Improper Buffer Restrictions in Intel NUC BIOS Firmware
CVE-2023-28722

6.7MEDIUM

Key Information:

Vendor
Intel
Vendor
CVE Published:
19 January 2024

Summary

An improper implementation of buffer restrictions in certain Intel NUC BIOS firmware versions prior to IN0048 creates a potential avenue for escalation of privileges. This vulnerability may allow a privileged user with local access to manipulate the system in unintended ways, impacting overall security. Users are advised to update their BIOS firmware to the latest version to mitigate risks associated with this vulnerability. More details can be found on the Intel advisory page.

Affected Version(s)

Intel NUC BIOS firmware before version IN0048

References

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.