Alexander Ermolov

**Nome do software vulnerável e versões afetadas: Intel NUC (versões afetadas não especificadas) Descrição: O problema está relacionado à validação inadequada de entradas no firmware, o que pode permitir que um usuário com privilégios consiga, potencialmente, escalar privilégios por meio de acesso local. Isso poderia ser explorado por um invasor para obter privilégios elevados. Recomendações: No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Nome do software vulnerável e versões afetadas** Versões do Intel NUC (versões afetadas não especificadas) **Descrição** O problema está relacionado a restrições inadequadas de buffer no firmware do Intel NUC, o que pode permitir que um usuário autenticado potencialmente habilite a escalada de privilégios por meio de acesso local. Isso se deve a erros de estouro de buffer. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Intel NUC versions (affected versions not specified) Intel NUC Kit versions (affected versions not specified) Intel Compute Stick versions (affected versions not specified) Intel Compute Card versions (affected versions not specified) **Description** The issue is related to improper access control in the firmware of Intel products, which may allow an authenticated user to potentially enable escalation of privilege via local access. This is due to deficiencies in access control. Exploitation of the issue could allow an attacker to elevate their privileges. **Recommendations** For Intel NUC, consider restricting local access until a fix is available. For Intel NUC Kit, restrict local access to minimize the risk of exploitation. For Intel Compute Stick, avoid providing local access to unauthorized users until the issue is resolved. For Intel Compute Card, limit local access to reduce the risk of privilege escalation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intel NUC (affected versions not specified) Intel NUC Kit (affected versions not specified) Intel Compute Stick (affected versions not specified) Intel Compute Card (affected versions not specified) **Description** The issue is related to improper input validation in the firmware of Intel products, which may allow a privileged user to potentially enable escalation of privilege via local access. This is due to insufficient input validation, which can be exploited by an attacker to elevate their privileges. **Recommendations** For Intel NUC, consider restricting local access until a fix is available. For Intel NUC Kit, avoid using the device with privileged accounts until the issue is resolved. For Intel Compute Stick, restrict access to sensitive areas of the system to minimize the risk of exploitation. For Intel Compute Card, as a temporary workaround, consider disabling any functionality that relies on privileged access until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intel NUC versions (affected versions not specified) Intel NUC Kit versions (affected versions not specified) Intel Compute Stick versions (affected versions not specified) Intel Compute Card versions (affected versions not specified) **Description** The issue is related to improper buffer restrictions in the firmware of Intel products, which may allow an authenticated user to potentially enable escalation of privilege via local access. This is due to a buffer overflow operation in memory. Exploitation of the issue could allow an attacker to elevate their privileges. **Recommendations** For Intel NUC, consider applying a firmware update to resolve the issue, once available. For Intel NUC Kit, restrict local access to minimize the risk of exploitation until a fix is available. For Intel Compute Stick, avoid using the device for sensitive operations until the issue is resolved. For Intel Compute Card, limit privileges of authenticated users to reduce the impact of potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intel(R) NUC (affected versions not specified) **Description** The issue is related to memory corruption in system firmware, potentially allowing a privileged user to enable escalation of privilege, denial of service, and/or information disclosure via local access. It is also described as a buffer overflow vulnerability in the embedded software of Intel NUC Kit, which may allow an attacker to elevate privileges, cause a denial of service, or gain unauthorized access to protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intel(R) NUC (affected versions not specified) **Description** The issue is related to pointer corruption in system firmware, which may allow a privileged user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access. It is also described as a buffer overflow vulnerability in the embedded software of Intel NUC Kit, where exploitation can lead to privilege escalation, denial of service, or unauthorized access to protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intel NUC Kit (affected versions not specified) **Description** The issue is related to insufficient input validation in the system firmware, which may allow a privileged user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access. This could permit an attacker to gain access to protected information, cause a denial of service, or elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intel NUC Kit (affected versions not specified) **Description** The issue is caused by an out of bounds read in the system firmware memory. This could allow an attacker to gain access to protected information, cause a denial of service, or escalate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.