Skip to main content

Nuc 11 Performance Kit Nuc11Pahi3 Firmware CVE-2023-22330

MEDIUM
Use of Uninitialized Resource (CWE-908)
2023-08-11 secure@intel.com
Information Disclosure Intel Nuc 11 Performance Kit Nuc11Pahi3 Firmware Nuc 11 Performance Kit Nuc11Pahi30Z Firmware Nuc 11 Performance Kit Nuc11Paki3 Firmware Nuc 11 Performance Kit Nuc11Pahi5 Firmware Nuc 11 Performance Kit Nuc11Pahi50Z Firmware Nuc 11 Performance Kit Nuc11Paki5 Firmware Nuc 11 Performance Kit Nuc11Paqi50Wa Firmware Nuc 11 Performance Kit Nuc11Pahi7 Firmware Nuc 11 Performance Kit Nuc11Pahi70Z Firmware Nuc 11 Performance Kit Nuc11Paki7 Firmware Nuc 11 Performance Kit Nuc11Paqi70Qa Firmware Nuc 11 Performance Mini Pc Nuc11Pahi3 Firmware Nuc 11 Performance Mini Pc Nuc11Pahi30Z Firmware Nuc 11 Performance Mini Pc Nuc11Paki3 Firmware Nuc 11 Performance Mini Pc Nuc11Pahi5 Firmware Nuc 11 Performance Mini Pc Nuc11Pahi50Z Firmware Nuc 11 Performance Mini Pc Nuc11Paki5 Firmware Nuc 11 Performance Mini Pc Nuc11Paqi50Wa Firmware Nuc 11 Performance Mini Pc Nuc11Pahi7 Firmware Nuc 11 Performance Mini Pc Nuc11Pahi70Z Firmware Nuc 11 Performance Mini Pc Nuc11Paki7 Firmware Nuc 11 Performance Mini Pc Nuc11Paqi70Qa Firmware Nuc 11 Compute Element Cm11Ebi38W Firmware Nuc 11 Compute Element Cm11Ebi58W Firmware Nuc 11 Compute Element Cm11Ebi716W Firmware Nuc 11 Compute Element Cm11Ebc4W Firmware Nuc Laptop Kit Lapbc510 Firmware Nuc Laptop Kit Lapbc710 Firmware Nuc Laptop Kit Lapkc51E Firmware Nuc Laptop Kit Lapkc71E Firmware Nuc Laptop Kit Lapkc71F Firmware Nuc Extreme Compute Element Nuc11Btmi7 Firmware Nuc Extreme Compute Element Nuc11Dbbi7 Firmware Nuc Extreme Compute Element Nuc11Btmi9 Firmware Nuc Extreme Compute Element Nuc11Dbbi9 Firmware Nuc Boards Nuc11Tnbi3 Firmware Nuc Boards Nuc11Tnbi30Z Firmware Nuc Boards Nuc11Tnhi3 Firmware Nuc Boards Nuc11Tnhi30L Firmware Nuc Boards Nuc11Tnhi30P Firmware Nuc Boards Nuc11Tnhi30Z Firmware Nuc Boards Nuc11Tnki3 Firmware Nuc Boards Nuc11Tnki30Z Firmware Nuc Boards Nuc11Tnbi5 Firmware Nuc Boards Nuc11Tnbi50Z Firmware Nuc Boards Nuc11Tnhi5 Firmware Nuc Boards Nuc11Tnhi50L Firmware Nuc Boards Nuc11Tnhi50W Firmware Nuc Boards Nuc11Tnhi50Z Firmware Nuc Boards Nuc11Tnki5 Firmware Nuc Boards Nuc11Tnki50Z Firmware Nuc Boards Nuc11Tnbi7 Firmware Nuc Boards Nuc11Tnbi70Z Firmware Nuc Boards Nuc11Tnhi7 Firmware Nuc Boards Nuc11Tnhi70L Firmware Nuc Boards Nuc11Tnhi70Q Firmware Nuc Boards Nuc11Tnhi70Z Firmware Nuc Boards Nuc11Tnki7 Firmware Nuc Boards Nuc11Tnki70Z Firmware Nuc Nuc11Phki7C Firmware Nuc Nuc11Phki7Caa Firmware Nuc Pro Kit Nuc11Tnkv50Z Firmware Nuc Pro Kit Nuc11Tnhv70L Firmware Nuc Pro Kit Nuc11Tnhv50L Firmware Nuc Pro Kit Nuc11Tnkv5 Firmware Nuc Pro Kit Nuc11Tnkv7 Firmware Nuc Pro Kit Nuc11Tnhv5 Firmware Nuc Pro Kit Nuc11Tnhv7 Firmware Nuc Pro Kit Nuc11Tnbv7 Firmware Nuc Pro Kit Nuc11Tnbv5 Firmware Nuc Pro Board Nuc11Tnkv50Z Firmware Nuc Pro Board Nuc11Tnhv70L Firmware Nuc Pro Board Nuc11Tnhv50L Firmware Nuc Pro Board Nuc11Tnkv5 Firmware Nuc Pro Board Nuc11Tnkv7 Firmware Nuc Pro Board Nuc11Tnhv5 Firmware Nuc Pro Board Nuc11Tnhv7 Firmware Nuc Pro Board Nuc11Tnbv7 Firmware Nuc Pro Board Nuc11Tnbv5 Firmware Nuc Pro Mini Pc Nuc11Tnkv50Z Firmware Nuc Pro Mini Pc Nuc11Tnhv70L Firmware Nuc Pro Mini Pc Nuc11Tnhv50L Firmware Nuc Pro Mini Pc Nuc11Tnkv5 Firmware Nuc Pro Mini Pc Nuc11Tnkv7 Firmware Nuc Pro Mini Pc Nuc11Tnhv5 Firmware Nuc Pro Mini Pc Nuc11Tnhv7 Firmware Nuc Pro Mini Pc Nuc11Tnbv7 Firmware Nuc Pro Mini Pc Nuc11Tnbv5 Firmware
4.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.4 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Aug 11, 2023 - 03:15 nvd
MEDIUM 4.4

