#VU79572 Input validation error in Intel products - CVE-2023-29494

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Vulnerabilities #VU79572

#VU79572 Input validation error in Intel products - CVE-2023-29494

Published: August 16, 2023


Vulnerability identifier: #VU79572
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-29494
CWE-ID: CWE-20
Exploitation vector: Local access
Exploit availability: No public exploit available
Vulnerable software:
Intel NUC 11 Pro Kit NUC11TNHi70Z
Intel NUC 11 Pro Kit NUC11TNKi70Z
Intel NUC 11 Pro Kit NUC11TNKi30Z
Intel NUC 11 Pro Kit NUC11TNHi30Z
Intel NUC 11 Pro Kit NUC11TNKi50Z
Intel NUC 11 Pro Kit NUC11TNHi50Z
Intel NUC 11 Pro Board NUC11TNBi30Z
Intel NUC 11 Pro Board NUC11TNBi50Z
Intel NUC 11 Pro Board NUC11TNBi70Z
Intel NUC 11 Pro Kit NUC11TNHi3
Intel NUC 11 Pro Kit NUC11TNHi5
Intel NUC 11 Pro Kit NUC11TNHi7
Intel NUC 11 Pro Kit NUC11TNKi3
Intel NUC 11 Pro Kit NUC11TNKi5
Intel NUC 11 Pro Kit NUC11TNKi7
Intel NUC 11 Pro Board NUC11TNBi3
Intel NUC 11 Pro Board NUC11TNBi5
Intel NUC 11 Pro Board NUC11TNBi7
Intel NUC 11 Pro Kit NUC11TNHi50W
Intel NUC 11 Pro Kit NUC11TNHi50L
Intel NUC 11 Pro Kit NUC11TNHi30L
Intel NUC 11 Pro Kit NUC11TNHi70Q
Intel NUC 11 Pro Kit NUC11TNHi30P
Intel NUC 11 Pro Kit NUC11TNHi70L
Software vendor:
Intel

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of user-supplied input. A local user can execute arbitrary code with elevated privileges.


Remediation

Install updates from vendor's website.

External links