CVE-2022-32582

CWE-284 — Improper Access Control3 documents3 sources

Severity

4.4MEDIUM

EPSS

0.1%

top 83.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel NUC 11 Performance KIT Nuc11pahi30z Firmware Intel NUC 11 Performance KIT Nuc11pahi3 Firmware Intel NUC 11 Performance KIT Nuc11pahi50z Firmware +36 more

Timeline

PublishedMay 10

Description

Improper access control in firmware for some Intel(R) NUC Boards, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Pro Compute Element may allow a privileged user to potentially enable denial of service via local access.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:HExploitability: 0.8 | Impact: 4.0

Affected Packages39 packages

▶NVDintel/nuc_11_performance_mini_pc_nuc11paqi50wa_firmware< patgl357.0050

▶NVDintel/nuc_11_performance_mini_pc_nuc11paqi70qa_firmware< patgl357.0050

▶NVDintel/nuc_11_performance_kit_nuc11pahi3_firmware< patgl357.0050

▶NVDintel/nuc_11_performance_kit_nuc11pahi5_firmware< patgl357.0050

▶NVDintel/nuc_11_performance_kit_nuc11pahi7_firmware< patgl357.0050

Patches

Patch: www.intel.com ↗Patch: www.intel.com ↗

🔴Vulnerability Details

GHSA

GHSA-p76v-vqrf-mq5q: Improper access control in firmware for some Intel(R) NUC Boards, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC P↗2023-05-10

▶

CVEList

CVE-2022-32582: Improper access control in firmware for some Intel(R) NUC Boards, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC P↗2023-05-10

▶