Information Disclosure Vulnerability in Intel NUC BIOS Firmware
CVE-2023-22330

6MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Nuc BiOS Firmware
Vendor: CVE Published:; 11 August 2023

What is CVE-2023-22330?

A security issue has been identified in the Intel NUC BIOS firmware, wherein the use of uninitialized resources may permit a privileged user to access sensitive information through local means. This vulnerability emphasizes the importance of ensuring that access controls are adequately implemented to prevent unauthorized information exposure. Users of affected Intel NUC devices should review the security advisory for mitigation steps.

Affected Version(s)

Intel(R) NUC BIOS firmware See references

References

http://www.intel.com/content/www/us/en/security-center/ad...

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 11, 2023
Vulnerability Reserved
Feb 17, 2023