CVE & CISA-KEV Catalog

CVE-2022-21237

MEDIUM
6.7
CVSS v3
NVD

Description

Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.

How to fix

Remediation Available
lapbc510 firmwareNVD
Affected:< bctgl357.0065Fixed in:bctgl357.0065CVE-2022-21237derived from NVD
lapbc710 firmwareNVD
Affected:< bctgl357.0065Fixed in:bctgl357.0065CVE-2022-21237derived from NVD
lapkc51e firmwareNVD
Affected:< kctgl357.0040Fixed in:kctgl357.0040CVE-2022-21237derived from NVD
lapkc71e firmwareNVD
Affected:< kctgl357.0040Fixed in:kctgl357.0040CVE-2022-21237derived from NVD
lapkc71f firmwareNVD
Affected:< kctgl357.0040Fixed in:kctgl357.0040CVE-2022-21237derived from NVD
nuc11btmi7 firmwareNVD
Affected:< dbtgl579.0055Fixed in:dbtgl579.0055CVE-2022-21237derived from NVD
nuc11btmi9 firmwareNVD
Affected:< dbtgl579.0055Fixed in:dbtgl579.0055CVE-2022-21237derived from NVD
nuc11dbbi7 firmwareNVD
Affected:< dbtgl579.0055Fixed in:dbtgl579.0055CVE-2022-21237derived from NVD
nuc11dbbi9 firmwareNVD
Affected:< dbtgl579.0055Fixed in:dbtgl579.0055CVE-2022-21237derived from NVD
nuc11pa firmwareNVD
Affected:< patgl357.0042Fixed in:patgl357.0042CVE-2022-21237derived from NVD
nuc11pah firmwareNVD
Affected:< patgl357.0042Fixed in:patgl357.0042CVE-2022-21237derived from NVD
nuc11paq firmwareNVD
Affected:< patgl357.0042Fixed in:patgl357.0042CVE-2022-21237derived from NVD
nuc8i3cysm firmwareNVD
Affected:< cycnli35.86a.0050Fixed in:cycnli35.86a.0050CVE-2022-21237derived from NVD
nuc8i3cysn firmwareNVD
Affected:< cycnli35.86a.0050Fixed in:cycnli35.86a.0050CVE-2022-21237derived from NVD
nuc9i5qn firmwareNVD
Affected:< qxcfl579.0064Fixed in:qxcfl579.0064CVE-2022-21237derived from NVD
nuc9i7qn firmwareNVD
Affected:< qxcfl579.0064Fixed in:qxcfl579.0064CVE-2022-21237derived from NVD
nuc9i9qn firmwareNVD
Affected:< qxcfl579.0064Fixed in:qxcfl579.0064CVE-2022-21237derived from NVD
nuc 11 compute element cm11ebc4w firmwareNVD
Affected:< ebtgl357.0057Fixed in:ebtgl357.0057CVE-2022-21237derived from NVD
nuc 11 compute element cm11ebi38w firmwareNVD
Affected:< ebtgl357.0057Fixed in:ebtgl357.0057CVE-2022-21237derived from NVD
nuc 11 compute element cm11ebi58w firmwareNVD
Affected:< ebtgl357.0057Fixed in:ebtgl357.0057CVE-2022-21237derived from NVD
nuc 11 compute element cm11ebi716w firmwareNVD
Affected:< ebtgl357.0057Fixed in:ebtgl357.0057CVE-2022-21237derived from NVD
nuc 11 enthusiast kit nuc11phki7c firmwareNVD
Affected:< phtgl579.0064Fixed in:phtgl579.0064CVE-2022-21237derived from NVD
nuc 11 enthusiast mini pc nuc11phki7caa firmwareNVD
Affected:< phtgl579.0064Fixed in:phtgl579.0064CVE-2022-21237derived from NVD
nuc 11 pro board nuc11tnbi30z firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro board nuc11tnbi3 firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro board nuc11tnbi50z firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro board nuc11tnbi5 firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro board nuc11tnbi70z firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro board nuc11tnbi7 firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnhi30l firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnhi30p firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnhi30z firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnhi3 firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnhi50l firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnhi50w firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnhi50z firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnhi5 firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnhi70l firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnhi70q firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnhi70z firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnhi7 firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnki30z firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnki3 firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnki50z firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnki5 firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnki70z firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 11 pro kit nuc11tnki7 firmwareNVD
Affected:< tntgl357.0059Fixed in:tntgl357.0059CVE-2022-21237derived from NVD
nuc 8 compute element cm8ccb firmwareNVD
Affected:< cbwhl.0095Fixed in:cbwhl.0095CVE-2022-21237derived from NVD
nuc 8 compute element cm8i3cb firmwareNVD
Affected:< cbwhl.0095Fixed in:cbwhl.0095CVE-2022-21237derived from NVD
nuc 8 compute element cm8i5cb firmwareNVD
Affected:< cbwhl.0095Fixed in:cbwhl.0095CVE-2022-21237derived from NVD
nuc 8 compute element cm8i7cb firmwareNVD
Affected:< cbwhl.0095Fixed in:cbwhl.0095CVE-2022-21237derived from NVD
nuc 8 compute element cm8pcb firmwareNVD
Affected:< cbwhl.0095Fixed in:cbwhl.0095CVE-2022-21237derived from NVD
nuc 9 pro compute element nuc9v7qnb firmwareNVD
Affected:< qncflx70.0064Fixed in:qncflx70.0064CVE-2022-21237derived from NVD
nuc 9 pro compute element nuc9vxqnb firmwareNVD
Affected:< qncflx70.0064Fixed in:qncflx70.0064CVE-2022-21237derived from NVD
nuc 9 pro kit nuc9v7qnx firmwareNVD
Affected:< qncflx70.0064Fixed in:qncflx70.0064CVE-2022-21237derived from NVD
nuc 9 pro kit nuc9vxqnx firmwareNVD
Affected:< qncflx70.0064Fixed in:qncflx70.0064CVE-2022-21237derived from NVD
nuc kit nuc8i3b firmwareNVD
Affected:< becfl357.0089Fixed in:becfl357.0089CVE-2022-21237derived from NVD
nuc kit nuc8i5be firmwareNVD
Affected:< becfl357.0089Fixed in:becfl357.0089CVE-2022-21237derived from NVD
nuc kit nuc8i7be firmwareNVD
Affected:< becfl357.0089Fixed in:becfl357.0089CVE-2022-21237derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

0.23%probability of exploitation in 30 days
13thpercentile

Low risk: more likely to be exploited than 13% of all known CVEs.

References

Patch1

Related Vulnerabilities

Other CWE-119 (Buffer Overflow) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2023-4966Critical9.4100%KEV + RansomFix
CVE-2017-11882High7.8100%KEV + Ransom-
CVE-2020-0796Critical10.0100%KEV + Ransom-
CVE-2008-4250Critical9.899%KEV-
CVE-2017-15944Critical9.898%KEVFix
CVE-2015-0014High10.097%--
Embed a live status badge for CVE-2022-21237
CVE-2022-21237 severity badge

Markdown

[![CVE-2022-21237](https://tridentstack.com/cve/badge/CVE-2022-21237.svg)](https://tridentstack.com/cve/CVE-2022-21237)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-21237"><img src="https://tridentstack.com/cve/badge/CVE-2022-21237.svg" alt="CVE-2022-21237"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-05-05.