Vulnerability Details : CVE-2022-29262
Improper buffer restrictions in some Intel(R) Server Board BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
Products affected by CVE-2022-29262
- cpe:2.3:o:intel:server_board_m10jnp2sb_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:server_board_m70klp2sb_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:server_system_m70klp4s2uhh_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:server_board_m20ntp2sb_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:server_system_m20ntp1ur304_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:server_board_s2600bpbr_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:server_board_s2600bps_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:server_board_s2600bpsr_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:server_board_s2600bpqr_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:server_board_s2600bpb_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:server_board_s2600bpq_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:compute_module_hns2600bpblcr_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:compute_module_hns2600bpblc_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:compute_module_hns2600bpblc24r_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:compute_module_hns2600bps_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:compute_module_hns2600bps24_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:compute_module_hns2600bpbr_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:compute_module_hns2600bpqr_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:compute_module_hns2600bpsr_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:compute_module_hns2600bps24r_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:compute_module_hns2600bpq24r_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:compute_module_hns2600bpb24_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:compute_module_hns2600bpb_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:compute_module_hns2600bpblc24_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:compute_module_hns2600bpq_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:compute_module_hns2600bpq24_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:compute_module_liquid-cooled_hns2600bpbrct_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:server_system_vrn2224bpaf6_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:server_system_vrn2224bphy6_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:server_system_mcb2208wfaf5_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:server_system_zsb2224bpaf2_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:server_system_zsb2224bphy1_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:intel:server_system_zsb2224bpaf1_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-29262
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 7 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-29262
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.7
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
0.8
|
5.9
|
NIST | |
7.9
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H |
1.5
|
5.8
|
Intel Corporation |
CWE ids for CVE-2022-29262
-
Assigned by: secure@intel.com (Secondary)
References for CVE-2022-29262
-
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00719.html
INTEL-SA-00719Patch;Vendor Advisory
Jump to