Improper Initialization in Intel NUC 11 Pro Kits and Boards
CVE-2022-37334

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Nuc 11 Pro Kits And Intel(r) Nuc 11 Pro Boards
Vendor: CVE Published:; 11 November 2022

What is CVE-2022-37334?

The vulnerability involves improper initialization in the BIOS firmware used by various Intel NUC 11 Pro Kits and Boards, specifically versions before TNTGL357.0064. This flaw may permit an authenticated local user to potentially escalate their privileges, posing security risks to system integrity and user data. For further details, please refer to the advisory provided by Intel.

Affected Version(s)

Intel(R) NUC 11 Pro Kits and Intel(R) NUC 11 Pro Boards before version TNTGL357.0064

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2022
Vulnerability Reserved
Aug 4, 2022