CVE-2022-37345

Vulnerability

An improper authentication vulnerability exists in the BIOS firmware of certain Intel(R) NUC Kits prior to version RY0386 [1]. The issue occurs in the firmware component responsible for verifying user identity before allowing access to privileged operations. Affected products include multiple Intel NUC models, as detailed in INTEL-SA-00752 [1].

Exploitation

An attacker must have valid local user credentials on the affected system [1]. The attack vector is local, requiring physical or remote interactive access to the machine. The exact steps involve authenticating at the OS level and then exploiting the flawed authentication mechanism in the BIOS firmware to execute privileged commands [1]. No user interaction beyond normal login is required.

Impact

Successful exploitation enables an authenticated user to escalate their privilege level, potentially gaining full control over the BIOS firmware [1]. This can lead to persistent compromise of the platform, as the attacker could modify low-level system settings or inject malicious code that persists across OS reinstalls. The impact is limited to the affected device.

Mitigation

Intel released BIOS firmware version RY0386 to address this vulnerability [1]. Users should update their Intel NUC Kit BIOS to the latest version available from Intel's support site. No workarounds have been published. The vulnerability is not currently listed on the CISA Known Exploited Vulnerabilities (KEV) catalog.