Lucene search

F5F5:K000133630

HistoryApr 24, 2023 - 12:00 a.m.

K000133630 : Intel processor vulnerability CVE-2022-26343

2023-04-2400:00:00

my.f5.com

intel

vulnerability

bios firmware

privilege escalation

xeon d processor

hardware

microcode updates

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Security Advisory Description

Improper access control in the BIOS firmware for some Intel® Processors may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2022-26343)

Impact

This vulnerability may allow a privileged user to potentially enable escalation of privilege through local access. This hardware issue impacts all hardware products using the Intel Xeon D processor 1500 series.

All versions of BIG-IP Virtual Edition (VE) are potentially impacted if the processor underlying the BIG-IP VE installation is affected. Microcode updates from Intel are available to address this issue but must be applied at the hardware level, which is outside the scope of the ability of F5 to support or patch.

The following VELOS and BIG-IP hardware products contain the affected Intel processor:

VELOS Blade BX110
BIG-IP i2600, i2800
BIG-IP i4600, i4800
HERCULON i2600, i2800

CPENameOperatorVersion
f5 ssl orchestratoreq14.1.0
f5 ssl orchestratoreq14.1.2
f5 ssl orchestratoreq14.1.4
f5 ssl orchestratoreq15.1.0
f5 ssl orchestratoreq15.1.1
f5 ssl orchestratoreq16.1.0
f5 ssl orchestratoreq16.1.1
f5 ssl orchestratoreq16.1.3
f5 ssl orchestratoreq17.0.0
f5 ssl orchestratoreq17.1.0

Name	Operator	Version
f5 ssl orchestrator	eq	14.1.0
f5 ssl orchestrator	eq	14.1.2
f5 ssl orchestrator	eq	14.1.4
f5 ssl orchestrator	eq	15.1.0
f5 ssl orchestrator	eq	15.1.1
f5 ssl orchestrator	eq	16.1.0
f5 ssl orchestrator	eq	16.1.1
f5 ssl orchestrator	eq	16.1.3
f5 ssl orchestrator	eq	17.0.0
f5 ssl orchestrator	eq	17.1.0

Rows per page:

1-10 of 4371