A potential security vulnerability in some Intel® Product Collaboration and Systems Division (PCSD) system BIOS may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability.
CVEID: CVE-2022-34657
Description: Improper input validation in firmware for some Intel® PCSD BIOS before version 02.01.0013 may allow a privileged user to potentially enable information disclosure via local access.
CVSS Base Score: 6.0 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Intel® PCSD BIOS before version 02.01.0013 in the following products:
Intel recommends updating Intel® PCSD BIOS to version 02.01.0013 or later.
Updates are available for download at this location:
<https://www.intel.com/content/www/us/en/download/19078/>
This issue was found internally by an Intel employee. Intel would like to thank Jorge Gonzalez Diaz.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.