CVE-2023-34438

7.8

HIGH

Intel NUC BIOS Firmware Privilege Escalation

Description

Race condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

INFO

Published Date :

Aug. 11, 2023, 3:15 a.m.

Last Modified :

Nov. 21, 2024, 8:07 a.m.

Source :

[email protected]

Remotely Exploitable :

No

Impact Score :

6.0

Exploitability Score :

1.1

Affected Products

The following products are affected by CVE-2023-34438 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Intel	nuc_kit_nuc6cays_firmware
2	Intel	nuc_kit_nuc6cayh_firmware
3	Intel	nuc_rugged_kit_nuc8cchb_firmware
4	Intel	nuc_rugged_kit_nuc8cchbn_firmware
5	Intel	nuc_rugged_kit_nuc8cchkrn_firmware
6	Intel	nuc_rugged_kit_nuc8cchkr_firmware
7	Intel	nuc_mini_pc_nuc7i3bnhxf_firmware
8	Intel	nuc_mini_pc_nuc7i3bnk_firmware
9	Intel	nuc_mini_pc_nuc7i3bnh_firmware
10	Intel	nuc_mini_pc_nuc7i3bnb_firmware
11	Intel	nuc_mini_pc_nuc7i5bnhx1_firmware
12	Intel	nuc_mini_pc_nuc7i5bnh_firmware
13	Intel	nuc_mini_pc_nuc7i5bnk_firmware
14	Intel	nuc_mini_pc_nuc7i5bnhxf_firmware
15	Intel	nuc_mini_pc_nuc7i5bnkp_firmware
16	Intel	nuc_mini_pc_nuc7i5bnb_firmware
17	Intel	nuc_mini_pc_nuc7i7bnh_firmware
18	Intel	nuc_mini_pc_nuc7i7bnhx1_firmware
19	Intel	nuc_mini_pc_nuc7i7bnhxg_firmware
20	Intel	nuc_mini_pc_nuc7i3bnhx1_firmware
21	Intel	nuc_mini_pc_nuc7i7bnkq_firmware
22	Intel	nuc_mini_pc_nuc7i7bnb_firmware
23	Intel	nuc_kit_nuc7i3bnhxf_firmware
24	Intel	nuc_kit_nuc7i3bnk_firmware
25	Intel	nuc_kit_nuc7i3bnh_firmware
26	Intel	nuc_kit_nuc7i3bnb_firmware
27	Intel	nuc_kit_nuc7i5bnhx1_firmware
28	Intel	nuc_kit_nuc7i5bnh_firmware
29	Intel	nuc_kit_nuc7i5bnk_firmware
30	Intel	nuc_kit_nuc7i5bnhxf_firmware
31	Intel	nuc_kit_nuc7i5bnkp_firmware
32	Intel	nuc_kit_nuc7i5bnb_firmware
33	Intel	nuc_kit_nuc7i7bnh_firmware
34	Intel	nuc_kit_nuc7i7bnhx1_firmware
35	Intel	nuc_kit_nuc7i7bnhxg_firmware
36	Intel	nuc_kit_nuc7i3bnhx1_firmware
37	Intel	nuc_kit_nuc7i7bnkq_firmware
38	Intel	nuc_kit_nuc7i7bnb_firmware
39	Intel	nuc_enthusiast_nuc7i3bnhxf_firmware
40	Intel	nuc_enthusiast_nuc7i3bnk_firmware
41	Intel	nuc_enthusiast_nuc7i3bnh_firmware
42	Intel	nuc_enthusiast_nuc7i3bnb_firmware
43	Intel	nuc_enthusiast_nuc7i5bnhx1_firmware
44	Intel	nuc_enthusiast_nuc7i5bnh_firmware
45	Intel	nuc_enthusiast_nuc7i5bnk_firmware
46	Intel	nuc_enthusiast_nuc7i5bnhxf_firmware
47	Intel	nuc_enthusiast_nuc7i5bnkp_firmware
48	Intel	nuc_enthusiast_nuc7i5bnb_firmware
49	Intel	nuc_enthusiast_nuc7i7bnh_firmware
50	Intel	nuc_enthusiast_nuc7i7bnhx1_firmware
51	Intel	nuc_enthusiast_nuc7i7bnhxg_firmware
52	Intel	nuc_enthusiast_nuc7i3bnhx1_firmware
53	Intel	nuc_enthusiast_nuc7i7bnkq_firmware
54	Intel	nuc_enthusiast_nuc7i7bnb_firmware
55	Intel	nuc_board_nuc7i3bnhxf_firmware
56	Intel	nuc_board_nuc7i3bnk_firmware
57	Intel	nuc_board_nuc7i3bnh_firmware
58	Intel	nuc_board_nuc7i3bnb_firmware
