DEPRECATED: Improper Sanitization of Custom Special Characters

CVE-2023-28722

Medium

6.7/10

Summary

Improper buffer restrictions for some Intel NUC BIOS firmware before version IN0048 may allow a privileged user to potentially enable escalation of privilege via local access.

Attack Complexity: HIGH
Attack Vector: LOCAL
Integrity Impact: LOW
Scope: CHANGED
User Interaction: NONE
Privileges Required: HIGH
Confidentiality Impact: LOW
Availability Impact: HIGH

CWE-92 - DEPRECATED: Improper Sanitization of Custom Special Characters

This entry has been deprecated. It originally came from PLOVER, which sometimes defined "other" and "miscellaneous" categories in order to satisfy exhaustiveness requirements for taxonomies. Within the context of CWE, the use of a more abstract entry is preferred in mapping situations. CWE-75 is a more appropriate mapping.

References

Advisory Timeline

Published Jan 19, 2024

DEPRECATED: Improper Sanitization of Custom Special Characters

CVE-2023-28722

Summary

CWE-92 - DEPRECATED: Improper Sanitization of Custom Special Characters

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS