CVE-2022-33176: Input Validation
First published: Fri Nov 11 2022(Updated: )
Improper input validation in BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel NUC 11 Performance Kit NUC11PAHi3 | <patgl357.0042 | |
| Intel NUC 11 Performance Kit | ||
| Intel NUC 11 Performance (Tiger Lake) Firmware | <patgl357.0042 | |
| Intel NUC 11 Performance Kit NUC11PAHI50Z Firmware | ||
| Intel NUC 11 Performance (Tiger Lake) Firmware | <patgl357.0042 | |
| Intel NUC 11 Performance Kit NUC11PAHi70Z Firmware | ||
| Intel NUC 11 Performance Kit NUC11PAHi3 | <patgl357.0042 | |
| Intel NUC 11 Performance Kit NUC11PAHi3 Firmware | ||
| Intel NUC 11 Performance (Tiger Lake) Firmware | <patgl357.0042 | |
| Intel NUC 11 Performance Kit NUC11TNHi5 | ||
| Intel NUC 11 Performance (Tiger Lake) Firmware | <patgl357.0042 | |
| Intel NUC 11 Performance Kit NUC11PAHi7 Firmware | ||
| Intel NUC 11 Performance Kit NUC11PAKi3 | <patgl357.0042 | |
| Intel NUC 11 Pro Kit NUC11PAKi3 | ||
| Intel NUC 11 Performance (Tiger Lake) Firmware | <patgl357.0042 | |
| Intel NUC 11 Performance Kit NUC11PAKI5 Firmware | ||
| Intel NUC 11 Performance Kit NUC11PAKI7 | <patgl357.0042 | |
| Intel NUC 11 Performance Mini PC NUC11PAKI7 | ||
| Intel NUC 11 Performance Mini PC (NUC11BTMi9) | <patgl357.0042 | |
| Intel NUC 11 Performance Mini PC NUC11PAQI50WA Firmware | ||
| Intel NUC 11 Performance Kit NUC11PAQi7 | <patgl357.0042 | |
| Intel NUC 11 Performance Mini PC | ||
| All of | ||
| Intel NUC 11 Performance Kit NUC11PAHi3 | <patgl357.0042 | |
| Intel NUC 11 Performance Kit | ||
| All of | ||
| Intel NUC 11 Performance (Tiger Lake) Firmware | <patgl357.0042 | |
| Intel NUC 11 Performance Kit NUC11PAHI50Z Firmware | ||
| All of | ||
| Intel NUC 11 Performance (Tiger Lake) Firmware | <patgl357.0042 | |
| Intel NUC 11 Performance Kit NUC11PAHi70Z Firmware | ||
| All of | ||
| Intel NUC 11 Performance Kit NUC11PAHi3 | <patgl357.0042 | |
| Intel NUC 11 Performance Kit NUC11PAHi3 Firmware | ||
| All of | ||
| Intel NUC 11 Performance (Tiger Lake) Firmware | <patgl357.0042 | |
| Intel NUC 11 Performance Kit NUC11TNHi5 | ||
| All of | ||
| Intel NUC 11 Performance (Tiger Lake) Firmware | <patgl357.0042 | |
| Intel NUC 11 Performance Kit NUC11PAHi7 Firmware | ||
| All of | ||
| Intel NUC 11 Performance Kit NUC11PAKi3 | <patgl357.0042 | |
| Intel NUC 11 Pro Kit NUC11PAKi3 | ||
| All of | ||
| Intel NUC 11 Performance (Tiger Lake) Firmware | <patgl357.0042 | |
| Intel NUC 11 Performance Kit NUC11PAKI5 Firmware | ||
| All of | ||
| Intel NUC 11 Performance Kit NUC11PAKI7 | <patgl357.0042 | |
| Intel NUC 11 Performance Mini PC NUC11PAKI7 | ||
| All of | ||
| Intel NUC 11 Performance Mini PC (NUC11BTMi9) | <patgl357.0042 | |
| Intel NUC 11 Performance Mini PC NUC11PAQI50WA Firmware | ||
| All of | ||
| Intel NUC 11 Performance Kit NUC11PAQi7 | <patgl357.0042 | |
| Intel NUC 11 Performance Mini PC |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-33176?
CVE-2022-33176 is a vulnerability in the BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs.
What is the severity of CVE-2022-33176?
CVE-2022-33176 has a severity value of 6.7, which is considered high.
How does CVE-2022-33176 affect the affected software?
CVE-2022-33176 may allow a privileged user to potentially enable escalation of privilege via local access.
How can I fix CVE-2022-33176?
To fix CVE-2022-33176, update the BIOS firmware for the affected Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs to version PATGL357.0042 or newer.
Where can I find more information about CVE-2022-33176?
More information about CVE-2022-33176 can be found at the Intel Security Center advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html
- agent/type
- agent/references
- agent/remedy
- agent/author
- agent/severity
- agent/description
- agent/first-publish-date
- agent/weakness
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/source
- agent/tags
- agent/event
- agent/softwarecombine
- vendor/intel
- canonical/intel nuc 11 performance kit nuc11pahi3
- canonical/intel nuc 11 performance kit
- canonical/intel nuc 11 performance (tiger lake) firmware
- canonical/intel nuc 11 performance kit nuc11pahi50z firmware
- canonical/intel nuc 11 performance kit nuc11pahi70z firmware
- canonical/intel nuc 11 performance kit nuc11pahi3 firmware
- canonical/intel nuc 11 performance kit nuc11tnhi5
- canonical/intel nuc 11 performance kit nuc11pahi7 firmware
- canonical/intel nuc 11 performance kit nuc11paki3
- canonical/intel nuc 11 pro kit nuc11paki3
- canonical/intel nuc 11 performance kit nuc11paki5 firmware
- canonical/intel nuc 11 performance kit nuc11paki7
- canonical/intel nuc 11 performance mini pc nuc11paki7
- canonical/intel nuc 11 performance mini pc (nuc11btmi9)
- canonical/intel nuc 11 performance mini pc nuc11paqi50wa firmware
- canonical/intel nuc 11 performance kit nuc11paqi7
- canonical/intel nuc 11 performance mini pc