#VU79574 Information disclosure in Intel products - CVE-2023-29500
Published: August 16, 2023
Vulnerability identifier: #VU79574
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-29500
CWE-ID: CWE-200
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Intel NUC 11 Performance kit NUC11PAHi70Z
Intel NUC 11 Performance kit NUC11PAHi50Z
Intel NUC 11 Performance kit NUC11PAHi30Z
Intel NUC 11 Performance kit NUC11PAHi3
Intel NUC 11 Performance kit NUC11PAHi5
Intel NUC 11 Performance kit NUC11PAHi7
Intel NUC 11 Performance kit NUC11PAKi3
Intel NUC 11 Performance kit NUC11PAKi5
Intel NUC 11 Performance kit NUC11PAKi7
Intel NUC 11 Performance Mini PC NUC11PAQi50WA
Intel NUC 11 Performance Mini PC NUC11PAQi70QA
Intel NUC 11 Performance kit NUC11PAHi70Z
Intel NUC 11 Performance kit NUC11PAHi50Z
Intel NUC 11 Performance kit NUC11PAHi30Z
Intel NUC 11 Performance kit NUC11PAHi3
Intel NUC 11 Performance kit NUC11PAHi5
Intel NUC 11 Performance kit NUC11PAHi7
Intel NUC 11 Performance kit NUC11PAKi3
Intel NUC 11 Performance kit NUC11PAKi5
Intel NUC 11 Performance kit NUC11PAKi7
Intel NUC 11 Performance Mini PC NUC11PAQi50WA
Intel NUC 11 Performance Mini PC NUC11PAQi70QA
Software vendor:
Intel
Intel
Description
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in BIOS firmware. A local user can gain access to sensitive information.
Remediation
Install updates from vendor's website.