CVE-2022-36392
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD
Description
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access.
Affected (7)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 11.12.94 |
| Running on/with | Platform Versions |
|---|---|
Intel C232 | All versions |
Intel C236 | All versions |
Intel C420 | All versions |
Intel C422 | All versions |
Intel Cm236 | All versions |
Intel Cm238 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 11.8.94 |
| Running on/with | Platform Versions |
|---|---|
Intel B150 | All versions |
Intel B250 | All versions |
Intel H110 | All versions |
Intel H170 | All versions |
Intel H270 | All versions |
Intel Hm170 | All versions |
Intel Hm175 | All versions |
Intel Q150 | All versions |
Intel Q170 | All versions |
Intel Q250 | All versions |
Intel Q270 | All versions |
Intel Qm170 | All versions |
Intel Qm175 | All versions |
Intel X299 | All versions |
Intel Z170 | All versions |
Intel Z270 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 12.0.93 |
| Running on/with | Platform Versions |
|---|---|
Intel B360 | All versions |
Intel B365 | All versions |
Intel C242 | All versions |
Intel C246 | All versions |
Intel Celeron 4205u | All versions |
Intel Celeron 4305u | All versions |
Intel Celeron 4305ue | All versions |
Intel Cm246 | All versions |
Intel Core I3 8100 | All versions |
Intel Core I3 8100b | All versions |
Intel Core I3 8100h | All versions |
Intel Core I3 8100t | All versions |
Intel Core I3 8109u | All versions |
Intel Core I3 8130u | All versions |
Intel Core I3 8140u | All versions |
Intel Core I3 8145u | All versions |
Intel Core I3 8145ue | All versions |
Intel Core I3 8300 | All versions |
Intel Core I3 8300t | All versions |
Intel Core I3 8350k | All versions |
Intel Core I5 8200y | All versions |
Intel Core I5 8210y | All versions |
Intel Core I5 8250u | All versions |
Intel Core I5 8257u | All versions |
Intel Core I5 8259u | All versions |
Intel Core I5 8260u | All versions |
Intel Core I5 8265u | All versions |
Intel Core I5 8269u | All versions |
Intel Core I5 8279u | All versions |
Intel Core I5 8300h | All versions |
Intel Core I5 8305g | All versions |
Intel Core I5 8310y | All versions |
Intel Core I5 8350u | All versions |
Intel Core I5 8365u | All versions |
Intel Core I5 8365ue | All versions |
Intel Core I5 8400 | All versions |
Intel Core I5 8400b | All versions |
Intel Core I5 8400h | All versions |
Intel Core I5 8400t | All versions |
Intel Core I5 8500 | All versions |
Intel Core I5 8500b | All versions |
Intel Core I5 8500t | All versions |
Intel Core I5 8600 | All versions |
Intel Core I5 8600k | All versions |
Intel Core I5 8600t | All versions |
Intel Core I7+8700 | All versions |
Intel Core I7 8086k | All versions |
Intel Core I7 8500y | All versions |
Intel Core I7 8550u | All versions |
Intel Core I7 8557u | All versions |
Intel Core I7 8559u | All versions |
Intel Core I7 8565u | All versions |
Intel Core I7 8569u | All versions |
Intel Core I7 8650u | All versions |
Intel Core I7 8665u | All versions |
Intel Core I7 8665ue | All versions |
Intel Core I7 8700 | All versions |
Intel Core I7 8700b | All versions |
Intel Core I7 8700k | All versions |
Intel Core I7 8700t | All versions |
Intel Core I7 8705g | All versions |
Intel Core I7 8706g | All versions |
Intel Core I7 8709g | All versions |
Intel Core I7 8750h | All versions |
Intel Core I7 8809g | All versions |
Intel Core I7 8850h | All versions |
Intel Core I9 8950hk | All versions |
Intel Core M3 8100y | All versions |
Intel H310 | All versions |
Intel H370 | All versions |
Intel Hm370 | All versions |
Intel Pentium Gold 5405u | All versions |
Intel Q370 | All versions |
Intel Qm370 | All versions |
Intel Z370 | All versions |
Intel Z390 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 14.1.70 |
| Running on/with | Platform Versions |
|---|---|
Intel B460 | All versions |
Intel H410 | All versions |
Intel H420e | All versions |
Intel H470 | All versions |
Intel Hm470 | All versions |
Intel Q470 | All versions |
Intel Q470e | All versions |
Intel Qm480 | All versions |
Intel W480 | All versions |
Intel W480e | All versions |
Intel Wm490 | All versions |
Intel Z490 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 15.0.45 |
| Running on/with | Platform Versions |
|---|---|
Intel B560 | All versions |
Intel H510 | All versions |
Intel H570 | All versions |
Intel Hm570 | All versions |
Intel Hm570e | All versions |
Intel Q570 | All versions |
Intel Qm580 | All versions |
Intel Qm580e | All versions |
Intel Rm590e | All versions |
Intel W580 | All versions |
Intel Wm590 | All versions |
Intel Z590 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 16.1.27 |
| Running on/with | Platform Versions |
|---|---|
Intel B660 | All versions |
Intel H610 | All versions |
Intel H610e | All versions |
Intel H670 | All versions |
Intel Hm670 | All versions |
Intel Q670 | All versions |
Intel Q670e | All versions |
Intel R680e | All versions |
Intel W680 | All versions |
Intel Wm690 | All versions |
Intel Z690 | All versions |
Related CWEs
CWE-116
Improper Encoding or Escaping of Output
The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.
CWE-20
Improper Input Validation
The product receives input or data, but it does
not validate or incorrectly validates that the input has the
properties that are required to process the data safely and
correctly.
References (4)
Source: secure@intel.com
Vendor Advisory
Source: secure@intel.com
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.