CVE-2022-33945

EPSS 0.07%
Published 14.11.2023 19:15:11
Last modified 21.11.2024 07:08:39
Source secure@intel.com
Teams watchlist Login
Open Login

Improper input validation in some Intel(R) Server board and Intel(R) Server System BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Intel ≫ Server Board M70klp2sb Firmware Version < 01.04.0022

Intel ≫ Server Board M70klp2sb Version-

Intel ≫ Server System M70klp4s2uhh Firmware Version < 01.04.0022

Intel ≫ Server System M70klp4s2uhh Version-

Intel ≫ Server Board M20ntp2sb Firmware Version < 0022.d02

Intel ≫ Server Board M20ntp2sb Version-

Intel ≫ Server System M20ntp1ur304 Firmware Version < 0022.d02

Intel ≫ Server System M20ntp1ur304 Version-

Intel ≫ Server Board M10jnp2sb Firmware Version < 7.219

Intel ≫ Server Board M10jnp2sb Version-

Intel ≫ Server Board S2600bpbr Firmware Version < 02.01.0015

Intel ≫ Server Board S2600bpbr Version-

Intel ≫ Server Board S2600bps Firmware Version < 02.01.0015

Intel ≫ Server Board S2600bps Version-

Intel ≫ Server Board S2600bpsr Firmware Version < 02.01.0015

Intel ≫ Server Board S2600bpsr Version-

Intel ≫ Server Board S2600bpqr Firmware Version < 02.01.0015

Intel ≫ Server Board S2600bpqr Version-

Intel ≫ Server Board S2600bpb Firmware Version < 02.01.0015

Intel ≫ Server Board S2600bpb Version-

Intel ≫ Server Board S2600bpq Firmware Version < 02.01.0015

Intel ≫ Server Board S2600bpq Version-

Intel ≫ Compute Module Hns2600bpblcr Firmware Version < 02.01.0015

Intel ≫ Compute Module Hns2600bpblcr Version-

Intel ≫ Compute Module Hns2600bpblc Firmware Version < 02.01.0015

Intel ≫ Compute Module Hns2600bpblc Version-

Intel ≫ Compute Module Hns2600bpblc24r Firmware Version < 02.01.0015

Intel ≫ Compute Module Hns2600bpblc24r Version-

Intel ≫ Compute Module Hns2600bps Firmware Version < 02.01.0015

Intel ≫ Compute Module Hns2600bps Version-

Intel ≫ Compute Module Hns2600bps24 Firmware Version < 02.01.0015

Intel ≫ Compute Module Hns2600bps24 Version-

Intel ≫ Compute Module Hns2600bpbr Firmware Version < 02.01.0015

Intel ≫ Compute Module Hns2600bpbr Version-

Intel ≫ Compute Module Hns2600bpqr Firmware Version < 02.01.0015

Intel ≫ Compute Module Hns2600bpqr Version-

Intel ≫ Compute Module Hns2600bpsr Firmware Version < 02.01.0015

Intel ≫ Compute Module Hns2600bpsr Version-

Intel ≫ Compute Module Hns2600bps24r Firmware Version < 02.01.0015

Intel ≫ Compute Module Hns2600bps24r Version-

Intel ≫ Compute Module Hns2600bpq24r Firmware Version < 02.01.0015

Intel ≫ Compute Module Hns2600bpq24r Version-

Intel ≫ Compute Module Hns2600bpb24 Firmware Version < 02.01.0015

Intel ≫ Compute Module Hns2600bpb24 Version-

Intel ≫ Compute Module Hns2600bpb Firmware Version < 02.01.0015

Intel ≫ Compute Module Hns2600bpb Version-

Intel ≫ Compute Module Hns2600bpblc24 Firmware Version < 02.01.0015

Intel ≫ Compute Module Hns2600bpblc24 Version-

Intel ≫ Compute Module Hns2600bpq Firmware Version < 02.01.0015

Intel ≫ Compute Module Hns2600bpq Version-

Intel ≫ Compute Module Hns2600bpq24 Firmware Version < 02.01.0015

Intel ≫ Compute Module Hns2600bpq24 Version-

Intel ≫ Compute Module Liquid-cooled Hns2600bpbrct Firmware Version < 02.01.0015

Intel ≫ Compute Module Liquid-cooled Hns2600bpbrct Version-

Intel ≫ Server System Vrn2224bpaf6 Firmware Version < 02.01.0015

Intel ≫ Server System Vrn2224bpaf6 Version-

Intel ≫ Server System Vrn2224bphy6 Firmware Version < 02.01.0015

Intel ≫ Server System Vrn2224bphy6 Version-

Intel ≫ Server System Mcb2208wfaf5 Firmware Version < 02.01.0015

Intel ≫ Server System Mcb2208wfaf5 Version-

Intel ≫ Server System Zsb2224bpaf2 Firmware Version < 02.01.0015

Intel ≫ Server System Zsb2224bpaf2 Version-

Intel ≫ Server System Zsb2224bphy1 Firmware Version < 02.01.0015

Intel ≫ Server System Zsb2224bphy1 Version-

Intel ≫ Server System Zsb2224bpaf1 Firmware Version < 02.01.0015

Intel ≫ Server System Zsb2224bpaf1 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.07%	0.174

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
secure@intel.com	8.2	1.5	6	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00719.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-33945

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-33945

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-33945

EUVD