PT-2024-1334 · Intel · Intel Nuc Bios

Another1024

Published

2024-01-09

Updated

2024-01-30

CVE-2023-28722

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Intel NUC BIOS firmware versions prior to IN0048

Description The issue is related to improper buffer restrictions in the Intel NUC BIOS firmware, which may allow a privileged user to potentially enable escalation of privilege via local access. This could be exploited by a user with local access to the system.

Recommendations For Intel NUC BIOS firmware versions prior to IN0048, update to version IN0048 or later to resolve the issue. As a temporary workaround, consider restricting local access to the system to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-92CWE-75

Related Identifiers

BDU:2024-00788

CVE-2023-28722

Affected Products

Intel Nuc Bios

PT-2024-1334 · Intel · Intel Nuc Bios

CVE-2023-28722

Weakness Enumeration

Related Identifiers

Affected Products

References · 6