CVE-2023-28738

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Intel NUC BIOS firmware versions prior to JY0070

Description The issue is related to insufficient input validation, which may allow a privileged user to potentially enable escalation of privilege via local access.

Recommendations For versions prior to JY0070, update to version JY0070 or later to resolve the issue. As a temporary workaround, consider restricting local access to minimize the risk of exploitation.

Fix

Improper Encoding or Escaping of Output

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-116CWE-20

Related Identifiers

BDU:2024-00786

CVE-2023-28738

Affected Products

Intel Nuc Bios

CVE-2023-28738

Weakness Enumeration

Related Identifiers

Affected Products

References · 7