CVE-2022-38101

Summary

Uncontrolled search path in some Intel(R) NUC Chaco Canyon BIOS update software before version iFlashV Windows 5.13.00.2105 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Software

VendorProductVersion RangeStatus
n/aIntel(R) NUC Chaco Canyon BIOS update softwarebefore version iFlashV Windows 5.13.00.2105affected

Weaknesses

  • escalation of privilege
  • CWE-427: Uncontrolled search path

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References