Improper Initialization Vulnerability in Intel NUCs Firmware
CVE-2023-27887

6.1MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Nucs
Vendor: CVE Published:; 11 August 2023

What is CVE-2023-27887?

A vulnerability has been identified in the BIOS firmware of certain Intel NUC models that arises from improper initialization. This flaw allows a privileged user with local access to potentially enable information disclosure, posing a security risk. Affected users should review Intel's advisory for more details and remedial steps.

Affected Version(s)

Intel(R) NUCs See references

References

http://www.intel.com/content/www/us/en/security-center/ad...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 11, 2023
Vulnerability Reserved
May 5, 2023