CVE-2022-21794
published 2022-11-11CVE-2022-21794: Improper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067…
medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
Improper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067 may allow a privileged user to potentially enable escalation of privilege via local access.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| intel | nuc_8_business_nuc8i7hnkqc_firmware | < hn0067 | hn0067 |
| intel | nuc_8_enthusiast_nuc8i7hvkva_firmware | < hn0067 | hn0067 |
| intel | nuc_8_enthusiast_nuc8i7hvkvaw_firmware | < hn0067 | hn0067 |
| intel | nuc_kit_nuc8i7hnk_firmware | < hn0067 | hn0067 |
| intel | nuc_kit_nuc8i7hvk_firmware | < hn0067 | hn0067 |