Vulnerability Description
Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow an authenticated user to potentially enable denial of service via local access.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Nuc Board Nuc5I3Mybe Firmware | < myi30060 |
| Intel | Nuc Board Nuc5I3Mybe | - |
| Intel | Nuc Kit Nuc5I3Myhe Firmware | < myi30060 |
| Intel | Nuc Kit Nuc5I3Myhe | - |
Related Weaknesses (CWE)
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.PatchVendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.PatchVendor Advisory
FAQ
What is CVE-2022-36349?
CVE-2022-36349 is a vulnerability with a CVSS score of 5.2 (MEDIUM). Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow an authenticated user to potentially enable denial of ser...
How severe is CVE-2022-36349?
CVE-2022-36349 has been rated MEDIUM with a CVSS base score of 5.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-36349?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Nuc Board Nuc5I3Mybe Firmware, Intel Nuc Board Nuc5I3Mybe, Intel Nuc Kit Nuc5I3Myhe Firmware, Intel Nuc Kit Nuc5I3Myhe.