CVE-2021-33164

3 documents3 sources

Severity

6.7MEDIUM

EPSS

0.1%

top 72.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel NUC 8 Mainstream-g KIT Nuc8i5inh Firmware Intel NUC 8 Mainstream-g KIT Nuc8i7inh Firmware Intel NUC 8 Mainstream-g Mini PC Nuc8i5inh Firmware +1 more

Timeline

PublishedNov 11

Description

Improper access control in BIOS firmware for some Intel(R) NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 1.5 | Impact: 6.0

Affected Packages5 packages

▶NVDintel/nuc_8_mainstream-g_kit_nuc8i5inh_firmware< inwhl357.0046

▶NVDintel/nuc_8_mainstream-g_kit_nuc8i7inh_firmware< inwhl357.0046

▶NVDintel/nuc_8_mainstream-g_mini_pc_nuc8i5inh_firmware< inwhl357.0046

▶NVDintel/nuc_8_mainstream-g_mini_pc_nuc8i7inh_firmware< inwhl357.0046

▶CVEListV5intel(r)_nucsbefore version INWHL357.0046

Patches

Patch: www.intel.com ↗Patch: www.intel.com ↗

🔴Vulnerability Details

GHSA

GHSA-6pv7-xxv2-qw55: Improper access control in BIOS firmware for some Intel(R) NUCs before version INWHL357↗2022-11-11

▶

CVEList

CVE-2021-33164: Improper access control in BIOS firmware for some Intel(R) NUCs before version INWHL357↗2022-11-11

▶