CVE-2022-33176 — Improper Input Validation in Intel NUC 11 Performance KIT Nuc11pahi30z Firmware
Severity
6.7MEDIUMNVD
CNA8.2
EPSS
0.1%
top 81.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 11
Description
Improper input validation in BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9
Affected Packages11 packages
Patches
🔴Vulnerability Details
2CVEList▶
CVE-2022-33176: Improper input validation in BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs before version PATGL357↗2022-11-11
GHSA▶
GHSA-v297-j92m-gqm4: Improper input validation in BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs before version PATGL357↗2022-11-11