Skip to main content

Nuc 8 Compute Element Cm8I3Cb4N Firmware CVE-2023-25771

MEDIUM
Improper Access Control (CWE-284)
2023-05-10 secure@intel.com
Denial Of Service Intel Authentication Bypass Nuc 8 Compute Element Cm8I3Cb4N Firmware Nuc 8 Compute Element Cm8I5Cb8N Firmware Nuc 8 Compute Element Cm8I7Cb8N Firmware Nuc 8 Compute Element Cm8Ccb4R Firmware Nuc 8 Compute Element Cm8Pcb4R Firmware Nuc 8 Pro Kit Nuc8I3Pnk Firmware Nuc 8 Pro Board Nuc8I3Pnb Firmware Nuc 8 Pro Kit Nuc8I3Pnh Firmware Nuc 9 Pro Compute Element Nuc9V7Qnb Firmware Nuc 9 Pro Compute Element Nuc9V7Qnx Firmware Nuc 9 Pro Compute Element Nuc9Vxqnb Firmware Nuc 9 Pro Compute Element Nuc9Vxqnx Firmware Nuc 8 Home Nuc8I5Behfa Firmware Nuc 8 Home Nuc8I3Behfa Firmware Nuc 8 Enthusiast Nuc8I7Behga Firmware Nuc 8 Home Nuc8I5Bekpa Firmware Nuc 8 Enthusiast Nuc8I7Bekqa Firmware Nuc Kit Nuc8I7Beh Firmware Nuc Kit Nuc8I5Bek Firmware Nuc Kit Nuc8I5Beh Firmware Nuc Kit Nuc8I3Bek Firmware Nuc Kit Nuc8I3Beh Firmware Nuc Kit Nuc8I7Bek Firmware Nuc Kit Nuc8I5Behs Firmware Nuc Kit Nuc8I3Behs Firmware Nuc 8 Business Nuc8I7Hnkqc Firmware Nuc 8 Enthusiast Nuc8I7Hvkva Firmware Nuc 8 Enthusiast Nuc8I7Hvkvaw Firmware Nuc Kit Nuc8I7Hvk Firmware Nuc Kit Nuc8I7Hnk Firmware Compute Stick Stk2Mv64Cc Firmware Nuc 7 Essential Nuc7Cjysamn Firmware Nuc Kit Nuc7Cjyhn Firmware Nuc Kit Nuc7Pjyhn Firmware Nuc Kit Nuc7Pjyh Firmware Nuc 7 Essential Nuc7Cjysal Firmware Nuc Kit Nuc7Cjyh Firmware Nuc 7 Home Nuc7I5Bnhxf Firmware Nuc Kit Nuc7I5Bnhx1 Firmware Nuc Kit Nuc7I5Bnh Firmware Nuc Kit Nuc7I3Bnk Firmware Nuc 7 Enthusiast Nuc7I7Bnhxg Firmware Nuc Kit Nuc7I3Bnhx1 Firmware Nuc 7 Enthusiast Nuc7I7Bnkq Firmware Nuc 7 Home Nuc7I3Bnhxf Firmware Nuc 7 Home Nuc7I5Bnkp Firmware Nuc Kit Nuc7I5Bnk Firmware Nuc Kit Nuc7I7Bnh Firmware Nuc Kit Nuc7I3Bnh Firmware Nuc Kit Nuc7I7Bnhx1 Firmware Nuc Board Nuc7I3Bnb Firmware Nuc Board Nuc7I7Bnb Firmware Nuc Board Nuc7I5Bnb Firmware Nuc 8 Home Nuc8I3Cysn Firmware Nuc 8 Home Nuc8I3Cysm Firmware Nuc 8 Mainstream G Kit Nuc8I7Inh Firmware Nuc 8 Mainstream G Mini Pc Nuc8I7Inh Firmware Nuc 8 Mainstream G Kit Nuc8I5Inh Firmware Nuc 8 Mainstream G Mini Pc Nuc8I5Inh Firmware
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
May 10, 2023 - 14:15 nvd
MEDIUM 5.5

DescriptionNVD

Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access.

AnalysisAI

Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-284. Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access. Affected products include: Intel Nuc 8 Compute Element Cm8I3Cb4N Firmware, Intel Nuc 8 Compute Element Cm8I5Cb8N Firmware, Intel Nuc 8 Compute Element Cm8I7Cb8N Firmware, Intel Nuc 8 Compute Element Cm8Ccb4R Firmware, Intel Nuc 8 Compute Element Cm8Pcb4R Firmware.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2023-25771 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy