CVE-2022-36789

Improper access control in BIOS firmware for some Intel(R) NUC 10 Performance Kits and Intel(R) NUC 10 Performance Mini PCs before version FNCML357.0053 may allow a privileged user to potentially enable escalation of privilege via local access.

Published: Nov 11, 2022
Updated: Nov 16, 2025
CVE: CVE-2022-36789
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CWEs:

CWE-284

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
intel / nuc_10_performance_kit_nuc10i7fnhn_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i5fnkn_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i5fnhn_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i7fnkn_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i3fnhn_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i3fnkn_firmware	-	fncml357.0053
intel / nuc_10_performance_mini_pc_nuc10i5fnhja_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i3fnhf_firmware	-	fncml357.0053
intel / nuc_10_performance_mini_pc_nuc10i5fnhca_firmware	-	fncml357.0053
intel / nuc_10_performance_mini_pc_nuc10i3fnhfa_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i5fnhj_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i7fnhc_firmware	-	fncml357.0053
intel / nuc_10_performance_mini_pc_nuc10i7fnhja_firmware	-	fncml357.0053
intel / nuc_10_performance_mini_pc_nuc10i3fnhja_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i3fnk_firmware	-	fncml357.0053
intel / nuc_10_performance_mini_pc_nuc10i7fnhaa_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i5fnh_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i5fnk_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i7fnh_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i5fnhf_firmware	-	fncml357.0053
intel / nuc_10_performance_mini_pc_nuc10i7fnkpa_firmware	-	fncml357.0053
intel / nuc_10_performance_mini_pc_nuc10i5fnkpa_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i3fnh_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i7fnk_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i7fnkp_firmware	-	fncml357.0053
intel / nuc_10_performance_kit_nuc10i5fnkp_firmware	-	fncml357.0053

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html

Vulnerability Database

308,485

CVE-2022-36789

Deep Security Visibility Without the Complexity