← Back

CVE-2023-42429

nvd nist
Published: Jan 19, 2024Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

Improper buffer restrictions in some Intel NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Affected (6)

Intel
6 products
Nuc 7 Essential Pc Nuc7cjysal Firmware
Nuc 7 Essential Nuc7cjysamn Firmware
Nuc Kit Nuc7cjyhn Firmware
Nuc Kit Nuc7cjyh Firmware
Nuc Kit Nuc7pjyhn Firmware
Nuc Kit Nuc7pjyh Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc 7 Essential Pc Nuc7cjysal Firmware
Version jyglkcpx.0071
Running on/withPlatform Versions
Intel
Nuc 7 Essential Nuc7cjysal
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc 7 Essential Nuc7cjysamn Firmware
Version jyglkcpx.0071
Running on/withPlatform Versions
Intel
Nuc 7 Essential Nuc7cjysamn
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc Kit Nuc7cjyhn Firmware
Version jyglkcpx.0071
Running on/withPlatform Versions
Intel
Nuc Kit Nuc7cjyhn
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc Kit Nuc7cjyh Firmware
Version jyglkcpx.0071
Running on/withPlatform Versions
Intel
Nuc Kit Nuc7cjyh
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc Kit Nuc7pjyhn Firmware
Version jyglkcpx.0071
Running on/withPlatform Versions
Intel
Nuc Kit Nuc7pjyhn
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nuc Kit Nuc7pjyh Firmware
Version jyglkcpx.0071
Running on/withPlatform Versions
Intel
Nuc Kit Nuc7pjyh
All versions

Related CWEs

CWE-92
DEPRECATED: Improper Sanitization of Custom Special Characters
This entry has been deprecated. It originally came from PLOVER, which sometimes defined "other" and "miscellaneous" categories in order to satisfy exhaustiveness requirements for taxonomies. Within the context of CWE, the use of a more abstract entry is preferred in mapping situations. CWE-75 is a more appropriate mapping.

References (2)

Source: secure@intel.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.