Details of VAR-202308-2082

ID

VAR-202308-2082

CVE

CVE-2023-32285

TITLE

Vulnerabilities in multiple Intel products

Trust: 0.8

sources: JVNDB: JVNDB-2023-021922

DESCRIPTION

Improper access control in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access. Intel NUC Kit NUC6CAYH firmware, Intel NUC Kit NUC6CAYS firmware, nuc mini pc nuc7i3bnhxf Multiple Intel products such as firmware have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2023-32285 // JVNDB: JVNDB-2023-021922 // VULMON: CVE-2023-32285

AFFECTED PRODUCTS

vendor:	intel	model:	nuc board nuc7i5bnhxf	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc6cays	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i3bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i5bnhxf	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i5bnk	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i7bnhxg	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i3bnhxf	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i7bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i7bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i5bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i3bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i7bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i7bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i3bnk	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i3bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i7bnkq	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i7bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i7bnkq	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i3bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i5bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i5bnhxf	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i3bnhxf	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i7bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i5bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i3bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i3bnk	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i3bnk	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i3bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i7bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i5bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i5bnk	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i3bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i5bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i5bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i7bnkq	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i5bnk	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i7bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i5bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i5bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i3bnhxf	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i3bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i5bnkp	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i7bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i7bnhxg	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i5bnkp	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i7bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i3bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i5bnkp	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i5bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i7bnhxg	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i7bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i3bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i5bnhxf	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	compute element stk2mv64cc	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i7bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i3bnk	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i5bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i3bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i5bnkp	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc6cayh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i3bnhxf	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i5bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i5bnk	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i7bnkq	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i3bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i7bnhxg	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i5bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	インテル	model:	nuc mini pc nuc7i7bnkq	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i3bnh	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc kit nuc7i3bnhxf	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i3bnhx1	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i3bnk	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i5bnhxf	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i7bnhxg	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i5bnh	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc kit nuc7i3bnk	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i7bnb	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i5bnb	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i7bnhx1	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i3bnhxf	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel nuc kit nuc6cayh	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel nuc kit nuc6cays	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i5bnhx1	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i5bnkp	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i7bnh	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i3bnb	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i5bnk	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2023-021922 // NVD: CVE-2023-32285

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2023-32285
value:	MEDIUM
Trust: 1.0
secure@intel.com:	CVE-2023-32285
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2023-32285
value:	MEDIUM
Trust: 0.8

nvd@nist.gov:	CVE-2023-32285
baseSeverity:	MEDIUM
baseScore:	4.4
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	3.6
version:	3.1
Trust: 1.0
secure@intel.com:	CVE-2023-32285
baseSeverity:	MEDIUM
baseScore:	6.0
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.5
impactScore:	4.0
version:	3.1
Trust: 1.0
NVD:	CVE-2023-32285
baseSeverity:	MEDIUM
baseScore:	4.4
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2023-021922 // NVD: CVE-2023-32285 // NVD: CVE-2023-32285

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-284	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-021922 // NVD: CVE-2023-32285

EXTERNAL IDS

db:	NVD	id:	CVE-2023-32285	Trust: 2.7
db:	JVN	id:	JVNVU99796803	Trust: 0.8
db:	JVNDB	id:	JVNDB-2023-021922	Trust: 0.8
db:	VULMON	id:	CVE-2023-32285	Trust: 0.1

sources: VULMON: CVE-2023-32285 // JVNDB: JVNDB-2023-021922 // NVD: CVE-2023-32285

REFERENCES

url:	http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html	Trust: 1.9
url:	https://jvn.jp/vu/jvnvu99796803/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2023-32285	Trust: 0.8
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2023-32285 // JVNDB: JVNDB-2023-021922 // NVD: CVE-2023-32285

SOURCES

db:	VULMON	id:	CVE-2023-32285
db:	JVNDB	id:	JVNDB-2023-021922
db:	NVD	id:	CVE-2023-32285

LAST UPDATE DATE

2024-08-14T13:04:48.980000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2023-32285	date:	2023-08-11T00:00:00
db:	JVNDB	id:	JVNDB-2023-021922	date:	2024-01-22T00:32:00
db:	NVD	id:	CVE-2023-32285	date:	2023-11-07T04:14:31.603

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2023-32285	date:	2023-08-11T00:00:00
db:	JVNDB	id:	JVNDB-2023-021922	date:	2024-01-22T00:00:00
db:	NVD	id:	CVE-2023-32285	date:	2023-08-11T03:15:31.647