CVE-2023-22356

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Aug 11, 2023
Updated: Nov 7, 2023
CWE ID 665

Summary

CVE-2023-22356 is a vulnerability affecting certain Intel NUC BIOS firmware. The issue stems from improper initialization, which can potentially enable information disclosure for privileged users through local access. This means that an attacker with administrative privileges on the affected system could potentially gain unintended access to sensitive data. The exact nature of the information that could be disclosed is not clear, but the vulnerability poses a potential risk to the security of affected Intel NUC systems. It is recommended that users apply the available firmware updates to mitigate this vulnerability and protect their systems.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share