Vulnerability Details : CVE-2023-40540
Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access.
Vulnerability category: Information leak
Products affected by CVE-2023-40540
- cpe:2.3:o:intel:nuc_m15_laptop_kit_lapbc510_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_m15_laptop_kit_lapbc710_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi3_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi7_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_performance_kit_nuc11paki3_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_performance_kit_nuc11paki5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_performance_kit_nuc11paki7_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_performance_mini_pc_nuc11paqi50wa_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_performance_mini_pc_nuc11paqi70qa_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbi3_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbi5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbi7_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi3_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi30l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi30p_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi50l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi50w_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi7_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi70l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi70q_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnki3_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnki5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_enthusiast_kit_nuc11phki7c_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_enthusiast_mini_pc_nuc11phki7caa_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbi30z_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbi50z_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbi70z_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi50z_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi70z_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnki70z_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnki30z_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi30z_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnki50z_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi30z_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi50z_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi70z_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnkv50z_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhv70l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhv50l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbv7_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnkv5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnkv7_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhv5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_mini_pc_nuc11tnkv5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_mini_pc_nuc11tnkv7_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhv7_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbv5_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_x15_laptop_kit_lapkc71f_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_x15_laptop_kit_lapkc71e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_x15_laptop_kit_lapkc51e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_9_extreme_laptop_kit_lapqc71b_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_9_extreme_laptop_kit_lapqc71d_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_9_extreme_laptop_kit_lapqc71c_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:intel:nuc_9_extreme_laptop_kit_lapqc71a_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-40540
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 7 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-40540
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.4
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
0.8
|
3.6
|
NIST | |
4.1
|
MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N |
0.5
|
3.6
|
Intel Corporation |
CWE ids for CVE-2023-40540
-
Hardware structures shared across execution contexts (e.g., caches and branch predictors) can violate the expected architecture isolation between contexts.Assigned by: secure@intel.com (Secondary)
References for CVE-2023-40540
-
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html
INTEL-SA-01001Patch;Vendor Advisory
Jump to