April 26, 2024
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple Cisco EPNM and Prime Infrastructure Vulnerabilities
January 11, 2024Rewterz Threat Update – Pro-Ukraine Hacktivists Breach Russian ISP as Revenge for KyivStar Attack
January 11, 2024Rewterz Threat Advisory – Multiple Cisco EPNM and Prime Infrastructure Vulnerabilities
January 11, 2024Rewterz Threat Update – Pro-Ukraine Hacktivists Breach Russian ISP as Revenge for KyivStar Attack
January 11, 2024
Severity
High
Analysis Summary
CVE-2023-28722, CVE-2023-29495, CVE-2023-28743, CVE-2023-28738
Intel NUC BIOS could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper validation of user-supplied input. By sending a specially crafted request, an attacker could exploit this vulnerability to gain elevated privileges.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2023-28722
- CVE-2023-29495
- CVE-2023-28743
- CVE-2023-28738
Affected Vendors
Intel
Affected Products
- Intel NUC 7 Essential NUC7CJYSAMN
- Intel NUC 7 Essential PC NUC7CJYSAL
- Intel NUC 8 Mainstream-G kit NUC8i5INH
- Intel NUC 8 Mainstream-G kit NUC8i7INH
- Intel NUC NUC7CJYH
- Intel NUC NUC7PJYH
- Intel NUC NUC9V7QNB
- Intel NUC NUC9V7QNX
Remediation
Refer to INTEL Security Advisory for patch, upgrade or suggested workaround information.