Race Condition in Intel NUC BIOS Firmware Leading to Privilege Escalation
CVE-2023-34349

4.6MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Nuc BiOS Firmware
Vendor: CVE Published:; 11 August 2023

Summary

A race condition vulnerability in various Intel NUC BIOS firmware versions could potentially be exploited by a privileged local user, allowing them to escalate their privileges within the system. This flaw exposes affected systems to significant risks, emphasizing the importance of regular firmware updates and security patches. Users and administrators should take immediate action to mitigate any potential exploits that could arise from this vulnerability.

Affected Version(s)

Intel(R) NUC BIOS firmware See references

References

http://www.intel.com/content/www/us/en/security-center/ad...

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Aug 11, 2023
Vulnerability Reserved
Jun 15, 2023