CVE-2022-34657

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-34657
Improper input validation in firmware for some Intel(R) PCSD BIOS before version 02.01.0013 may allow a privileged user to potentially enable information disclosure via local access.

6.0 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.5 / Impact : 4.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References
Link Resource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00742.html Vendor Advisory
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00742.html Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:intel:pcsd_bios:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:r1208wfqysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1208wftys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1208wftysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1304wf0ys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1304wf0ysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1304wftys:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r1304wftysr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wf0zs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wf0zsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wfqzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wfqzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wftzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2208wftzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2224wfqzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2224wftzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2224wftzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2308wftzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2308wftzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2312wf0np:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2312wf0npr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2312wfqzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2312wftzs:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:r2312wftzsr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wf0:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wf0r:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wfq:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wfqr:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wft:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wftf:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:s2600wftr:-:*:*:*:*:*:*:*
History

21 Nov 2024, 07:09

Type Values Removed Values Added
Summary
  • (es) Una validación de entrada incorrecta en el firmware de algunas BIOS Intel(R) PCSD anteriores a la versión 02.01.0013 puede permitir a un usuario con privilegios la divulgación potencial de información mediante acceso local.
CVSS v2 : unknown
v3 : 4.4 		v2 : unknown
v3 : 6.0
References () http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00742.html - Vendor Advisory () http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00742.html - Vendor Advisory
Information

Published : 2023-08-11 03:15

Updated : 2024-11-21 07:09

NVD link : CVE-2022-34657

Mitre link : CVE-2022-34657

CVE.ORG link : CVE-2022-34657

JSON object : View

Products Affected

intel

  • r2312wftzsr
  • r2312wf0npr
  • r1304wftys
  • r2224wftzsr
  • s2600wfqr
  • r2224wfqzs
  • r2208wftzs
  • pcsd_bios
  • r2208wf0zsr
  • r1208wfqysr
  • s2600wftf
  • r2224wftzs
  • s2600wf0
  • r1304wf0ys
  • r2312wfqzs
  • r1208wftys
  • r2208wfqzs
  • r2312wf0np
  • r2208wftzsr
  • r2308wftzsr
  • s2600wftr
  • s2600wfq
  • r2308wftzs
  • r1208wftysr
  • r2208wfqzsr
  • r1304wf0ysr
  • r1304wftysr
  • s2600wf0r
  • s2600wft
  • r2312wftzs
  • r2208wf0zs
CWE
CWE-20

Improper Input Validation