Lucene search
HistoryNov 14, 2023 - 7:15 p.m.
CVE-2022-24379
input validation
intel server
bios
privilege escalation
local access
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Improper input validation in some Intelยฎ Server System M70KLP Family BIOS firmware before version 01.04.0029 may allow a privileged user to potentially enable escalation of privilege via local access.
Affected configurations
Node
intelserver_board_m70klp2sb_firmwareRange<01.04.0022
intelserver_board_m70klp2sbMatch-
Node
intelserver_system_m70klp4s2uhh_firmwareRange<01.04.0022
intelserver_system_m70klp4s2uhhMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| intel | server_board_m70klp2sb_firmware | * | cpe:2.3:o:intel:server_board_m70klp2sb_firmware:*:*:*:*:*:*:*:* |
| intel | server_board_m70klp2sb | - | cpe:2.3:h:intel:server_board_m70klp2sb:-:*:*:*:*:*:*:* |
| intel | server_system_m70klp4s2uhh_firmware | * | cpe:2.3:o:intel:server_system_m70klp4s2uhh_firmware:*:*:*:*:*:*:*:* |
| intel | server_system_m70klp4s2uhh | - | cpe:2.3:h:intel:server_system_m70klp4s2uhh:-:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2022-24379
2023-11-14 19:05:10
prion
prion
Input validation
2023-11-14 19:15:00
vulnrichment
vulnrichment
CVE-2022-24379
2023-11-14 19:05:10
cve
cve
CVE-2022-24379
2023-11-14 19:15:10
intel
intel
Intelยฎ Server Board and Server System Firmware Advisory
2023-11-14 00:00:00
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2022-24379