{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-29500", "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "state": "PUBLISHED", "assignerShortName": "intel", "dateReserved": "2023-04-13T03:00:03.850Z", "datePublished": "2023-08-11T02:37:20.297Z", "dateUpdated": "2023-08-11T02:37:20.297Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel", "dateUpdated": "2023-08-11T02:37:20.297Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "information disclosure"}, {"lang": "en", "description": "Exposure of sensitive information to an unauthorized actor", "cweId": "CWE-200", "type": "CWE"}]}], "affected": [{"vendor": "n/a", "product": "Intel(R) NUCs", "versions": [{"version": "See references", "status": "affected"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Exposure of sensitive information to an unauthorized actor in BIOS firmware for some Intel(R) NUCs may allow a privilege user to potentially enable information disclosure via local access."}], "references": [{"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html", "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi70z_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "59AE540D-F5E3-49CD-B4DE-A430488F7B2D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11pahi70z:-:*:*:*:*:*:*:*", "matchCriteriaId": "83F1BB2C-00A9-44DE-ADE2-C910E12AC664", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi50z_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "505B638A-F333-470E-B810-33FC3F4F40AE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11pahi50z:-:*:*:*:*:*:*:*", "matchCriteriaId": "45F55CB5-5E7C-460F-8B49-F2BA47102884", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi30z_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E8604BD6-E589-4917-A572-56208C42A082", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11pahi30z:-:*:*:*:*:*:*:*", "matchCriteriaId": "8756CBA9-24C8-49E0-8622-95E25DAB64AA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi3_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1DDB0B56-E7F9-4C36-B010-865F1A8363F0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11pahi3:-:*:*:*:*:*:*:*", "matchCriteriaId": "53358E28-1529-478C-A1DC-39F05250C749", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi5_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "649AEF04-A296-48B6-9B97-2566039808A9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11pahi5:-:*:*:*:*:*:*:*", "matchCriteriaId": "625FA81A-2E10-4910-8310-27C9577AB8D5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi7_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "99A8EAEB-EBDA-41F9-94AC-EA2F3B6DFD93", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11pahi7:-:*:*:*:*:*:*:*", "matchCriteriaId": "15EA0B24-5433-4188-82A4-3019247C3AE4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11paki3_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED113CB5-0FB5-4C6D-A515-C23EBB406987", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11paki3:-:*:*:*:*:*:*:*", "matchCriteriaId": "20B7156E-602E-4335-A0B2-A1E679194E54", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11paki5_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "764465AB-C78E-4AE0-B4C1-2D9DB51DD692", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11paki5:-:*:*:*:*:*:*:*", "matchCriteriaId": "46277E03-FB58-4FDB-834D-50E46D634800", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11paki7_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3BAE0B70-2541-4EF2-8A9E-8E46B1D917AB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11paki7:-:*:*:*:*:*:*:*", "matchCriteriaId": "044D872A-7C4D-45C8-9B81-B40D1B05A5A5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc_11_performance_mini_pc_nuc11paqi50wa_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FD5CE18A-073A-4B39-AD43-56657EBDD9C2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc_11_performance_mini_pc_nuc11paqi50wa:-:*:*:*:*:*:*:*", "matchCriteriaId": "71878455-5816-4C4E-9595-B44DCFAAB80C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:nuc_11_performance_mini_pc_nuc11paqi70qa_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FC4813F-A447-4558-96E1-0641036F3D4A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:nuc_11_performance_mini_pc_nuc11paqi70qa:-:*:*:*:*:*:*:*", "matchCriteriaId": "5B23996D-1C22-42DF-8752-E5490D34AD64", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Exposure of sensitive information to an unauthorized actor in BIOS firmware for some Intel(R) NUCs may allow a privilege user to potentially enable information disclosure via local access."}], "id": "CVE-2023-29500", "lastModified": "2023-11-07T04:11:20.293", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 4.0, "source": "secure@intel.com", "type": "Secondary"}]}, "published": "2023-08-11T03:15:31.163", "references": [{"source": "secure@intel.com", "tags": ["Vendor Advisory"], "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "secure@intel.com", "type": "Secondary"}]}

{}