kits Firmware
CVE-2022-27493

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Nuc Laptop Kits
Vendor: CVE Published:; 18 August 2022

Summary

The firmware of certain Intel NUC Laptop Kits prior to version BC0076 has a vulnerability that allows a privileged user with local access to potentially escalate privileges. This situation arises from improper initialization within the firmware code, creating opportunities for exploitation. It is crucial for users and administrators to stay vigilant and ensure firmware updates are applied promptly to mitigate potential risks associated with unauthorized privilege elevation.

Affected Version(s)

Intel(R) NUC Laptop Kits before version BC0076

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 18, 2022
Vulnerability Reserved
Apr 20, 2022