59	Intel	nuc_board_nuc7i5bnhx1_firmware
60	Intel	nuc_board_nuc7i5bnh_firmware
61	Intel	nuc_board_nuc7i5bnk_firmware
62	Intel	nuc_board_nuc7i5bnhxf_firmware
63	Intel	nuc_board_nuc7i5bnkp_firmware
64	Intel	nuc_board_nuc7i5bnb_firmware
65	Intel	nuc_board_nuc7i7bnh_firmware
66	Intel	nuc_board_nuc7i7bnhx1_firmware
67	Intel	nuc_board_nuc7i7bnhxg_firmware
68	Intel	nuc_board_nuc7i3bnhx1_firmware
69	Intel	nuc_board_nuc7i7bnkq_firmware
70	Intel	nuc_board_nuc7i7bnb_firmware
71	Intel	compute_element_stk2mv64cc_firmware
72	Intel	nuc_kit_nuc6cays
73	Intel	nuc_kit_nuc7i7bnh
74	Intel	nuc_kit_nuc7i5bnk
75	Intel	nuc_kit_nuc7i3bnh
76	Intel	nuc_kit_nuc7i5bnh
77	Intel	nuc_kit_nuc7i3bnk
78	Intel	nuc_kit_nuc7i7bnhx1
79	Intel	nuc_kit_nuc7i5bnhx1
80	Intel	nuc_kit_nuc7i3bnhx1
81	Intel	nuc_kit_nuc6cayh
82	Intel	nuc_board_nuc7i3bnb
83	Intel	nuc_board_nuc7i7bnb
84	Intel	nuc_board_nuc7i5bnb
85	Intel	nuc_rugged_kit_nuc8cchb
86	Intel	nuc_rugged_kit_nuc8cchbn
87	Intel	nuc_rugged_kit_nuc8cchkrn
88	Intel	nuc_rugged_kit_nuc8cchkr
89	Intel	nuc_mini_pc_nuc7i3bnhxf
90	Intel	nuc_mini_pc_nuc7i3bnk
91	Intel	nuc_mini_pc_nuc7i3bnh
92	Intel	nuc_mini_pc_nuc7i3bnb
93	Intel	nuc_mini_pc_nuc7i5bnhx1
94	Intel	nuc_mini_pc_nuc7i5bnh
95	Intel	nuc_mini_pc_nuc7i5bnk
96	Intel	nuc_mini_pc_nuc7i5bnhxf
97	Intel	nuc_mini_pc_nuc7i5bnkp
98	Intel	nuc_mini_pc_nuc7i5bnb
99	Intel	nuc_mini_pc_nuc7i7bnh
100	Intel	nuc_mini_pc_nuc7i7bnhx1
101	Intel	nuc_mini_pc_nuc7i7bnhxg
102	Intel	nuc_mini_pc_nuc7i3bnhx1
103	Intel	nuc_mini_pc_nuc7i7bnkq
104	Intel	nuc_mini_pc_nuc7i7bnb
105	Intel	nuc_kit_nuc7i3bnhxf
106	Intel	nuc_kit_nuc7i3bnb
107	Intel	nuc_kit_nuc7i5bnhxf
108	Intel	nuc_kit_nuc7i5bnkp
109	Intel	nuc_kit_nuc7i5bnb
110	Intel	nuc_kit_nuc7i7bnhxg
111	Intel	nuc_kit_nuc7i7bnkq
112	Intel	nuc_kit_nuc7i7bnb
113	Intel	nuc_enthusiast_nuc7i3bnhxf
114	Intel	nuc_enthusiast_nuc7i3bnk
115	Intel	nuc_enthusiast_nuc7i3bnh
116	Intel	nuc_enthusiast_nuc7i3bnb
117	Intel	nuc_enthusiast_nuc7i5bnhx1
118	Intel	nuc_enthusiast_nuc7i5bnh
119	Intel	nuc_enthusiast_nuc7i5bnk
120	Intel	nuc_enthusiast_nuc7i5bnhxf
121	Intel	nuc_enthusiast_nuc7i5bnkp
122	Intel	nuc_enthusiast_nuc7i5bnb
123	Intel	nuc_enthusiast_nuc7i7bnh
124	Intel	nuc_enthusiast_nuc7i7bnhx1
125	Intel	nuc_enthusiast_nuc7i7bnhxg
126	Intel	nuc_enthusiast_nuc7i3bnhx1
127	Intel	nuc_enthusiast_nuc7i7bnkq
128	Intel	nuc_enthusiast_nuc7i7bnb
129	Intel	nuc_board_nuc7i3bnhxf
130	Intel	nuc_board_nuc7i3bnk
131	Intel	nuc_board_nuc7i3bnh
132	Intel	nuc_board_nuc7i5bnhx1
133	Intel	nuc_board_nuc7i5bnh
134	Intel	nuc_board_nuc7i5bnk
135	Intel	nuc_board_nuc7i5bnhxf
136	Intel	nuc_board_nuc7i5bnkp
137	Intel	nuc_board_nuc7i7bnh
138	Intel	nuc_board_nuc7i7bnhx1
139	Intel	nuc_board_nuc7i7bnhxg
140	Intel	nuc_board_nuc7i3bnhx1
141	Intel	nuc_board_nuc7i7bnkq
142	Intel	compute_element_stk2mv64cc

