7.5
CVE-2022-29510
- EPSS 0.09%
- Published 14.11.2023 19:15:11
- Last modified 21.11.2024 06:59:13
- Source secure@intel.com
- Teams watchlist Login
- Open Login
Improper buffer restrictions in some Intel(R) Server Board M10JNP2SB BIOS firmware before version 7.219 may allow a privileged user to potentially enable escalation of privilege via local access.
Data is provided by the National Vulnerability Database (NVD)
Intel ≫ Compute Module Hns2600bp Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpb Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpb24 Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpb24r Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpblc Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpblc24 Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpblc24r Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpblcr Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpbr Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpbrct Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpq Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpq24 Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpq24r Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpqr Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpr Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bps Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bps24 Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bps24r Firmware Version < 02.01.0015
Intel ≫ Compute Module Hns2600bpsr Firmware Version < 02.01.0015
Intel ≫ Server Board M10jnp2sb Firmware Version < 7.219
Intel ≫ Server Board M20ntp2sb Firmware Version < 0022.d02
Intel ≫ Server Board M70klp2sb Firmware Version < 01.04.0029
Intel ≫ Server Board S2600bpb Firmware Version < 02.01.0015
Intel ≫ Server Board S2600bpbr Firmware Version < 02.01.0015
Intel ≫ Server Board S2600bpq Firmware Version < 02.01.0015
Intel ≫ Server Board S2600bpqr Firmware Version < 02.01.0015
Intel ≫ Server Board S2600bps Firmware Version < 02.01.0015
Intel ≫ Server Board S2600bpsr Firmware Version < 02.01.0015
Intel ≫ Server System M20ntp1ur304 Firmware Version < 0022.d02
Intel ≫ Server System M70klp4s2uhh Firmware Version < 01.04.0029
Intel ≫ Server System Mcb2208wfaf5 Firmware Version < 02.01.0015
Intel ≫ Server System Vrn2224bpaf6 Firmware Version < 02.01.0015
Intel ≫ Server System Vrn2224bphy6 Firmware Version < 02.01.0015
Intel ≫ Server System Zsb2224bpaf1 Firmware Version < 02.01.0015
Intel ≫ Server System Zsb2224bpaf2 Firmware Version < 02.01.0015
Intel ≫ Server System Zsb2224bphy1 Firmware Version < 02.01.0015
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.256 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| secure@intel.com | 7.5 | 0.8 | 6 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-92 DEPRECATED: Improper Sanitization of Custom Special Characters
This entry has been deprecated. It originally came from PLOVER, which sometimes defined "other" and "miscellaneous" categories in order to satisfy exhaustiveness requirements for taxonomies. Within the context of CWE, the use of a more abstract entry is preferred in mapping situations. CWE-75 is a more appropriate mapping.