Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-27229

Path transversal in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Published

2023-11-14T19:15:10.813

Last Modified

2024-11-21T06:55:27.417

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.7 (MEDIUM)

Weaknesses

Type: Secondary
CWE-249
Type: Primary
CWE-22

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	intel	hdmi_firmware	< 1.79.1.1	Yes
Hardware	intel	nuc_7_business_nuc7i3dnhnc	-	No
Hardware	intel	nuc_7_business_nuc7i3dnktc	-	No
Hardware	intel	nuc_7_business_nuc7i5dnkpc	-	No
Hardware	intel	nuc_7_business_nuc7i5dnkpu	-	No
Hardware	intel	nuc_kit_nuc7i3dnhe	-	No
Hardware	intel	nuc_kit_nuc7i3dnke	-	No
Hardware	intel	nuc_kit_nuc7i5dnhe	-	No
Hardware	intel	nuc_kit_nuc7i5dnke	-	No
Hardware	intel	nuc_kit_nuc7i7dnhe	-	No
Hardware	intel	nuc_kit_nuc7i7dnke	-	No

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html Patch, Vendor Advisory ([email protected])
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)