Skip to main content

Lapbc510 Firmware CVE-2022-27493

HIGH
Improper Initialization (CWE-665)
2022-08-18 secure@intel.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Aug 18, 2022 - 21:15 nvd
HIGH 7.8

DescriptionNVD

Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable an escalation of privilege via local access.

AnalysisAI

Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable an escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-665. Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable an escalation of privilege via local access. Affected products include: Intel Lapbc510 Firmware, Intel Lapbc710 Firmware.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2022-34488 HIGH
7.8 Aug 18

Improper buffer restrictions in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privile

CVE-2022-33209 HIGH
7.8 Aug 18

Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged

CVE-2022-28858 HIGH
7.8 Aug 18

Improper buffer restriction in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileg

CVE-2021-0058 HIGH
7.8 Jun 09

Incorrect default permissions in the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may all

CVE-2021-0057 HIGH
7.8 Jun 09

Uncontrolled search path in the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an

CVE-2021-0056 HIGH
7.8 Jun 09

Insecure inherited permissions for the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may a

CVE-2022-32579 HIGH
7.2 Aug 18

Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged u

CVE-2022-24382 MEDIUM
6.7 May 12

Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalatio

CVE-2022-24297 MEDIUM
6.7 May 12

Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escala

CVE-2022-21237 MEDIUM
6.7 May 12

Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation o

CVE-2022-34345 MEDIUM
6.2 Aug 18

Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged

Share

CVE-2022-27493 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy