Vulnerability Description
Improper access control in BIOS firmware for some Intel(R) NUC 8 Compute Elements before version CBWHL357.0096 may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Nuc 8 Compute Element Cm8I7Cb Firmware | < cbwhl357.0096 |
| Intel | Nuc 8 Compute Element Cm8I7Cb | - |
| Intel | Nuc 8 Compute Element Cm8I3Cb Firmware | < cbwhl357.0096 |
| Intel | Nuc 8 Compute Element Cm8I3Cb | - |
| Intel | Nuc 8 Compute Element Cm8Ccb Firmware | < cbwhl357.0096 |
| Intel | Nuc 8 Compute Element Cm8Ccb | - |
| Intel | Nuc 8 Compute Element Cm8I5Cb Firmware | < cbwhl357.0096 |
| Intel | Nuc 8 Compute Element Cm8I5Cb | - |
| Intel | Nuc 8 Compute Element Cm8Pcb Firmware | < cbwhl357.0096 |
| Intel | Nuc 8 Compute Element Cm8Pcb | - |
Related Weaknesses (CWE)
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.PatchVendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.PatchVendor Advisory
FAQ
What is CVE-2022-35276?
CVE-2022-35276 is a vulnerability with a CVSS score of 7.5 (HIGH). Improper access control in BIOS firmware for some Intel(R) NUC 8 Compute Elements before version CBWHL357.0096 may allow a privileged user to potentially enable escalation of privilege via local acces...
How severe is CVE-2022-35276?
CVE-2022-35276 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-35276?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Nuc 8 Compute Element Cm8I7Cb Firmware, Intel Nuc 8 Compute Element Cm8I7Cb, Intel Nuc 8 Compute Element Cm8I3Cb Firmware, Intel Nuc 8 Compute Element Cm8I3Cb, Intel Nuc 8 Compute Element Cm8Ccb Firmware.