7.2

CVE-2022-38102

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IntelConverged Security Management Engine Firmware Version < 16.1.27
   IntelB660 Version-
   IntelH610 Version-
   IntelH610e Version-
   IntelH670 Version-
   IntelHm670 Version-
   IntelQ670 Version-
   IntelQ670e Version-
   IntelR680e Version-
   IntelW680 Version-
   IntelWm690 Version-
   IntelZ690 Version-
IntelConverged Security Management Engine Firmware Version < 15.0.45
   IntelAtom X6200fe Version-
   IntelAtom X6211e Version-
   IntelAtom X6212re Version-
   IntelAtom X6214re Version-
   IntelAtom X6413e Version-
   IntelAtom X6414re Version-
   IntelAtom X6416re Version-
   IntelAtom X6425e Version-
   IntelAtom X6425re Version-
   IntelAtom X6427fe Version-
   IntelB560 Version-
   IntelC252 Version-
   IntelC256 Version-
   IntelCeleron J1750 Version-
   IntelCeleron J1800 Version-
   IntelCeleron J1850 Version-
   IntelCeleron J1900 Version-
   IntelCeleron J3060 Version-
   IntelCeleron J3160 Version-
   IntelCeleron J3355 Version-
   IntelCeleron J3355e Version-
   IntelCeleron J3455 Version-
   IntelCeleron J3455e Version-
   IntelCeleron J4005 Version-
   IntelCeleron J4025 Version-
   IntelCeleron J4105 Version-
   IntelCeleron J4125 Version-
   IntelCeleron J6412 Version-
   IntelCeleron J6413 Version-
   IntelCeleron N2805 Version-
   IntelCeleron N2806 Version-
   IntelCeleron N2807 Version-
   IntelCeleron N2808 Version-
   IntelCeleron N2810 Version-
   IntelCeleron N2815 Version-
   IntelCeleron N2820 Version-
   IntelCeleron N2830 Version-
   IntelCeleron N2840 Version-
   IntelCeleron N2910 Version-
   IntelCeleron N2920 Version-
   IntelCeleron N2930 Version-
   IntelCeleron N2940 Version-
   IntelCeleron N3000 Version-
   IntelCeleron N3010 Version-
   IntelCeleron N3050 Version-
   IntelCeleron N3060 Version-
   IntelCeleron N3150 Version-
   IntelCeleron N3160 Version-
   IntelCeleron N3350 Version-
   IntelCeleron N3350e Version-
   IntelCeleron N3450 Version-
   IntelCeleron N4000 Version-
   IntelCeleron N4020 Version-
   IntelCeleron N4100 Version-
   IntelCeleron N4120 Version-
   IntelCeleron N4500 Version-
   IntelCeleron N4505 Version-
   IntelCeleron N5100 Version-
   IntelCeleron N5105 Version-
   IntelCeleron N6210 Version-
   IntelCeleron N6211 Version-
   IntelH510 Version-
   IntelH570 Version-
   IntelHm570 Version-
   IntelHm570e Version-
   IntelPentium J2850 Version-
   IntelPentium J2900 Version-
   IntelPentium J3710 Version-
   IntelPentium J4205 Version-
   IntelPentium J6426 Version-
   IntelPentium N3510 Version-
   IntelPentium N3520 Version-
   IntelPentium N3530 Version-
   IntelPentium N3540 Version-
   IntelPentium N3700 Version-
   IntelPentium N3710 Version-
   IntelPentium N4200 Version-
   IntelPentium N4200e Version-
   IntelPentium N6415 Version-
   IntelQ570 Version-
   IntelQm580 Version-
   IntelQm580e Version-
   IntelRm590e Version-
   IntelW580 Version-
   IntelWm590 Version-
   IntelZ590 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.01% 0.012
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.4 0.8 3.6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
secure@intel.com 7.2 0.8 5.8
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.