CVE-2023-38587

HIGH

Intel NUC BIOS - Privilege Escalation

Title source: llm
STIX 2.1

Description

Improper input validation in some Intel NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

References (1)

Core 1

Scores

CVSS v3 7.5
EPSS 0.0005
EPSS Percentile 16.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-20
Status published
Products (13)
intel/nuc_8_enthusiast_nuc8i7behga_firmware becfl357.0095
intel/nuc_8_enthusiast_nuc8i7bekqa_firmware becfl357.0095
intel/nuc_8_home_nuc8i3behfa_firmware becfl357.0095
intel/nuc_8_home_nuc8i5behfa_firmware becfl357.0095
intel/nuc_8_home_nuc8i5bekpa_firmware becfl357.0095
intel/nuc_kit_nuc8i3beh_firmware becfl357.0095
intel/nuc_kit_nuc8i3behs_firmware becfl357.0095
intel/nuc_kit_nuc8i3bek_firmware becfl357.0095
intel/nuc_kit_nuc8i5beh_firmware becfl357.0095
intel/nuc_kit_nuc8i5behs_firmware becfl357.0095
... and 3 more
Published Jan 19, 2024
Tracked Since Feb 18, 2026