CVE-2022-35276
First published: Fri Nov 11 2022(Updated: )
Improper access control in BIOS firmware for some Intel(R) NUC 8 Compute Elements before version CBWHL357.0096 may allow a privileged user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel NUC 8 Compute Element CM8I7CB Firmware | <cbwhl357.0096 | |
| Intel NUC 8 compute element cm8i7cb | ||
| Intel CM8I3CB4N Firmware | <cbwhl357.0096 | |
| Intel NUC 8 Compute Element CM8I3CB Firmware | ||
| Intel NUC 8 Compute Element CM8CCB Firmware | <cbwhl357.0096 | |
| Intel NUC 8 Compute Element CM8CCB Firmware | ||
| Intel NUC 8 Compute Element CM8i5CB8N | <cbwhl357.0096 | |
| Intel NUC 8 Compute Element CM8i5CB | ||
| Intel CM8PCB4R | <cbwhl357.0096 | |
| Intel NUC 8 Compute Element CM8PCB | ||
| All of | ||
| Intel NUC 8 Compute Element CM8I7CB Firmware | <cbwhl357.0096 | |
| Intel NUC 8 compute element cm8i7cb | ||
| All of | ||
| Intel CM8I3CB4N Firmware | <cbwhl357.0096 | |
| Intel NUC 8 Compute Element CM8I3CB Firmware | ||
| All of | ||
| Intel NUC 8 Compute Element CM8CCB Firmware | <cbwhl357.0096 | |
| Intel NUC 8 Compute Element CM8CCB Firmware | ||
| All of | ||
| Intel NUC 8 Compute Element CM8i5CB8N | <cbwhl357.0096 | |
| Intel NUC 8 Compute Element CM8i5CB | ||
| All of | ||
| Intel CM8PCB4R | <cbwhl357.0096 | |
| Intel NUC 8 Compute Element CM8PCB |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-35276?
CVE-2022-35276 is a vulnerability in the BIOS firmware of certain Intel NUC 8 Compute Elements that allows a privileged user to potentially enable escalation of privilege via local access.
Which software versions are affected by CVE-2022-35276?
The affected software versions are Intel NUC 8 Compute Element Cm8i7cb Firmware before version CBWHL357.0096, Intel NUC 8 Compute Element Cm8i3cb Firmware before version CBWHL357.0096, Intel NUC 8 Compute Element Cm8ccb Firmware before version CBWHL357.0096, Intel NUC 8 Compute Element Cm8i5cb Firmware before version CBWHL357.0096, and Intel NUC 8 Compute Element Cm8pcb Firmware before version CBWHL357.0096.
How severe is CVE-2022-35276?
CVE-2022-35276 has a severity rating of high, with a CVSS severity score of 6.7.
How can the CVE-2022-35276 vulnerability be exploited?
The CVE-2022-35276 vulnerability can be exploited by a privileged user with local access to the affected BIOS firmware.
Is there a fix available for CVE-2022-35276?
Yes, updating the affected BIOS firmware to version CBWHL357.0096 or later will fix the CVE-2022-35276 vulnerability.
- agent/type
- agent/remedy
- agent/references
- agent/author
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/weakness
- agent/source
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/intel
- canonical/intel nuc 8 compute element cm8i7cb firmware
- canonical/intel nuc 8 compute element cm8i7cb
- canonical/intel cm8i3cb4n firmware
- canonical/intel nuc 8 compute element cm8i3cb firmware
- canonical/intel nuc 8 compute element cm8ccb firmware
- canonical/intel nuc 8 compute element cm8i5cb8n
- canonical/intel nuc 8 compute element cm8i5cb
- canonical/intel cm8pcb4r
- canonical/intel nuc 8 compute element cm8pcb