Skip to main content

Lapbc510 Firmware CVE-2022-34488

HIGH
Buffer Overflow (CWE-119)
2022-08-18 secure@intel.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Aug 18, 2022 - 21:15 nvd
HIGH 7.8

DescriptionNVD

Improper buffer restrictions in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access.

AnalysisAI

Improper buffer restrictions in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Improper buffer restrictions in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access. Affected products include: Intel Lapbc510 Firmware, Intel Lapbc710 Firmware.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2022-33209 HIGH
7.8 Aug 18

Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged

CVE-2022-28858 HIGH
7.8 Aug 18

Improper buffer restriction in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileg

CVE-2022-27493 HIGH
7.8 Aug 18

Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged u

CVE-2021-0058 HIGH
7.8 Jun 09

Incorrect default permissions in the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may all

CVE-2021-0057 HIGH
7.8 Jun 09

Uncontrolled search path in the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an

CVE-2021-0056 HIGH
7.8 Jun 09

Insecure inherited permissions for the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may a

CVE-2022-32579 HIGH
7.2 Aug 18

Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged u

CVE-2022-24382 MEDIUM
6.7 May 12

Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalatio

CVE-2022-24297 MEDIUM
6.7 May 12

Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escala

CVE-2022-21237 MEDIUM
6.7 May 12

Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation o

CVE-2022-34345 MEDIUM
6.2 Aug 18

Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged

Share

CVE-2022-34488 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy