Search criteria
3 vulnerabilities found for nuc8i5inh_firmware by intel
FKIE_CVE-2022-28699
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 06:57
Severity ?
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8cchb_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F92166-04EA-490D-984D-F26AFBBAC7A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8cchb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD537400-953F-495C-B041-495884AC38C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8cchbn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E334171-B7BE-4F9A-89FC-116A3795DDB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8cchbn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B79A51E-4EBB-4195-BC08-8D7ACF5FC1AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8cchkrn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9F00DA-9890-4D56-9863-2A5D9A43C2AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8cchkrn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B686CB-E81E-49FB-810B-9931D24ADC3E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8cchkr_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D99588F-8B42-4C02-B7EC-D2C93DDDBA07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8cchkr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE6C67B-D982-47B5-9F63-649EC4D50BD0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i7hnkqc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2F17412-F144-4612-841B-3FDF98F9A067",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i7hnkqc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00149C0A-A05B-40D3-8DFD-0867B2A71436",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i7hvkva_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6809B350-9EE2-49F8-B0B4-147B52187B3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i7hvkva:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81544988-95CC-4CCF-938C-27A3DA94C479",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i7hvkvaw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74757B2E-0633-4E7C-BF5E-F9655F5E387B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i7hvkvaw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53EC7FA-8BB8-4021-9B56-75B2CCD4F2E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i7hvk_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "052F6AAA-9020-4CC6-A0B0-DB9FA3D204DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i7hvk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA600CE0-C6A5-4844-B8A4-17CA897060BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i7hnk_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA05987-622B-4EB0-84B3-3C1361E67CD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i7hnk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57B1FC17-80E8-432B-8757-9522D6433800",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:stk2mv64cc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1355BA7-702D-499C-B147-1E4FC84153C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:stk2mv64cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9497CA1C-A3CA-4CC4-8192-69DF58630575",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7cjysamn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65610A9F-FF96-45B5-9E7C-E371C62B1572",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7cjysamn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7F3EBD-45B3-4F7C-9F5E-50418AAFB538",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7cjysal_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCFEEE42-9380-4D4B-ACC2-86A1C2060390",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7cjysal:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D7883EA-D255-4611-A14B-2122A5873747",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7cjyhn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0DCFC-B952-4703-82D4-0F8600FF6B15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7cjyhn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A71B8FF-405E-42DE-B57C-E8063F3B6D0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7pjyhn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE72942-A804-40D7-9929-26117870D2F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7pjyhn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68DD1BAD-7E7A-41D0-8559-00C9F36C55BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7pjyh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "956673CA-14A2-4B18-89DF-096576DFE44A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7pjyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "458E0FF7-D70D-4B28-875F-22E485E69339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7cjyh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "230D51C3-D9DC-42B8-93DA-7D961C9373A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7cjyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64DA446C-B6D3-44AA-A5DE-ADDB6D879010",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i3cysn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31D17035-DDF9-476D-86A3-92DA9F3D7A23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i3cysn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A0EF5E-FE9B-4CE7-93E3-A6D7EF7AFBB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i7inh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D20BBDE-2952-4C35-83D6-E21E60C7AAD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i7inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2100AC82-E3E1-495D-9252-AA69D04405A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i5inh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA760F2-8CA7-4731-80B1-C9530ACC90F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i5inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42F0F0B6-D0BE-4B8D-BF9E-B64DA3F96550",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i7inh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D20BBDE-2952-4C35-83D6-E21E60C7AAD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i7inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2100AC82-E3E1-495D-9252-AA69D04405A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc8i5inh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA760F2-8CA7-4731-80B1-C9530ACC90F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc8i5inh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42F0F0B6-D0BE-4B8D-BF9E-B64DA3F96550",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7cjysamn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65610A9F-FF96-45B5-9E7C-E371C62B1572",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7cjysamn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7F3EBD-45B3-4F7C-9F5E-50418AAFB538",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7cjysal_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCFEEE42-9380-4D4B-ACC2-86A1C2060390",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7cjysal:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D7883EA-D255-4611-A14B-2122A5873747",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7cjyhn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0DCFC-B952-4703-82D4-0F8600FF6B15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7cjyhn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A71B8FF-405E-42DE-B57C-E8063F3B6D0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7pjyhn_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE72942-A804-40D7-9929-26117870D2F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7pjyhn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68DD1BAD-7E7A-41D0-8559-00C9F36C55BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7pjyh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "956673CA-14A2-4B18-89DF-096576DFE44A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7pjyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "458E0FF7-D70D-4B28-875F-22E485E69339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:nuc7cjyh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "230D51C3-D9DC-42B8-93DA-7D961C9373A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:nuc7cjyh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64DA446C-B6D3-44AA-A5DE-ADDB6D879010",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"id": "CVE-2022-28699",
"lastModified": "2024-11-21T06:57:45.670",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:11.267",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-28699 (GCVE-0-2022-28699)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:16 – Updated: 2025-01-27 18:09
VLAI?
Summary
Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
7.5 (High)
CWE
- escalation of privilege
- CWE-20 - Improper input validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC BIOS firmware |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:52.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-28699",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:28:30.890717Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:09:29.351Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC BIOS firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:16:46.127Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-28699",
"datePublished": "2023-05-10T13:16:46.127Z",
"dateReserved": "2022-06-09T05:41:11.430Z",
"dateUpdated": "2025-01-27T18:09:29.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28699 (GCVE-0-2022-28699)
Vulnerability from nvd – Published: 2023-05-10 13:16 – Updated: 2025-01-27 18:09
VLAI?
Summary
Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
7.5 (High)
CWE
- escalation of privilege
- CWE-20 - Improper input validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC BIOS firmware |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:52.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-28699",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:28:30.890717Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:09:29.351Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC BIOS firmware",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:16:46.127Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-28699",
"datePublished": "2023-05-10T13:16:46.127Z",
"dateReserved": "2022-06-09T05:41:11.430Z",
"dateUpdated": "2025-01-27T18:09:29.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}