Details of VAR-202308-2351

ID

VAR-202308-2351

CVE

CVE-2023-34086

TITLE

Vulnerabilities in multiple Intel products

Trust: 0.8

sources: JVNDB: JVNDB-2023-021668

DESCRIPTION

Improper input validation in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. nuc rugged kit nuc8cchb firmware, nuc rugged kit nuc8cchbn firmware, nuc rugged kit nuc8cchkrn Multiple Intel products such as firmware have unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2023-34086 // JVNDB: JVNDB-2023-021668 // VULMON: CVE-2023-34086

AFFECTED PRODUCTS

vendor:	intel	model:	nuc board nuc7i5bnhxf	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc6cays	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i3bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i5bnhxf	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc rugged kit nuc8cchbn	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i5bnk	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i7bnhxg	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i7bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i3bnhxf	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc rugged kit nuc8cchkr	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i7bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i3bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i7bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i5bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i3bnk	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i7bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i3bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i7bnkq	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i7bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i7bnkq	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i3bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i5bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i5bnhxf	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i3bnhxf	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i7bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc rugged kit nuc8cchkrn	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i5bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i3bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i3bnk	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i3bnk	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i3bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc rugged kit nuc8cchb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i7bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i5bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i5bnk	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i3bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i5bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i5bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i7bnkq	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i5bnk	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i7bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i5bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i5bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i3bnhxf	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i3bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i5bnkp	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i7bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i7bnhxg	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i5bnkp	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i7bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i3bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i5bnkp	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i5bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i7bnhxg	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i7bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i3bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i5bnhxf	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	compute element stk2mv64cc	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i7bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i3bnk	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i5bnhx1	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i3bnb	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i5bnkp	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc6cayh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc mini pc nuc7i3bnhxf	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i5bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i5bnk	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i7bnkq	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc enthusiast nuc7i3bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc board nuc7i7bnhxg	scope:	eq	version:	-	Trust: 1.0
vendor:	intel	model:	nuc kit nuc7i5bnh	scope:	eq	version:	-	Trust: 1.0
vendor:	インテル	model:	nuc mini pc nuc7i5bnh	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc rugged kit nuc8cchkr	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i3bnh	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel nuc kit nuc6cays	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i5bnhx1	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i3bnb	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i5bnkp	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i3bnk	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i7bnhx1	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i7bnhxg	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc rugged kit nuc8cchbn	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc rugged kit nuc8cchkrn	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i3bnhx1	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i5bnhxf	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i3bnhxf	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i5bnk	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i7bnh	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc rugged kit nuc8cchb	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	nuc mini pc nuc7i5bnb	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel nuc kit nuc6cayh	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2023-021668 // NVD: CVE-2023-34086

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2023-34086
value:	MEDIUM
Trust: 1.0
secure@intel.com:	CVE-2023-34086
value:	HIGH
Trust: 1.0
NVD:	CVE-2023-34086
value:	MEDIUM
Trust: 0.8

nvd@nist.gov:	CVE-2023-34086
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.1
Trust: 1.0
secure@intel.com:	CVE-2023-34086
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.5
impactScore:	6.0
version:	3.1
Trust: 1.0
NVD:	CVE-2023-34086
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2023-021668 // NVD: CVE-2023-34086 // NVD: CVE-2023-34086

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-20	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-021668 // NVD: CVE-2023-34086

EXTERNAL IDS

db:	NVD	id:	CVE-2023-34086	Trust: 2.7
db:	JVN	id:	JVNVU99796803	Trust: 0.8
db:	JVNDB	id:	JVNDB-2023-021668	Trust: 0.8
db:	VULMON	id:	CVE-2023-34086	Trust: 0.1

sources: VULMON: CVE-2023-34086 // JVNDB: JVNDB-2023-021668 // NVD: CVE-2023-34086

REFERENCES

url:	http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html	Trust: 1.9
url:	https://jvn.jp/vu/jvnvu99796803/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2023-34086	Trust: 0.8
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2023-34086 // JVNDB: JVNDB-2023-021668 // NVD: CVE-2023-34086

SOURCES

db:	VULMON	id:	CVE-2023-34086
db:	JVNDB	id:	JVNDB-2023-021668
db:	NVD	id:	CVE-2023-34086

LAST UPDATE DATE

2024-08-14T12:15:48.259000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2023-34086	date:	2023-08-11T00:00:00
db:	JVNDB	id:	JVNDB-2023-021668	date:	2024-01-19T07:55:00
db:	NVD	id:	CVE-2023-34086	date:	2023-11-07T04:15:28.970

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2023-34086	date:	2023-08-11T00:00:00
db:	JVNDB	id:	JVNDB-2023-021668	date:	2024-01-19T00:00:00
db:	NVD	id:	CVE-2023-34086	date:	2023-08-11T03:15:33.763