: Total Affected Vendor : 1 | Products : 142

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-34438.

URL	Resource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html	Patch Vendor Advisory
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html	Patch Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-34438 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2023-34438 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

CVE Modified by af854a3a-2127-422b-91ae-364da2661108

Nov. 21, 2024

Action	Type	Old Value	New Value
Added	Reference		http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html

CVE Modified by [email protected]

May. 14, 2024

Action	Type	Old Value	New Value

CVE Modified by [email protected]

Nov. 07, 2023

Action	Type	Old Value	New Value
Added	CWE		Intel Corporation CWE-421

Initial Analysis by [email protected]

Aug. 17, 2023

Action	Type	Old Value	New Value
Added	CVSS V3.1		NIST AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Changed	Reference Type	http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html No Types Assigned	http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html Patch, Vendor Advisory
Added	CWE		NIST CWE-362
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_rugged_kit_nuc8cchb_firmware:-::::::: OR cpe:2.3:h:intel:nuc_rugged_kit_nuc8cchb:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_rugged_kit_nuc8cchbn_firmware:-::::::: OR cpe:2.3:h:intel:nuc_rugged_kit_nuc8cchbn:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_rugged_kit_nuc8cchkrn_firmware:-::::::: OR cpe:2.3:h:intel:nuc_rugged_kit_nuc8cchkrn:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_rugged_kit_nuc8cchkr_firmware:-::::::: OR cpe:2.3:h:intel:nuc_rugged_kit_nuc8cchkr:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc6cayh_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc6cayh:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc6cays_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc6cays:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_mini_pc_nuc7i3bnhxf_firmware:-::::::: OR cpe:2.3:h:intel:nuc_mini_pc_nuc7i3bnhxf:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_mini_pc_nuc7i3bnk_firmware:-::::::: OR cpe:2.3:h:intel:nuc_mini_pc_nuc7i3bnk:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_mini_pc_nuc7i3bnh_firmware:-::::::: OR cpe:2.3:h:intel:nuc_mini_pc_nuc7i3bnh:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_mini_pc_nuc7i3bnb_firmware:-::::::: OR cpe:2.3:h:intel:nuc_mini_pc_nuc7i3bnb:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_mini_pc_nuc7i5bnhx1_firmware:-::::::: OR cpe:2.3:h:intel:nuc_mini_pc_nuc7i5bnhx1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_mini_pc_nuc7i5bnh_firmware:-::::::: OR cpe:2.3:h:intel:nuc_mini_pc_nuc7i5bnh:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_mini_pc_nuc7i5bnk_firmware:-::::::: OR cpe:2.3:h:intel:nuc_mini_pc_nuc7i5bnk:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_mini_pc_nuc7i5bnhxf_firmware:-::::::: OR cpe:2.3:h:intel:nuc_mini_pc_nuc7i5bnhxf:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_mini_pc_nuc7i5bnkp_firmware:-::::::: OR cpe:2.3:h:intel:nuc_mini_pc_nuc7i5bnkp:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_mini_pc_nuc7i5bnb_firmware:-::::::: OR cpe:2.3:h:intel:nuc_mini_pc_nuc7i5bnb:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_mini_pc_nuc7i7bnh_firmware:-::::::: OR cpe:2.3:h:intel:nuc_mini_pc_nuc7i7bnh:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_mini_pc_nuc7i7bnhx1_firmware:-::::::: OR cpe:2.3:h:intel:nuc_mini_pc_nuc7i7bnhx1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_mini_pc_nuc7i7bnhxg_firmware:-::::::: OR cpe:2.3:h:intel:nuc_mini_pc_nuc7i7bnhxg:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_mini_pc_nuc7i3bnhx1_firmware:-::::::: OR