CVE-2023-22356

high-risk
Published 2023-08-11

Improper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.

Do I need to act?

-
0.03% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.0/10 Medium
LOCAL / LOW complexity

Affected Products (20)

Nuc 7 Enthusiast Nuc7I7Bnkq Firmware
Nuc 7 Enthusiast Nuc7I7Bnhxg Firmware
Nuc Kit Nuc7I7Dnhe Firmware
Nuc Kit Nuc7I7Dnke Firmware
Nuc Board Nuc7I7Dnbe Firmware
Nuc Performance Kit And Mini Pc Nuc10I3Fnh Firmware
Nuc Performance Kit And Mini Pc Nuc10I3Fnhf Firmware
Nuc Performance Kit And Mini Pc Nuc10I3Fnhfa Firmware
Nuc Performance Kit And Mini Pc Nuc10I3Fnhja Firmware
Nuc Performance Kit And Mini Pc Nuc10I3Fnhn Firmware
Nuc Performance Kit And Mini Pc Nuc10I3Fnk Firmware
Nuc Performance Kit And Mini Pc Nuc10I3Fnkn Firmware
Nuc Performance Kit And Mini Pc Nuc10I5Fnh Firmware
Nuc Performance Kit And Mini Pc Nuc10I5Fnhca Firmware
Nuc Performance Kit And Mini Pc Nuc10I5Fnhf Firmware
Nuc Performance Kit And Mini Pc Nuc10I5Fnhja Firmware
Nuc Performance Kit And Mini Pc Nuc10I5Fnhj Firmware
Nuc Performance Kit And Mini Pc Nuc10I5Fnhn Firmware
Nuc Performance Kit And Mini Pc Nuc10I5Fnk Firmware
Nuc Performance Kit And Mini Pc Nuc10I5Fnkn Firmware

Affected Vendors

Intel

References (2)

Patch http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.h...
Patch http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.h...
53
/ 100
high-risk
Severity 20/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 33/34 · Critical