CVE-2022-36372 - OpenCVE

Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Intel	Nuc 8 Compute Element Cm8ccb4r Firmware Nuc Pro Kit Nuc8i3pnb Nuc Pro Kit Nuc8i3pnk Firmware Nuc Rugged Kit Nuc8cchbn Nuc 8 Compute Element Cm8i5cb8n Nuc Pro Board Nuc8i3pnh Nuc Pro Compute Element Nuc9v7qnx Firmware Nuc Pro Compute Element Nuc9v7qnx Nuc Pro Compute Element Nuc9vxqnb Nuc Enthusiast Nuc8i7hvkvaw Firmware Nuc Kit Nuc8i7hnk Firmware Nuc Kit Nuc8i7hvkvaw Nuc Pro Kit Nuc8i3pnh Nuc Pro Board Nuc8i3pnb Firmware Nuc Business Nuc8i7hvk Firmware Nuc Pro Board Nuc8i3pnk Firmware Nuc Pro Board Nuc8i3pnb Nuc 8 Compute Element Cm8i5cb8n Firmware Nuc Kit Nuc8i7hvk Firmware Nuc Enthusiast Nuc8i7hvkva Firmware Nuc Enthusiast Nuc8i7hvk Nuc Rugged Kit Nuc8cchkr Firmware Nuc Rugged Kit Nuc8cchb Nuc Kit Nuc8i7hvkva Firmware Nuc Pro Compute Element Nuc9vxqnx Nuc Pro Board Nuc8i3pnh Firmware Nuc Pro Compute Element Nuc9vxqnx Firmware Nuc Enthusiast Nuc8i7hnkqc Firmware Nuc Business Nuc8i7hvkvaw Firmware Nuc Enthusiast Nuc8i7hnk Nuc Kit Nuc8i7hvkvaw Firmware Nuc Kit Nuc8i7hnk Nuc Kit Nuc8i7hnkqc Nuc Pro Compute Element Nuc9v7qnb Nuc Business Nuc8i7hvkva Firmware Nuc Enthusiast Nuc8i7hnk Firmware Nuc Pro Compute Element Nuc9vxqnb Firmware Nuc Pro Kit Nuc8i3pnk Nuc Rugged Kit Nuc8cchb Firmware Nuc 8 Compute Element Cm8ccb4r Nuc 8 Compute Element Cm8i3cb4n Nuc Rugged Kit Nuc8cchbn Firmware Nuc Pro Board Nuc8i3pnk Nuc 8 Compute Element Cm8i7cb8n Firmware Nuc Enthusiast Nuc8i7hvkva Nuc Business Nuc8i7hvkva Nuc Business Nuc8i7hnkqc Firmware Nuc Business Nuc8i7hnk Nuc Kit Nuc8i7hvkva Nuc Pro Kit Nuc8i3pnh Firmware Nuc Pro Kit Nuc8i3pnb Firmware Nuc Business Nuc8i7hnkqc Nuc Kit Nuc8i7hvk Nuc Enthusiast Nuc8i7hvk Firmware Nuc Kit Nuc8i7hnkqc Firmware Nuc 8 Compute Element Cm8pcb4r Nuc Pro Compute Element Nuc9v7qnb Firmware Nuc Business Nuc8i7hvkvaw Nuc Business Nuc8i7hvk Nuc Rugged Kit Nuc8cchkr Nuc Business Nuc8i7hnk Firmware Nuc Rugged Kit Nuc8cchkrn Nuc 8 Compute Element Cm8i3cb4n Firmware Nuc Enthusiast Nuc8i7hnkqc Nuc Enthusiast Nuc8i7hvkvaw Nuc 8 Compute Element Cm8i7cb8n Nuc Rugged Kit Nuc8cchkrn Firmware Nuc 8 Compute Element Cm8pcb4r Firmware

Configuration 1 [-]

