A potential security vulnerability in some Intel® Atom® and Intel® Xeon® Scalable Processors may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability.
CVEID: CVE-2022-21216
Description: Insufficient granularity of access control in out-of-band management in some Intel® Atom® and Intel® Xeon® Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access.
CVSS Base Score: 7.5 High
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L
Product Collection
|
Vertical Segment
|
CPU ID
—|—|—
3rd Generation Intel® Xeon® Scalable Processors
|
Server
|
606A6
Intel Atom® P59xx Processors
|
Edge & Network
|
80664, 80665
Intel Atom® P53xx Processors
|
Edge & Network
|
80664, 80665
Intel Atom® C53xx Processors
|
Edge & Network
|
80667
Intel recommends that users of Intel® 3rd Generation Intel® Xeon® Scalable Processors and Intel® Atom update to the latest version provided by the system manufacturer that addresses these issues.
The following issue was found internally by Intel. Intel would like to thank Erik C. Bjorge, DCG Red Team.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.