PT-2022-15135 · Intel · Intel Nuc Enthusiast+3
Yngweijw
·
Published
2022-11-11
·
Updated
2022-11-17
·
CVE-2022-21794
CVSS v3.1
7.7
High
| Vector | AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits versions before HN0067
Description
The issue is related to improper authentication in BIOS firmware, which may allow a privileged user to potentially enable escalation of privilege via local access.
Recommendations
For versions before HN0067, update to version HN0067 or later to resolve the issue.
As a temporary workaround, consider restricting local access to minimize the risk of exploitation.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel Nuc Boards
Intel Nuc Business
Intel Nuc Enthusiast
Intel Nuc Kit