CVE-2022-36372
11.08.2023, 03:15
Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.Enginsight
| Vendor | Product | Version |
|---|---|---|
| intel | nuc_8_compute_element_cm8i3cb4n_firmware | - |
| intel | nuc_8_compute_element_cm8i5cb8n_firmware | - |
| intel | nuc_8_compute_element_cm8i7cb8n_firmware | - |
| intel | nuc_8_compute_element_cm8ccb4r_firmware | - |
| intel | nuc_8_compute_element_cm8pcb4r_firmware | - |
| intel | nuc_pro_kit_nuc8i3pnb_firmware | - |
| intel | nuc_pro_kit_nuc8i3pnh_firmware | - |
| intel | nuc_pro_kit_nuc8i3pnk_firmware | - |
| intel | nuc_pro_board_nuc8i3pnb_firmware | - |
| intel | nuc_pro_board_nuc8i3pnh_firmware | - |
| intel | nuc_pro_board_nuc8i3pnk_firmware | - |
| intel | nuc_rugged_kit_nuc8cchb_firmware | - |
| intel | nuc_rugged_kit_nuc8cchbn_firmware | - |
| intel | nuc_rugged_kit_nuc8cchkrn_firmware | - |
| intel | nuc_rugged_kit_nuc8cchkr_firmware | - |
| intel | nuc_pro_compute_element_nuc9v7qnb_firmware | - |
| intel | nuc_pro_compute_element_nuc9v7qnx_firmware | - |
| intel | nuc_pro_compute_element_nuc9vxqnb_firmware | - |
| intel | nuc_pro_compute_element_nuc9vxqnx_firmware | - |
| intel | nuc_business_nuc8i7hnkqc_firmware | - |
| intel | nuc_business_nuc8i7hvkva_firmware | - |
| intel | nuc_business_nuc8i7hvkvaw_firmware | - |
| intel | nuc_business_nuc8i7hvk_firmware | - |
| intel | nuc_business_nuc8i7hnk_firmware | - |
| intel | nuc_enthusiast_nuc8i7hnkqc_firmware | - |
| intel | nuc_enthusiast_nuc8i7hvkva_firmware | - |
| intel | nuc_enthusiast_nuc8i7hvkvaw_firmware | - |
| intel | nuc_enthusiast_nuc8i7hvk_firmware | - |
| intel | nuc_enthusiast_nuc8i7hnk_firmware | - |
| intel | nuc_kit_nuc8i7hnkqc_firmware | - |
| intel | nuc_kit_nuc8i7hvkva_firmware | - |
| intel | nuc_kit_nuc8i7hvkvaw_firmware | - |
| intel | nuc_kit_nuc8i7hvk_firmware | - |
| intel | nuc_kit_nuc8i7hnk_firmware | - |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-92 - DEPRECATED: Improper Sanitization of Custom Special CharactersThis entry has been deprecated. It originally came from PLOVER, which sometimes defined "other" and "miscellaneous" categories in order to satisfy exhaustiveness requirements for taxonomies. Within the context of CWE, the use of a more abstract entry is preferred in mapping situations. CWE-75 is a more appropriate mapping.
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory BufferThe software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.