Lucene search

IntelCVE-2022-34657

HistoryAug 11, 2023 - 3:15 a.m.

CVE-2022-34657

2023-08-1103:15:12

CWE-20

intel

web.nvd.nist.gov

cve-2022-34657

intel pcsd bios

input validation

privilege escalation

firmware vulnerability

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

AI Score

4.3

Confidence

High

EPSS

Percentile

9.0%

JSON

Improper input validation in firmware for some Intel® PCSD BIOS before version 02.01.0013 may allow a privileged user to potentially enable information disclosure via local access.

Affected configurations

Nvd

Vulners

Node

intelr1208wfqysrMatch-

intelr1208wftysMatch-

intelr1208wftysrMatch-

intelr1304wf0ysMatch-

intelr1304wf0ysrMatch-

intelr1304wftysMatch-

intelr1304wftysrMatch-

intelr2208wf0zsMatch-

intelr2208wf0zsrMatch-

intelr2208wfqzsMatch-

intelr2208wfqzsrMatch-

intelr2208wftzsMatch-

intelr2208wftzsrMatch-

intelr2224wfqzsMatch-

intelr2224wftzsMatch-

intelr2224wftzsrMatch-

intelr2308wftzsMatch-

intelr2308wftzsrMatch-

intelr2312wf0npMatch-

intelr2312wf0nprMatch-

intelr2312wfqzsMatch-

intelr2312wftzsMatch-

intelr2312wftzsrMatch-

intels2600wf0Match-

intels2600wf0rMatch-

intels2600wfqMatch-

intels2600wfqrMatch-

intels2600wftMatch-

intels2600wftfMatch-

intels2600wftrMatch-

AND

intelpcsd_biosRange<02.01.0013

VendorProductVersionCPE
intelr1208wfqysr-cpe:2.3:h:intel:r1208wfqysr:-:*:*:*:*:*:*:*
intelr1208wftys-cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*
intelr1208wftysr-cpe:2.3:h:intel:r1208wftysr:-:*:*:*:*:*:*:*
intelr1304wf0ys-cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*
intelr1304wf0ysr-cpe:2.3:h:intel:r1304wf0ysr:-:*:*:*:*:*:*:*
intelr1304wftys-cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*
intelr1304wftysr-cpe:2.3:h:intel:r1304wftysr:-:*:*:*:*:*:*:*
intelr2208wf0zs-cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*
intelr2208wf0zsr-cpe:2.3:h:intel:r2208wf0zsr:-:*:*:*:*:*:*:*
intelr2208wfqzs-cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
intel	r1208wfqysr	-	cpe:2.3:h:intel:r1208wfqysr:-:::::::*
intel	r1208wftys	-	cpe:2.3:h:intel:r1208wftys:-:::::::*
intel	r1208wftysr	-	cpe:2.3:h:intel:r1208wftysr:-:::::::*
intel	r1304wf0ys	-	cpe:2.3:h:intel:r1304wf0ys:-:::::::*
intel	r1304wf0ysr	-	cpe:2.3:h:intel:r1304wf0ysr:-:::::::*
intel	r1304wftys	-	cpe:2.3:h:intel:r1304wftys:-:::::::*
intel	r1304wftysr	-	cpe:2.3:h:intel:r1304wftysr:-:::::::*
intel	r2208wf0zs	-	cpe:2.3:h:intel:r2208wf0zs:-:::::::*
intel	r2208wf0zsr	-	cpe:2.3:h:intel:r2208wf0zsr:-:::::::*
intel	r2208wfqzs	-	cpe:2.3:h:intel:r2208wfqzs:-:::::::*

Rows per page:

1-10 of 311

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) PCSD BIOS",
    "versions": [
      {
        "version": "before version 02.01.0013",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00742.html

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

AI Score

4.3

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for CVE-2022-34657