Improper Input Validation in Intel NUC 8 Compute Element BIOS Firmware
CVE-2023-42766

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel NUC 8 Compute Element BIOS firmware
Vendor: CVE Published:; 19 January 2024

What is CVE-2023-42766?

An improper input validation issue exists within the BIOS firmware of certain Intel NUC 8 Compute Element devices. This vulnerability may enable a privileged user to escalate their privileges through local access. As a result, security mechanisms intended to protect critical processes may be circumvented, posing a potential risk to system integrity. Users are advised to assess their systems for the latest firmware updates and apply necessary patches to mitigate any potential threats. For further information and specific mitigation steps, refer to the official advisory.

Affected Version(s)

Intel NUC 8 Compute Element BIOS firmware See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 19, 2024
Vulnerability Reserved
Sep 22, 2023