CVE-2022-37327Improper Input Validation in Intel Cm11ebc4w Firmware

CWE-20Improper Input Validation3 documents3 sources
Severity
5.5MEDIUMNVD
CNA6.1
EPSS
0.1%
top 82.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
116
Intel Cm11ebc4w FirmwareIntel Cm11ebi38w FirmwareIntel Cm11ebi58w Firmware+113 more
Timeline
PublishedMay 10

Description

Improper input validation in BIOS firmware for Intel(R) NUC, Intel(R) NUC Performance Kit, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute Element, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element, Intel(R) NUC Extreme, Intel(R) NUC 12 Extreme Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Enthusiast, Intel(R) NUC Essential, Intel(R) NUC Laptop Kit, Intel(R) NUC Extreme Compute Element, Intel(R) NUC Boards, Intel(R) N

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages116 packages

NVDintel/cm8ccb4r_firmware< cbwhl357.0101
NVDintel/cm8pcb4r_firmware< cbwhl357.0101
NVDintel/elm12hbc_firmware< hbadl357.0052
NVDintel/lapac71g_firmware< acadl357.0059
NVDintel/lapac71h_firmware< acadl357.0059

🔴Vulnerability Details

2
CVEList
CVE-2022-37327: Improper input validation in BIOS firmware for Intel(R) NUC, Intel(R) NUC Performance Kit, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute El2023-05-10
GHSA
GHSA-j2pq-p3rg-f9qc: Improper input validation in BIOS firmware for Intel(R) NUC, Intel(R) NUC Performance Kit, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute El2023-05-10
CVE-2022-37327 — Improper Input Validation in Intel | cvebase