1. Home
  2. CVE Database
  3. CVE-2023-40540
MEDIUM · 4.1

CVE-2023-40540

Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.

Vulnerability Description

Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.

CVSS Score

4.1

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
IntelNuc 11 Pro Kit Nuc11Tnkv50Z Firmware-
IntelNuc 11 Pro Kit Nuc11Tnkv50Z-
IntelNuc 11 Pro Kit Nuc11Tnhv70L Firmware-
IntelNuc 11 Pro Kit Nuc11Tnhv70L-
IntelNuc 11 Pro Kit Nuc11Tnhv50L Firmware-
IntelNuc 11 Pro Kit Nuc11Tnhv50L-
IntelNuc 11 Pro Board Nuc11Tnbv7 Firmware-
IntelNuc 11 Pro Board Nuc11Tnbv7-
IntelNuc 11 Pro Kit Nuc11Tnkv5 Firmware-
IntelNuc 11 Pro Kit Nuc11Tnkv5-
IntelNuc 11 Pro Kit Nuc11Tnkv7 Firmware-
IntelNuc 11 Pro Kit Nuc11Tnkv7-
IntelNuc 11 Pro Kit Nuc11Tnhv5 Firmware-
IntelNuc 11 Pro Kit Nuc11Tnhv5-
IntelNuc 11 Pro Mini Pc Nuc11Tnkv5 Firmware-
IntelNuc 11 Pro Mini Pc Nuc11Tnkv5-
IntelNuc 11 Pro Mini Pc Nuc11Tnkv7 Firmware-
IntelNuc 11 Pro Mini Pc Nuc11Tnkv7-
IntelNuc 11 Pro Kit Nuc11Tnhv7 Firmware-
IntelNuc 11 Pro Kit Nuc11Tnhv7-

Related Weaknesses (CWE)

CWE-1303

References

FAQ

What is CVE-2023-40540?

CVE-2023-40540 is a vulnerability with a CVSS score of 4.1 (MEDIUM). Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.

How severe is CVE-2023-40540?

CVE-2023-40540 has been rated MEDIUM with a CVSS base score of 4.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-40540?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Nuc 11 Pro Kit Nuc11Tnkv50Z Firmware, Intel Nuc 11 Pro Kit Nuc11Tnkv50Z, Intel Nuc 11 Pro Kit Nuc11Tnhv70L Firmware, Intel Nuc 11 Pro Kit Nuc11Tnhv70L, Intel Nuc 11 Pro Kit Nuc11Tnhv50L Firmware.