Improper Authentication Vulnerability in Intel NUC Kit NUC11PH USB Firmware Installation Software
CVE-2023-28377

6.7MEDIUM

Key Information:

Vendor
Intel
Vendor
CVE Published:
14 November 2023

Summary

An improper authentication vulnerability in the Intel NUC Kit NUC11PH USB firmware installation software prior to version 1.1 for Windows could allow an authenticated user to potentially escalate privileges through local access. This issue poses a significant risk as it may grant unauthorized access to sensitive system functions. Users of the affected software are advised to update to the latest version to mitigate this risk. For more details, refer to the official Intel security advisory.

Affected Version(s)

Intel(R) NUC Kit NUC11PH USB firmware installation software before version 1.1 for Windows

References

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.