CVE-2022-24379

Improper input validation in some Intel(R) Server System M70KLP Family BIOS firmware before version 01.04.0029 may allow a privileged user to potentially enable escalation of privilege via local access.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:intel:server_board_m70klp2sb_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_board_m70klp2sb:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:intel:server_system_m70klp4s2uhh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:server_system_m70klp4s2uhh:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:50

Type Values Removed Values Added
References () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00719.html - Patch, Vendor Advisory () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00719.html - Patch, Vendor Advisory
CVSS v2 : unknown
v3 : 6.7
v2 : unknown
v3 : 7.5

20 Nov 2023, 20:53

Type Values Removed Values Added
New CVE

Information

Published : 2023-11-14 19:15

Updated : 2024-11-21 06:50


NVD link : CVE-2022-24379

Mitre link : CVE-2022-24379

CVE.ORG link : CVE-2022-24379


JSON object : View

Products Affected

intel

  • server_board_m70klp2sb_firmware
  • server_board_m70klp2sb
  • server_system_m70klp4s2uhh_firmware
  • server_system_m70klp4s2uhh
CWE
CWE-20

Improper Input Validation

NVD-CWE-noinfo