CVE-2022-26873 : A potential attacker can execute an arbitrary code at the time of the PEI phase

A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines (VMs) and bypassing memory isolation and confidential computing boundaries. Additionally, an attacker can build a payload which can be injected into the SMRAM memory. This issue affects: Module name: PlatformInitAdvancedPreMem SHA256: 644044fdb8daea30a7820e0f5f88dbf5cd460af72fbf70418e9d2e47efed8d9b Module GUID: EEEE611D-F78F-4FB9-B868-55907F169280 This issue affects: AMI Aptio 5.x.

Published 2022-09-20 18:15:10

Updated 2022-09-26 13:49:58

Source CERT/CC

View at NVD, CVE.org

Vulnerability category: Memory Corruption

Products affected by CVE-2022-26873

Intel » Nuc M15 Laptop Kit Lapbc510 Firmware » Version: N/A
cpe:2.3:o:intel:nuc_m15_laptop_kit_lapbc510_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Nuc M15 Laptop Kit Lapbc510 » Version: N/A
Intel » Nuc M15 Laptop Kit Lapbc710 Firmware » Version: N/A
cpe:2.3:o:intel:nuc_m15_laptop_kit_lapbc710_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Nuc M15 Laptop Kit Lapbc710 » Version: N/A
AMI » Aptio V » Version: 5.0
cpe:2.3:o:ami:aptio_v:5.0:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2022-26873

EPSS FAQ

0.02%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 4 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-26873

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
8.2	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H	1.5	6.0	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2022-26873

CWE-121 Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Assigned by: cret@cert.org (Secondary)
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2022-26873

https://www.binarly.io/advisories/BRLY-2022-027

[BRLY-2022-027] The stack buffer overflow vulnerability leads to arbitrary code execution during PEI phase on Intel platform.
Exploit;Third Party Advisory
https://www.ami.com/security-center/

AMI Firmware Security Team
Vendor Advisory

CVEs referencing this url
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00712.html

INTEL-SA-00712
Not Applicable;Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2022-26873

Products affected by CVE-2022-26873

Exploit prediction scoring system (EPSS) score for CVE-2022-26873

CVSS scores for CVE-2022-26873

CWE ids for CVE-2022-26873

References for CVE-2022-26873