cpe:2.3:h:intel:nuc_mini_pc_nuc7i3bnhx1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_mini_pc_nuc7i7bnkq_firmware:-::::::: OR cpe:2.3:h:intel:nuc_mini_pc_nuc7i7bnkq:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_mini_pc_nuc7i7bnb_firmware:-::::::: OR cpe:2.3:h:intel:nuc_mini_pc_nuc7i7bnb:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc7i3bnhxf_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc7i3bnhxf:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc7i3bnk_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc7i3bnk:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc7i3bnh_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc7i3bnh:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc7i3bnb_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc7i3bnb:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc7i5bnhx1_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc7i5bnhx1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc7i5bnh_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc7i5bnh:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc7i5bnk_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc7i5bnk:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc7i5bnhxf_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc7i5bnhxf:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc7i5bnkp_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc7i5bnkp:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc7i5bnb_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc7i5bnb:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc7i7bnh_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc7i7bnh:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc7i7bnhx1_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc7i7bnhx1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc7i7bnhxg_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc7i7bnhxg:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc7i3bnhx1_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc7i3bnhx1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc7i7bnkq_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc7i7bnkq:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_kit_nuc7i7bnb_firmware:-::::::: OR cpe:2.3:h:intel:nuc_kit_nuc7i7bnb:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_enthusiast_nuc7i3bnhxf_firmware:-::::::: OR cpe:2.3:h:intel:nuc_enthusiast_nuc7i3bnhxf:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_enthusiast_nuc7i3bnk_firmware:-::::::: OR cpe:2.3:h:intel:nuc_enthusiast_nuc7i3bnk:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_enthusiast_nuc7i3bnh_firmware:-::::::: OR cpe:2.3:h:intel:nuc_enthusiast_nuc7i3bnh:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_enthusiast_nuc7i3bnb_firmware:-::::::: OR cpe:2.3:h:intel:nuc_enthusiast_nuc7i3bnb:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_enthusiast_nuc7i5bnhx1_firmware:-::::::: OR cpe:2.3:h:intel:nuc_enthusiast_nuc7i5bnhx1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_enthusiast_nuc7i5bnh_firmware:-::::::: OR cpe:2.3:h:intel:nuc_enthusiast_nuc7i5bnh:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_enthusiast_nuc7i5bnk_firmware:-::::::: OR cpe:2.3:h:intel:nuc_enthusiast_nuc7i5bnk:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_enthusiast_nuc7i5bnhxf_firmware:-::::::: OR cpe:2.3:h:intel:nuc_enthusiast_nuc7i5bnhxf:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_enthusiast_nuc7i5bnkp_firmware:-::::::: OR cpe:2.3:h:intel:nuc_enthusiast_nuc7i5bnkp:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_enthusiast_nuc7i5bnb_firmware:-::::::: OR cpe:2.3:h:intel:nuc_enthusiast_nuc7i5bnb:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_enthusiast_nuc7i7bnh_firmware:-::::::: OR cpe:2.3:h:intel:nuc_enthusiast_nuc7i7bnh:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_enthusiast_nuc7i7bnhx1_firmware:-::::::: OR cpe:2.3:h:intel:nuc_enthusiast_nuc7i7bnhx1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_enthusiast_nuc7i7bnhxg_firmware:-::::::: OR cpe:2.3:h:intel:nuc_enthusiast_nuc7i7bnhxg:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_enthusiast_nuc7i3bnhx1_firmware:-::::::: OR cpe:2.3:h:intel:nuc_enthusiast_nuc7i3bnhx1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_enthusiast_nuc7i7bnkq_firmware:-::::::: OR cpe:2.3:h:intel:nuc_enthusiast_nuc7i7bnkq:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_enthusiast_nuc7i7bnb_firmware:-::::::: OR cpe:2.3:h:intel:nuc_enthusiast_nuc7i7bnb:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_board_nuc7i3bnhxf_firmware:-::::::: OR cpe:2.3:h:intel:nuc_board_nuc7i3bnhxf:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_board_nuc7i3bnk_firmware:-::::::: OR cpe:2.3:h:intel:nuc_board_nuc7i3bnk:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_board_nuc7i3bnh_firmware:-::::::: OR cpe:2.3:h:intel:nuc_board_nuc7i3bnh:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_board_nuc7i3bnb_firmware:-::::::: OR cpe:2.3:h:intel:nuc_board_nuc7i3bnb:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_board_nuc7i5bnhx1_firmware:-::::::: OR cpe:2.3:h:intel:nuc_board_nuc7i5bnhx1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_board_nuc7i5bnh_firmware:-::::::: OR cpe:2.3:h:intel:nuc_board_nuc7i5bnh:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_board_nuc7i5bnk_firmware:-::::::: OR cpe:2.3:h:intel:nuc_board_nuc7i5bnk:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_board_nuc7i5bnhxf_firmware:-::::::: OR cpe:2.3:h:intel:nuc_board_nuc7i5bnhxf:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_board_nuc7i5bnkp_firmware:-::::::: OR cpe:2.3:h:intel:nuc_board_nuc7i5bnkp:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_board_nuc7i5bnb_firmware:-::::::: OR cpe:2.3:h:intel:nuc_board_nuc7i5bnb:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_board_nuc7i7bnh_firmware:-::::::: OR cpe:2.3:h:intel:nuc_board_nuc7i7bnh:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_board_nuc7i7bnhx1_firmware:-::::::: OR cpe:2.3:h:intel:nuc_board_nuc7i7bnhx1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_board_nuc7i7bnhxg_firmware:-::::::: OR cpe:2.3:h:intel:nuc_board_nuc7i7bnhxg:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_board_nuc7i3bnhx1_firmware:-::::::: OR cpe:2.3:h:intel:nuc_board_nuc7i3bnhx1:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_board_nuc7i7bnkq_firmware:-::::::: OR cpe:2.3:h:intel:nuc_board_nuc7i7bnkq:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:nuc_board_nuc7i7bnb_firmware:-::::::: OR cpe:2.3:h:intel:nuc_board_nuc7i7bnb:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:intel:compute_element_stk2mv64cc_firmware:-::::::: OR cpe:2.3:h:intel:compute_element_stk2mv64cc:-:::::::*

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-34438 is associated with the following CWEs:

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-421: Race Condition During Access to Alternate Channel

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2023-34438 weaknesses.

CAPEC-26: Leveraging Race Conditions Leveraging Race Conditions CAPEC-29: Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions

CVE-2023-34438

Intel NUC BIOS Firmware Privilege Escalation

Description

INFO

Aug. 11, 2023, 3:15 a.m.

Nov. 21, 2024, 8:07 a.m.

[email protected]

No

6.0

1.1

Affected Products

References to Advisories, Solutions, and Tools

CVE Modified by af854a3a-2127-422b-91ae-364da2661108

CVE Modified by [email protected]

CVE Modified by [email protected]

Initial Analysis by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

0.04 }} 0.00%

0.06979

CVSS31 - Vulnerability Scoring System

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable