CVE-2022-32569 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Intel NUC M15 Laptop KIT Lapbc510 Firmware

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources

Severity

6.7MEDIUMNVD

CNA7.5

EPSS

0.1%

top 81.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel NUC M15 Laptop KIT Lapbc510 Firmware Intel NUC M15 Laptop KIT Lapbc710 Firmware

Timeline

PublishedNov 11

Description

Improper buffer restrictions in BIOS firmware for some Intel(R) NUC M15 Laptop Kits before version BCTGL357.0074 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

▶NVDintel/nuc_m15_laptop_kit_lapbc510_firmware< bctgl357.0074

▶NVDintel/nuc_m15_laptop_kit_lapbc710_firmware< bctgl357.0074

Patches

Patch: www.intel.com ↗Patch: www.intel.com ↗

🔴Vulnerability Details

GHSA

GHSA-7c4j-vv4w-4fhv: Improper buffer restrictions in BIOS firmware for some Intel(R) NUC M15 Laptop Kits before version BCTGL357↗2022-11-11

▶

CVEList

CVE-2022-32569: Improper buffer restrictions in BIOS firmware for some Intel(R) NUC M15 Laptop Kits before version BCTGL357↗2022-11-11

▶