DescriptionNVD

Use of uninitialized resource in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.

AnalysisAI

Use of uninitialized resource in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified as Use of Uninitialized Resource (CWE-908), which allows attackers to access uninitialized memory causing crashes or information disclosure. Use of uninitialized resource in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. Affected products include: Intel Nuc 11 Performance Kit Nuc11Pahi3 Firmware, Intel Nuc 11 Performance Kit Nuc11Pahi30Z Firmware, Intel Nuc 11 Performance Kit Nuc11Paki3 Firmware, Intel Nuc 11 Performance Kit Nuc11Pahi5 Firmware, Intel Nuc 11 Performance Kit Nuc11Pahi50Z Firmware.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Initialize all variables, use compiler warnings for uninitialized access, use memory-safe languages.

CVE-2023-22312 HIGH
7.8 May 10

Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation

CVE-2023-22449 MEDIUM
6.7 Aug 11

Improper input validation in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalatio

CVE-2022-33176 MEDIUM
6.7 Nov 11

Improper input validation in BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Min

CVE-2021-0067 MEDIUM
6.7 Jun 09

 Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enabl

CVE-2021-0054 MEDIUM
6.7 Jun 09

Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable

CVE-2023-34349 MEDIUM
6.4 Aug 11

Race condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privil

CVE-2021-33086 MEDIUM
5.5 Nov 17

Out-of-bounds write in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable denial of s

CVE-2023-40540 MEDIUM
4.4 Nov 14

Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user t

CVE-2023-29500 MEDIUM
4.4 Aug 11

Exposure of sensitive information to an unauthorized actor in BIOS firmware for some Intel(R) NUCs may allow a privilege

CVE-2023-22444 MEDIUM
4.4 Aug 11

Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Pe

CVE-2023-22356 MEDIUM
4.4 Aug 11

Improper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information

Share

CVE-2023-22330 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy