CVE-2023-40220

CWE-923 documents3 sources
Severity
4.4MEDIUM
EPSS
0.1%
top 81.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Intel Nuc6cayh FirmwareIntel Nuc6cays Firmware
Timeline
PublishedNov 14

Description

Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:NExploitability: 0.8 | Impact: 4.0

Affected Packages3 packages

CVEListV5intel(r)_nuc_bios_firmwareSee references
NVDintel/nuc6cayh_firmware< ayaplcel.86a.0076
NVDintel/nuc6cays_firmware< ayaplcel.86a.0076

🔴Vulnerability Details

2
CVEList
CVE-2023-40220: Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local acc2023-11-14
GHSA
GHSA-xmm7-2j6p-p24v: Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local acc2023-11-14
CVE-2023-40220 (MEDIUM CVSS 4.4) | Improper buffer restrictions in som | cvebase.io