CVE-2023-28377

Improper authentication in some Intel(R) NUC Kit NUC11PH USB firmware installation software before version 1.1 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:intel:usb_firmware:*:*:*:*:*:windows:*:*
OR cpe:2.3:h:intel:nuc_11_enthusiast_kit_nuc11phki7c:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_11_enthusiast_mini_pc_nuc11phki7caa:-:*:*:*:*:*:*:*

History

20 Nov 2023, 20:49

Type Values Removed Values Added
First Time Intel nuc 11 Enthusiast Mini Pc Nuc11phki7caa
Intel nuc 11 Enthusiast Kit Nuc11phki7c
Intel usb Firmware
Intel
CPE cpe:2.3:o:intel:usb_firmware:*:*:*:*:*:windows:*:*
cpe:2.3:h:intel:nuc_11_enthusiast_kit_nuc11phki7c:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_11_enthusiast_mini_pc_nuc11phki7caa:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
References () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html - () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html - Vendor Advisory
CWE CWE-287

14 Nov 2023, 19:30

Type Values Removed Values Added
New CVE

Information

Published : 2023-11-14 19:15

Updated : 2024-02-28 20:54


NVD link : CVE-2023-28377

Mitre link : CVE-2023-28377

CVE.ORG link : CVE-2023-28377


JSON object : View

Products Affected

intel

  • nuc_11_enthusiast_mini_pc_nuc11phki7caa
  • usb_firmware
  • nuc_11_enthusiast_kit_nuc11phki7c
CWE
CWE-287

Improper Authentication