Improper authentication in some Intel(R) NUC Kit NUC11PH USB firmware installation software before version 1.1 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Link | Resource |
---|---|
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
20 Nov 2023, 20:49
Type | Values Removed | Values Added |
---|---|---|
First Time |
Intel nuc 11 Enthusiast Mini Pc Nuc11phki7caa
Intel nuc 11 Enthusiast Kit Nuc11phki7c Intel usb Firmware Intel |
|
CPE | cpe:2.3:o:intel:usb_firmware:*:*:*:*:*:windows:*:* cpe:2.3:h:intel:nuc_11_enthusiast_kit_nuc11phki7c:-:*:*:*:*:*:*:* cpe:2.3:h:intel:nuc_11_enthusiast_mini_pc_nuc11phki7caa:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
References | () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html - Vendor Advisory | |
CWE | CWE-287 |
14 Nov 2023, 19:30
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-14 19:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-28377
Mitre link : CVE-2023-28377
CVE.ORG link : CVE-2023-28377
JSON object : View
Products Affected
intel
- nuc_11_enthusiast_mini_pc_nuc11phki7caa
- usb_firmware
- nuc_11_enthusiast_kit_nuc11phki7c
CWE
CWE-287
Improper Authentication