Nuc Kit Nuc8I7Hnk Firmware
CVE-2022-21794
MEDIUM
Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Improper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067 may allow a privileged user to potentially enable escalation of privilege via local access.
AnalysisAI
Improper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067 may allow a privileged user to. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. Improper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067 may allow a privileged user to potentially enable escalation of privilege via local access. Affected products include: Intel Nuc Kit Nuc8I7Hnk Firmware, Intel Nuc Kit Nuc8I7Hvk Firmware, Intel Nuc 8 Enthusiast Nuc8I7Hvkva Firmware, Intel Nuc 8 Enthusiast Nuc8I7Hvkvaw Firmware, Intel Nuc 8 Business Nuc8I7Hnkqc Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.
More in Nuc Kit Nuc8I7Hnk Firmware
View allImproper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalati
Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enabl
Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable
Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of p
Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of
Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of s
Improper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information
Same weakness CWE-287 – Improper Authentication
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today