6

CVE-2022-34657

Improper input validation in firmware for some Intel(R) PCSD BIOS before version 02.01.0013 may allow a privileged user to potentially enable information disclosure via local access.

Data is provided by the National Vulnerability Database (NVD)
IntelPcsd Bios Version < 02.01.0013
   IntelR1208wfqysr Version-
   IntelR1208wftys Version-
   IntelR1208wftysr Version-
   IntelR1304wf0ys Version-
   IntelR1304wf0ysr Version-
   IntelR1304wftys Version-
   IntelR1304wftysr Version-
   IntelR2208wf0zs Version-
   IntelR2208wf0zsr Version-
   IntelR2208wfqzs Version-
   IntelR2208wfqzsr Version-
   IntelR2208wftzs Version-
   IntelR2208wftzsr Version-
   IntelR2224wfqzs Version-
   IntelR2224wftzs Version-
   IntelR2224wftzsr Version-
   IntelR2308wftzs Version-
   IntelR2308wftzsr Version-
   IntelR2312wf0np Version-
   IntelR2312wf0npr Version-
   IntelR2312wfqzs Version-
   IntelR2312wftzs Version-
   IntelR2312wftzsr Version-
   IntelS2600wf0 Version-
   IntelS2600wf0r Version-
   IntelS2600wfq Version-
   IntelS2600wfqr Version-
   IntelS2600wft Version-
   IntelS2600wftf Version-
   IntelS2600wftr Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.03% 0.051
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.4 0.8 3.6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
secure@intel.com 6 1.5 4
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.