Potential security vulnerabilities in the BIOS firmware and Intel® Trusted Execution Technology (TXT) Secure Initialization (SINIT) Authenticated Code Modules (ACM) for some Intel® Processors may allow escalation of privilege. Intel is releasing BIOS updates to mitigate these potential vulnerabilities.
CVEID: CVE-2022-26343
Description: Improper access control in the BIOS firmware for some Intel® Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 8.2 High
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H__
CVEID: CVE-2022-30539
Description: Use after free in the BIOS firmware for some Intel® Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 7.5 High
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVEID: CVE-2022-32231
Description: Improper initialization in the BIOS firmware for some Intel® Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 7.5 High
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVEID: CVE-2022-26837
Description: Improper input validation in the BIOS firmware for some Intel® Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 7.5 High
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H__
CVEID: CVE-2022-30704
Description: Improper initialization in the Intel® TXT SINIT ACM for some Intel® Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 7.2 High
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N__
CVEID: CVE-2021-0187
Description: Improper access control in the BIOS firmware for some Intel® Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
CVSS Base Score: 3.2 Low
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N
Product Collection
|
Vertical Segment
|
CPU ID
|
Platform ID
—|—|—|—
2nd Generation Intel® Xeon® Scalable Processors
|
Server,
Workstation
|
50656
50657
|
BF
Intel® Xeon® D processor family
|
Server
|
50654
|
B7
Intel® Xeon® Platinum P-8124, P-8136 processors
|
Server
|
50653
|
97
Intel® Xeon® Scalable processor family
|
Server
|
50654
|
B7
Intel® Xeon® D processor 1500 series
|
Server
|
50665
|
10
Intel® Xeon® D processor 1500 series
|
Server
|
50663
50664
|
10
10
Product Collection
|
Vertical Segment
|
CPU ID
|
Platform ID
—|—|—|—
3rd Generation Intel® Xeon ®Scalable Processor Family
|
Server
|
5065B
|
BF
Product Collection
|
Vertical Segment
|
CPU ID
|
Platform ID
—|—|—|—
3rd Gen Intel® Xeon® Scalable processor
|
Server
|
606A6
|
87
3rd Gen Intel® Xeon® Scalable processor
|
Server
|
5065B
|
TBD
Intel® Xeon® E processor family
|
Workstation
|
906EA
906ED
|
22
Intel® Xeon® E processor family
|
Server,
Workstation
|
906E9
|
2A
11th Gen Intel® Core™ processor
Intel® Xeon® W processor
|
Server, Workstation
|
A0671
|
02
Product Collection
|
Vertical Segment
|
CPU ID
|
Platform ID
—|—|—|—
3rd Gen Intel® Xeon® Scalable processor
|
Server
|
606A6
|
87
Product Collection
|
Vertical Segment
|
CPU ID
|
Platform ID
—|—|—|—
Intel® Xeon® Scalable Processor Family
|
Server
|
50654
|
B7
3rd Generation Intel® Xeon ®Scalable Processor Family
|
Server
|
5065B
|
BF
2nd Generation Intel® Xeon® Scalable Processors
|
Server
|
50657
|
BF
3rd Gen Intel® Xeon® Scalable processor
|
Server
|
606A6
|
87
Intel® Xeon® Scalable processor family
|
Server
|
50653
50654
|
97
B7
Product Collection
|
Vertical Segment
|
CPU ID
|
Platform ID
—|—|—|—
11th Generation Intel® Core Processor Family
|
Mobile
|
806D1
806C1
806C2
|
C2
80
12th Generation Intel® Core™ Processor Family
Intel® Pentium® Gold Processor Family
Intel® Celeron® Processor Family
|
Desktop
Mobile
|
90672
90675
906A3
906A4
|
01
11th Generation Intel® Core™ Processor Family
10th Generation Intel® Core™ Processor Family
Intel® Xeon® E-2300 processor family
Intel® Xeon® W processor family
|
Desktop
Server
Workstation
|
A0671
A0653
|
01
Intel recommends that users of listed Intel® Processors update to the latest versions provided by the system manufacturer that addresses these issues.
Intel would like to thank Dmitry Frolov (CVE-2022-26837), Yngweijw (Jiawei Yin) (CVE-2022-30539) for reporting these issues.
The following issues were found internally by Intel employees; CVE-2022-26343, CVE-2022-32231, CVE-2021-0187 and CVE-2022-30704.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.