Improper Input Validation in Intel NUC Firmware
CVE-2022-34152

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Nuc Boards, Intel(r) Nuc Kits
Vendor: CVE Published:; 11 November 2022

What is CVE-2022-34152?

An improper input validation issue has been identified in the BIOS firmware used by certain Intel NUC Boards and Intel NUC Kits. This vulnerability can allow a privileged user with local access to potentially escalate their privileges. Affected products prior to version TY0070 are at risk. It is crucial for users to implement available mitigations and update their firmware to ensure system security.

Affected Version(s)

Intel(R) NUC Boards, Intel(R) NUC Kits before version TY0070

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2022
Vulnerability Reserved
Aug 4, 2022