- 08/2024
- High
Intel has released security updates to address several vulnerabilities in multiple Intel products
The severity of the addressed vulnerabilities could allow the local authenticated attacker to gain elevated privileges or perform denial-of-service attacks on the affected products.
Samples of the addressed vulnerabilities:
1. Intel NUC BIOS Firmware Privilege Escalation (CVE-2023-42429):
- CVSS: 7.5
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: High
- User Interaction: None
- Consequences: Gain Privileges
2. Intel NUC Pro Software Suite Configuration Tool Denial of Service (CVE-2023- 32272):
- CVSS: 7.9
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: Required
- Consequences: Denial of service
Sample of the affected products:
- Intel NUC Pro Software Suite Configuration Tool.
- Intel NUC 7 Essential.
- Intel NUC 8 Mainstream-G kit.
- Intel HID Event Filter.
- Intel NUC 8 Compute Element.
- Intel NUC 8 Home.
- Intel HotKey Services.
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.