CVE-2023-40220

Published: Nov 14, 2023Modified: Nov 21, 2024

4.4

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Exploitability: 0.8 / Impact: 3.6

Source: NVD

Description

Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.

Affected (2)

Products: Intel: Nuc6cayh Firmware, Nuc6cays Firmware

Intel

2 products

Nuc6cayh Firmware

Nuc6cays Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Nuc6cayh Firmware	Before ayaplcel.86a.0076

Running on/with	Platform Versions
Intel Nuc6cayh	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intel Nuc6cays Firmware	Before ayaplcel.86a.0076

Running on/with	Platform Versions
Intel Nuc6cays	All versions

Related CWEs

CWE-92

DEPRECATED: Improper Sanitization of Custom Special Characters

This entry has been deprecated. It originally came from PLOVER, which sometimes defined "other" and "miscellaneous" categories in order to satisfy exhaustiveness requirements for taxonomies. Within the context of CWE, the use of a more abstract entry is preferred in mapping situations. CWE-75 is a more appropriate mapping.

References (2)

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html

Source: secure@intel.com

Vendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.