CVE-2022-36339

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-36339
Improper input validation in firmware for Intel(R) NUC 8 Compute Element, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element may allow a privileged user to enable escalation of privilege via local access.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:intel:cm8i3cb4n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:cm8i3cb4n:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:intel:cm8i5cb8n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:cm8i5cb8n:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:intel:cm8i7cb8n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:cm8i7cb8n:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:intel:cm8ccb4r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:cm8ccb4r:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:intel:cm8pcb4r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:cm8pcb4r:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:intel:cm11ebi38w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:cm11ebi38w:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:intel:cm11ebi58w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:cm11ebi58w:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:intel:cm11ebi716w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:cm11ebi716w:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:intel:cm11ebc4w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:cm11ebc4w:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:intel:elm12hbi3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:elm12hbi3:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:intel:elm12hbi5_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:elm12hbi5:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:intel:elm12hbi7_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:elm12hbi7:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:intel:elm12hbc_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:elm12hbc:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2023-05-10 14:15

Updated : 2024-02-28 20:13

NVD link : CVE-2022-36339

Mitre link : CVE-2022-36339

CVE.ORG link : CVE-2022-36339

JSON object : View

Products Affected

intel

  • cm11ebi716w_firmware
  • elm12hbi5
  • cm8i7cb8n_firmware
  • cm8pcb4r
  • cm8i3cb4n
  • cm11ebi716w
  • cm8pcb4r_firmware
  • cm11ebi58w_firmware
  • cm11ebc4w
  • cm11ebc4w_firmware
  • cm11ebi38w_firmware
  • cm8ccb4r
  • elm12hbi3
  • cm11ebi38w
  • cm8i3cb4n_firmware
  • cm11ebi58w
  • elm12hbi7
  • cm8i7cb8n
  • elm12hbi3_firmware
  • cm8ccb4r_firmware
  • elm12hbi7_firmware
  • elm12hbc_firmware
  • cm8i5cb8n_firmware
  • elm12hbi5_firmware
  • cm8i5cb8n
  • elm12hbc
CWE
NVD-CWE-noinfo CWE-20

Improper Input Validation