1. Home
  2. CVE Database
  3. CVE-2023-29500
MEDIUM · 5.3

CVE-2023-29500

Exposure of sensitive information to an unauthorized actor in BIOS firmware for some Intel(R) NUCs may allow a privilege user to potentially enable information disclosure via local access.

Vulnerability Description

Exposure of sensitive information to an unauthorized actor in BIOS firmware for some Intel(R) NUCs may allow a privilege user to potentially enable information disclosure via local access.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
IntelNuc 11 Performance Kit Nuc11Pahi70Z Firmware-
IntelNuc 11 Performance Kit Nuc11Pahi70Z-
IntelNuc 11 Performance Kit Nuc11Pahi50Z Firmware-
IntelNuc 11 Performance Kit Nuc11Pahi50Z-
IntelNuc 11 Performance Kit Nuc11Pahi30Z Firmware-
IntelNuc 11 Performance Kit Nuc11Pahi30Z-
IntelNuc 11 Performance Kit Nuc11Pahi3 Firmware-
IntelNuc 11 Performance Kit Nuc11Pahi3-
IntelNuc 11 Performance Kit Nuc11Pahi5 Firmware-
IntelNuc 11 Performance Kit Nuc11Pahi5-
IntelNuc 11 Performance Kit Nuc11Pahi7 Firmware-
IntelNuc 11 Performance Kit Nuc11Pahi7-
IntelNuc 11 Performance Kit Nuc11Paki3 Firmware-
IntelNuc 11 Performance Kit Nuc11Paki3-
IntelNuc 11 Performance Kit Nuc11Paki5 Firmware-
IntelNuc 11 Performance Kit Nuc11Paki5-
IntelNuc 11 Performance Kit Nuc11Paki7 Firmware-
IntelNuc 11 Performance Kit Nuc11Paki7-
IntelNuc 11 Performance Mini Pc Nuc11Paqi50Wa Firmware-
IntelNuc 11 Performance Mini Pc Nuc11Paqi50Wa-

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2023-29500?

CVE-2023-29500 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Exposure of sensitive information to an unauthorized actor in BIOS firmware for some Intel(R) NUCs may allow a privilege user to potentially enable information disclosure via local access.

How severe is CVE-2023-29500?

CVE-2023-29500 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-29500?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Nuc 11 Performance Kit Nuc11Pahi70Z Firmware, Intel Nuc 11 Performance Kit Nuc11Pahi70Z, Intel Nuc 11 Performance Kit Nuc11Pahi50Z Firmware, Intel Nuc 11 Performance Kit Nuc11Pahi50Z, Intel Nuc 11 Performance Kit Nuc11Pahi30Z Firmware.