CVE-2023-28377

Improper authentication in some Intel(R) NUC Kit NUC11PH USB firmware installation software before version 1.1 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:intel:usb_firmware:*:*:*:*:*:windows:*:*
OR cpe:2.3:h:intel:nuc_11_enthusiast_kit_nuc11phki7c:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_11_enthusiast_mini_pc_nuc11phki7caa:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:54

Type Values Removed Values Added
References () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html - Vendor Advisory () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html - Vendor Advisory
CVSS v2 : unknown
v3 : 7.8
v2 : unknown
v3 : 6.7

20 Nov 2023, 20:49

Type Values Removed Values Added
CWE CWE-287
CPE cpe:2.3:o:intel:usb_firmware:*:*:*:*:*:windows:*:*
cpe:2.3:h:intel:nuc_11_enthusiast_kit_nuc11phki7c:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:nuc_11_enthusiast_mini_pc_nuc11phki7caa:-:*:*:*:*:*:*:*
References () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html - () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
First Time Intel nuc 11 Enthusiast Mini Pc Nuc11phki7caa
Intel nuc 11 Enthusiast Kit Nuc11phki7c
Intel usb Firmware
Intel

14 Nov 2023, 19:30

Type Values Removed Values Added
New CVE

Information

Published : 2023-11-14 19:15

Updated : 2024-11-21 07:54


NVD link : CVE-2023-28377

Mitre link : CVE-2023-28377

CVE.ORG link : CVE-2023-28377


JSON object : View

Products Affected

intel

  • nuc_11_enthusiast_mini_pc_nuc11phki7caa
  • usb_firmware
  • nuc_11_enthusiast_kit_nuc11phki7c
CWE
CWE-287

Improper Authentication