Nuc 7 Enthusiast Nuc7I7Bnkq Firmware
CVE-2023-22356
MEDIUM
Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
Improper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.
AnalysisAI
Improper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-665. Improper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. Affected products include: Intel Nuc 7 Enthusiast Nuc7I7Bnkq Firmware, Intel Nuc 7 Enthusiast Nuc7I7Bnhxg Firmware, Intel Nuc Kit Nuc7I7Dnhe Firmware, Intel Nuc Kit Nuc7I7Dnke Firmware, Intel Nuc Board Nuc7I7Dnbe Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Improper input validation in some Intel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware m
Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of
Same weakness CWE-665 – Improper Initialization
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today