Nuc 11 Pro Kit Nuc11Tnkv50Z Firmware
CVE-2023-40540
MEDIUM
Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.
AnalysisAI
Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-1303. Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. Affected products include: Intel Nuc 11 Pro Kit Nuc11Tnkv50Z Firmware, Intel Nuc 11 Pro Kit Nuc11Tnhv70L Firmware, Intel Nuc 11 Pro Kit Nuc11Tnhv50L Firmware, Intel Nuc 11 Pro Board Nuc11Tnbv7 Firmware, Intel Nuc 11 Pro Kit Nuc11Tnkv5 Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Improper access control for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation
Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme Kit, Intel(R) NUC 11 Pe
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today