AND

cpe:2.3:o:intel:nuc_8_compute_element_cm8i3cb4n_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_8_compute_element_cm8i3cb4n:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:intel:nuc_8_compute_element_cm8i5cb8n_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_8_compute_element_cm8i5cb8n:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:intel:nuc_8_compute_element_cm8i7cb8n_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_8_compute_element_cm8i7cb8n:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:intel:nuc_8_compute_element_cm8ccb4r_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_8_compute_element_cm8ccb4r:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:intel:nuc_8_compute_element_cm8pcb4r_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_8_compute_element_cm8pcb4r:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:intel:nuc_pro_kit_nuc8i3pnb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_pro_kit_nuc8i3pnb:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:intel:nuc_pro_kit_nuc8i3pnh_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_pro_kit_nuc8i3pnh:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:intel:nuc_pro_kit_nuc8i3pnk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_pro_kit_nuc8i3pnk:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:intel:nuc_pro_board_nuc8i3pnb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_pro_board_nuc8i3pnb:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:intel:nuc_pro_board_nuc8i3pnh_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_pro_board_nuc8i3pnh:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:intel:nuc_pro_board_nuc8i3pnk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_pro_board_nuc8i3pnk:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:intel:nuc_rugged_kit_nuc8cchb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_rugged_kit_nuc8cchb:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:intel:nuc_rugged_kit_nuc8cchbn_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_rugged_kit_nuc8cchbn:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:intel:nuc_rugged_kit_nuc8cchkrn_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_rugged_kit_nuc8cchkrn:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:intel:nuc_rugged_kit_nuc8cchkr_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_rugged_kit_nuc8cchkr:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:intel:nuc_pro_compute_element_nuc9v7qnb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_pro_compute_element_nuc9v7qnb:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:intel:nuc_pro_compute_element_nuc9v7qnx_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_pro_compute_element_nuc9v7qnx:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:intel:nuc_pro_compute_element_nuc9vxqnb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_pro_compute_element_nuc9vxqnb:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:intel:nuc_pro_compute_element_nuc9vxqnx_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_pro_compute_element_nuc9vxqnx:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:intel:nuc_business_nuc8i7hnkqc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_business_nuc8i7hnkqc:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:intel:nuc_business_nuc8i7hvkva_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_business_nuc8i7hvkva:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:intel:nuc_business_nuc8i7hvkvaw_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_business_nuc8i7hvkvaw:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:intel:nuc_business_nuc8i7hvk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_business_nuc8i7hvk:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:intel:nuc_business_nuc8i7hnk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_business_nuc8i7hnk:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:intel:nuc_enthusiast_nuc8i7hnkqc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_enthusiast_nuc8i7hnkqc:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:intel:nuc_enthusiast_nuc8i7hvkva_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_enthusiast_nuc8i7hvkva:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:intel:nuc_enthusiast_nuc8i7hvkvaw_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_enthusiast_nuc8i7hvkvaw:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:intel:nuc_enthusiast_nuc8i7hvk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_enthusiast_nuc8i7hvk:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:intel:nuc_enthusiast_nuc8i7hnk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_enthusiast_nuc8i7hnk:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:intel:nuc_kit_nuc8i7hnkqc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_kit_nuc8i7hnkqc:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:intel:nuc_kit_nuc8i7hvkva_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_kit_nuc8i7hvkva:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:intel:nuc_kit_nuc8i7hvkvaw_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_kit_nuc8i7hvkvaw:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:intel:nuc_kit_nuc8i7hvk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_kit_nuc8i7hvk:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:intel:nuc_kit_nuc8i7hnk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:*

References

Link	Resource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: intel

Published: 2023-08-11T02:37:29.052Z

Updated: 2023-08-11T02:37:29.052Z

Reserved: 2022-07-22T03:00:26.783Z

Link: CVE-2022-36372

JSON object: View

NVD Information

Status : Modified

Published: 2023-08-11T03:15:13.040

Modified: 2023-11-07T03:49:36.840

Link: CVE-2022-36372

JSON object: View

Redhat Information

No data.

CWE