Brent Holtsclaw

**Name of the Vulnerable Software and Affected Versions** Intel(R) NUC 11 Pro Kits and Intel(R) NUC 11 Pro Boards versions prior to TNTGL357.0064 **Description** The issue is related to improper initialization in BIOS firmware, which may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to TNTGL357.0064, update the BIOS firmware to version TNTGL357.0064 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Intel(R) Security Library versions prior to 3.3 Description: The issue is related to the use of a cryptographically weak pseudo-random number generator (PRNG) in an API. This may allow an authenticated user to potentially enable information disclosure via network access. Recommendations: For versions prior to 3.3, update to version 3.3 or later to resolve the issue. As a temporary workaround, consider restricting network access to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Intel(R) Security Library versions prior to 3.3 Description: The issue is related to a missing release of resource after its effective lifetime in an API, which may allow a privileged user to potentially enable denial of service via network access. Recommendations: For versions prior to 3.3, update to version 3.3 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Intel(R) Security Library versions prior to 3.3 Description: The issue is related to key exchange without entity authentication, which may allow an authenticated user to potentially enable escalation of privilege via network access. Recommendations: For versions prior to 3.3, update to version 3.3 or later to resolve the issue. As a temporary workaround, consider restricting network access to minimize the risk of exploitation.