CVE-2022-28699 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	LOCAL	HIGH	HIGH	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
intel	CNA	7.5 HIGH	LOCAL	HIGH	HIGH	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 17%

Vendor	Product	Version
intel	nuc8cchb_firmware	-
intel	nuc8cchbn_firmware	-
intel	nuc8cchkrn_firmware	-
intel	nuc8cchkr_firmware	-
intel	nuc8i7hnkqc_firmware	-
intel	nuc8i7hvkva_firmware	-
intel	nuc8i7hvkvaw_firmware	-
intel	nuc8i7hvk_firmware	-
intel	nuc8i7hnk_firmware	-
intel	stk2mv64cc_firmware	-
intel	nuc7cjysamn_firmware	-
intel	nuc7cjysal_firmware	-
intel	nuc7cjyhn_firmware	-
intel	nuc7pjyhn_firmware	-
intel	nuc7pjyh_firmware	-
intel	nuc7cjyh_firmware	-
intel	nuc8i3cysn_firmware	-
intel	nuc8i7inh_firmware	-
intel	nuc8i5inh_firmware	-
intel	nuc8i7inh_firmware	-
intel	nuc8i5inh_firmware	-
intel	nuc7cjysamn_firmware	-
intel	nuc7cjysal_firmware	-
intel	nuc7cjyhn_firmware	-
intel	nuc7pjyhn_firmware	-
intel	nuc7pjyh_firmware	-
intel	nuc7cjyh_firmware	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html