CVE-2023-42429
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Improper buffer restrictions in some Intel NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
Las restricciones inadecuadas del búfer en algunos firmware del BIOS Intel NUC pueden permitir que un usuario privilegiado habilite potencialmente la escalada de privilegios a través del acceso local.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-09-14 CVE Reserved
- 2024-01-19 CVE Published
- 2024-01-24 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-92: DEPRECATED: Improper Sanitization of Custom Special Characters
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01028.html | 2024-01-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Intel Search vendor "Intel" | Nuc 7 Essential Pc Nuc7cjysal Firmware Search vendor "Intel" for product "Nuc 7 Essential Pc Nuc7cjysal Firmware" | jyglkcpx.0071 Search vendor "Intel" for product "Nuc 7 Essential Pc Nuc7cjysal Firmware" and version "jyglkcpx.0071" | - |
Affected
| in | Intel Search vendor "Intel" | Nuc 7 Essential Nuc7cjysal Search vendor "Intel" for product "Nuc 7 Essential Nuc7cjysal" | - | - |
Safe
|
| Intel Search vendor "Intel" | Nuc 7 Essential Nuc7cjysamn Firmware Search vendor "Intel" for product "Nuc 7 Essential Nuc7cjysamn Firmware" | jyglkcpx.0071 Search vendor "Intel" for product "Nuc 7 Essential Nuc7cjysamn Firmware" and version "jyglkcpx.0071" | - |
Affected
| in | Intel Search vendor "Intel" | Nuc 7 Essential Nuc7cjysamn Search vendor "Intel" for product "Nuc 7 Essential Nuc7cjysamn" | - | - |
Safe
|
| Intel Search vendor "Intel" | Nuc Kit Nuc7cjyhn Firmware Search vendor "Intel" for product "Nuc Kit Nuc7cjyhn Firmware" | jyglkcpx.0071 Search vendor "Intel" for product "Nuc Kit Nuc7cjyhn Firmware" and version "jyglkcpx.0071" | - |
Affected
| in | Intel Search vendor "Intel" | Nuc Kit Nuc7cjyhn Search vendor "Intel" for product "Nuc Kit Nuc7cjyhn" | - | - |
Safe
|
| Intel Search vendor "Intel" | Nuc Kit Nuc7cjyh Firmware Search vendor "Intel" for product "Nuc Kit Nuc7cjyh Firmware" | jyglkcpx.0071 Search vendor "Intel" for product "Nuc Kit Nuc7cjyh Firmware" and version "jyglkcpx.0071" | - |
Affected
| in | Intel Search vendor "Intel" | Nuc Kit Nuc7cjyh Search vendor "Intel" for product "Nuc Kit Nuc7cjyh" | - | - |
Safe
|
| Intel Search vendor "Intel" | Nuc Kit Nuc7pjyhn Firmware Search vendor "Intel" for product "Nuc Kit Nuc7pjyhn Firmware" | jyglkcpx.0071 Search vendor "Intel" for product "Nuc Kit Nuc7pjyhn Firmware" and version "jyglkcpx.0071" | - |
Affected
| in | Intel Search vendor "Intel" | Nuc Kit Nuc7pjyhn Search vendor "Intel" for product "Nuc Kit Nuc7pjyhn" | - | - |
Safe
|
| Intel Search vendor "Intel" | Nuc Kit Nuc7pjyh Firmware Search vendor "Intel" for product "Nuc Kit Nuc7pjyh Firmware" | jyglkcpx.0071 Search vendor "Intel" for product "Nuc Kit Nuc7pjyh Firmware" and version "jyglkcpx.0071" | - |
Affected
| in | Intel Search vendor "Intel" | Nuc Kit Nuc7pjyh Search vendor "Intel" for product "Nuc Kit Nuc7pjyh" | - | - |
Safe
|