CVE-2022-34147

Q: What is the severity of CVE-2022-34147?

CVE-2022-34147 has a CVSS score of 7.5 (HIGH). This CVE describes an improper input validation vulnerability in BIOS firmware for specific Intel NUC devices. A privileged user with local access could exploit this to escalate privileges on the affected system. The vulnerability affects Intel NUC 9 Extreme Laptop Kits, NUC Performance Kits, NUC Performance Mini PCs, NUC 8 Compute Elements, NUC Pro Kits, NUC Pro Boards, and NUC Compute Elements.

7.5 HIGH

📋 TL;DR

This CVE describes an improper input validation vulnerability in BIOS firmware for specific Intel NUC devices. A privileged user with local access could exploit this to escalate privileges on the affected system. The vulnerability affects Intel NUC 9 Extreme Laptop Kits, NUC Performance Kits, NUC Performance Mini PCs, NUC 8 Compute Elements, NUC Pro Kits, NUC Pro Boards, and NUC Compute Elements.

💻 Affected Systems

Products:

Intel NUC 9 Extreme Laptop Kits
Intel NUC Performance Kits
Intel NUC Performance Mini PC
Intel NUC 8 Compute Element
Intel NUC Pro Kit
Intel NUC Pro Board
Intel NUC Compute Element

Versions: Specific BIOS versions before the fix; check Intel advisory for exact versions

Operating Systems: All operating systems running on affected hardware

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in BIOS firmware, so all operating systems are affected when running on vulnerable hardware.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

A privileged attacker could gain full system control, potentially compromising the BIOS firmware itself, leading to persistent malware installation or complete system takeover.

🟠

Likely Case

A malicious insider or compromised privileged account could elevate privileges to gain unauthorized access to sensitive system resources or data.

🟢

If Mitigated

With proper access controls limiting local administrative privileges and BIOS password protection, the attack surface is significantly reduced.

🌐 Internet-Facing: LOW - This vulnerability requires local access to exploit, making direct internet-facing exploitation unlikely.

🏢 Internal Only: HIGH - This poses significant risk in internal environments where privileged users could exploit it for privilege escalation attacks.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires privileged local access and BIOS-level manipulation knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: BIOS updates specified in Intel advisory SA-00777

Vendor Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html

Restart Required: Yes

Instructions:

1. Download the latest BIOS update from Intel's support site for your specific NUC model. 2. Follow Intel's BIOS update instructions for your device. 3. Reboot the system to apply the BIOS update.

🔧 Temporary Workarounds

Restrict Local Administrative Access

all

Limit the number of users with local administrative privileges to reduce attack surface.

Enable BIOS Password Protection

all

Set BIOS administrator password to prevent unauthorized BIOS modifications.

🧯 If You Can't Patch

Implement strict access controls to limit who has local administrative privileges on affected systems.
Physically secure affected devices to prevent unauthorized local access.

🔍 How to Verify

Check if Vulnerable:

Check BIOS version in system settings or using Intel's System Support Utility, then compare against patched versions in Intel advisory SA-00777.

Check Version:

On Windows: wmic bios get smbiosbiosversion. On Linux: sudo dmidecode -s bios-version.

Verify Fix Applied:

Verify BIOS version has been updated to the patched version specified in Intel's advisory.

📡 Detection & Monitoring

Log Indicators:

Unusual BIOS modification attempts
Failed BIOS update attempts
Multiple privilege escalation attempts from same user

Network Indicators:

No network indicators - this is a local privilege escalation vulnerability

SIEM Query:

Look for events related to BIOS modifications or privilege escalation from administrative accounts.

📊 Metadata

CVE ID: CVE-2022-34147

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-20

Published: May 10, 2023

Last Updated: November 21, 2024

🔗 References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00777.html Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Cm8ccb4r Firmware by Intel

Cm8i3cb4n Firmware by Intel

Cm8i5cb8n Firmware by Intel

Cm8i7cb8n Firmware by Intel

Cm8pcb4r Firmware by Intel

Lapqc71a Firmware by Intel

Lapqc71b Firmware by Intel

Lapqc71c Firmware by Intel

Lapqc71d Firmware by Intel

Nuc10i3fnh Firmware by Intel

Nuc10i3fnhf Firmware by Intel

Nuc10i3fnhfa Firmware by Intel

Nuc10i3fnhja Firmware by Intel

Nuc10i3fnhn Firmware by Intel

Nuc10i3fnk Firmware by Intel

Nuc10i3fnkn Firmware by Intel

Nuc10i5fnh Firmware by Intel

Nuc10i5fnhca Firmware by Intel

Nuc10i5fnhf Firmware by Intel

Nuc10i5fnhj Firmware by Intel

Nuc10i5fnhja Firmware by Intel

Nuc10i5fnhn Firmware by Intel

Nuc10i5fnk Firmware by Intel

Nuc10i5fnkn Firmware by Intel

Nuc10i5fnkp Firmware by Intel

Nuc10i5fnkpa Firmware by Intel

Nuc10i7fnh Firmware by Intel

Nuc10i7fnhaa Firmware by Intel

Nuc10i7fnhc Firmware by Intel

Nuc10i7fnhja Firmware by Intel

Nuc10i7fnhn Firmware by Intel

Nuc10i7fnk Firmware by Intel

Nuc10i7fnkn Firmware by Intel

Nuc10i7fnkp Firmware by Intel

Nuc10i7fnkpa Firmware by Intel

Nuc8i3pnb Firmware by Intel

Nuc8i3pnh Firmware by Intel

Nuc8i3pnk Firmware by Intel

Nuc9i5qn Firmware by Intel

Nuc9i7qn Firmware by Intel

Nuc9i9qn Firmware by Intel