← Back

CVE-2023-38587

nvd nist
Published: Jan 19, 2024Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

Improper input validation in some Intel NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Affected (13)

Intel
13 products
Nuc 8 Home Nuc8i3behfa Firmware
Nuc 8 Home Nuc8i5behfa Firmware
Nuc 8 Home Nuc8i5bekpa Firmware
Nuc 8 Enthusiast Nuc8i7behga Firmware
Nuc 8 Enthusiast Nuc8i7bekqa Firmware
Nuc Kit Nuc8i3beh Firmware
Nuc Kit Nuc8i3bek Firmware
Nuc Kit Nuc8i5beh Firmware
Nuc Kit Nuc8i5bek Firmware
Nuc Kit Nuc8i7beh Firmware
Nuc Kit Nuc8i3behs Firmware
Nuc Kit Nuc8i5behs Firmware
Nuc Kit Nuc8i7bek Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc 8 Home Nuc8i3behfa Firmware
Version becfl357.0095
Running on/withPlatform Versions
Intel
Nuc 8 Home Nuc8i3behfa
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc 8 Home Nuc8i5behfa Firmware
Version becfl357.0095
Running on/withPlatform Versions
Intel
Nuc 8 Home Nuc8i5behfa
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc 8 Home Nuc8i5bekpa Firmware
Version becfl357.0095
Running on/withPlatform Versions
Intel
Nuc 8 Home Nuc8i5bekpa
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc 8 Enthusiast Nuc8i7behga Firmware
Version becfl357.0095
Running on/withPlatform Versions
Intel
Nuc 8 Enthusiast Nuc8i7behga
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc 8 Enthusiast Nuc8i7bekqa Firmware
Version becfl357.0095
Running on/withPlatform Versions
Intel
Nuc 8 Enthusiast Nuc8i7bekqa
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc Kit Nuc8i3beh Firmware
Version becfl357.0095
Running on/withPlatform Versions
Intel
Nuc Kit Nuc8i3beh
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc Kit Nuc8i3bek Firmware
Version becfl357.0095
Running on/withPlatform Versions
Intel
Nuc Kit Nuc8i3bek
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc Kit Nuc8i5beh Firmware
Version becfl357.0095
Running on/withPlatform Versions
Intel
Nuc Kit Nuc8i5beh
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc Kit Nuc8i5bek Firmware
Version becfl357.0095
Running on/withPlatform Versions
Intel
Nuc Kit Nuc8i5bek
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc Kit Nuc8i7beh Firmware
Version becfl357.0095
Running on/withPlatform Versions
Intel
Nuc Kit Nuc8i7beh
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc Kit Nuc8i3behs Firmware
Version becfl357.0095
Running on/withPlatform Versions
Intel
Nuc Kit Nuc8i3behs
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc Kit Nuc8i5behs Firmware
Version becfl357.0095
Running on/withPlatform Versions
Intel
Nuc Kit Nuc8i5behs
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc Kit Nuc8i7bek Firmware
Version becfl357.0095
Running on/withPlatform Versions
Intel
Nuc Kit Nuc8i7bek
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

Source: secure@intel.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.