CVE-2022-38102

Published: Aug 11, 2023Modified: Nov 21, 2024

4.4

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Exploitability: 0.8 / Impact: 3.6

Source: NVD

Description

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.

Affected (2)

Products: Intel: Converged Security Management Engine Firmware

Intel

1 product

Converged Security Management Engine Firmware

Configuration A

1 vulnerable · 11 platform

Vulnerable Software	Affected Versions
Intel Converged Security Management Engine Firmware	Before 16.1.27

Running on/with	Platform Versions
Intel B660	All versions
Intel H610	All versions
Intel H610e	All versions
Intel H670	All versions
Intel Hm670	All versions
Intel Q670	All versions
Intel Q670e	All versions
Intel R680e	All versions
Intel W680	All versions
Intel Wm690	All versions
Intel Z690	All versions

Configuration B

1 vulnerable · 86 platform

Vulnerable Software	Affected Versions
Intel Converged Security Management Engine Firmware	Before 15.0.45

Running on/with	Platform Versions
Intel Atom X6200fe	All versions
Intel Atom X6211e	All versions
Intel Atom X6212re	All versions
Intel Atom X6214re	All versions
Intel Atom X6413e	All versions
Intel Atom X6414re	All versions
Intel Atom X6416re	All versions
Intel Atom X6425e	All versions
Intel Atom X6425re	All versions
Intel Atom X6427fe	All versions
Intel B560	All versions
Intel C252	All versions
Intel C256	All versions
Intel Celeron J1750	All versions
Intel Celeron J1800	All versions
Intel Celeron J1850	All versions
Intel Celeron J1900	All versions
Intel Celeron J3060	All versions
Intel Celeron J3160	All versions
Intel Celeron J3355	All versions
Intel Celeron J3355e	All versions
Intel Celeron J3455	All versions
Intel Celeron J3455e	All versions
Intel Celeron J4005	All versions
Intel Celeron J4025	All versions
Intel Celeron J4105	All versions
Intel Celeron J4125	All versions
Intel Celeron J6412	All versions
Intel Celeron J6413	All versions
Intel Celeron N2805	All versions
Intel Celeron N2806	All versions
Intel Celeron N2807	All versions
Intel Celeron N2808	All versions
Intel Celeron N2810	All versions
Intel Celeron N2815	All versions
Intel Celeron N2820	All versions
Intel Celeron N2830	All versions
Intel Celeron N2840	All versions
Intel Celeron N2910	All versions
Intel Celeron N2920	All versions
Intel Celeron N2930	All versions
Intel Celeron N2940	All versions
Intel Celeron N3000	All versions
Intel Celeron N3010	All versions
Intel Celeron N3050	All versions
Intel Celeron N3060	All versions
Intel Celeron N3150	All versions
Intel Celeron N3160	All versions
Intel Celeron N3350	All versions
Intel Celeron N3350e	All versions
Intel Celeron N3450	All versions
Intel Celeron N4000	All versions
Intel Celeron N4020	All versions
Intel Celeron N4100	All versions
Intel Celeron N4120	All versions
Intel Celeron N4500	All versions
Intel Celeron N4505	All versions
Intel Celeron N5100	All versions
Intel Celeron N5105	All versions
Intel Celeron N6210	All versions
Intel Celeron N6211	All versions
Intel H510	All versions
Intel H570	All versions
Intel Hm570	All versions
Intel Hm570e	All versions
Intel Pentium J2850	All versions
Intel Pentium J2900	All versions
Intel Pentium J3710	All versions
Intel Pentium J4205	All versions
Intel Pentium J6426	All versions
Intel Pentium N3510	All versions
Intel Pentium N3520	All versions
Intel Pentium N3530	All versions
Intel Pentium N3540	All versions
Intel Pentium N3700	All versions
Intel Pentium N3710	All versions
Intel Pentium N4200	All versions
Intel Pentium N4200e	All versions
Intel Pentium N6415	All versions
Intel Q570	All versions
Intel Qm580	All versions
Intel Qm580e	All versions
Intel Rm590e	All versions
Intel W580	All versions
Intel Wm590	All versions
Intel Z590	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html

Source: secure@intel.com

Vendor Advisory

https://security.netapp.com/advisory/ntap-20230824-0002/

Source: secure@intel.com

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://security.netapp.com/advisory/ntap-20230824-0002/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.