CVE-2022-34657

Improper input validation in firmware for some Intel(R) PCSD BIOS before version 02.01.0013 may allow a privileged user to potentially enable information disclosure via local access.

CVSS v3 4.4 MEDIUM

4.4^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00742.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:h:intel:r1208wfqysr:-:::::::*
	cpe:2.3:h:intel:r1208wftys:-:::::::*
	cpe:2.3:h:intel:r1208wftysr:-:::::::*
	cpe:2.3:h:intel:r1304wf0ys:-:::::::*
	cpe:2.3:h:intel:r1304wf0ysr:-:::::::*
	cpe:2.3:h:intel:r1304wftys:-:::::::*
	cpe:2.3:h:intel:r1304wftysr:-:::::::*
	cpe:2.3:h:intel:r2208wf0zs:-:::::::*
	cpe:2.3:h:intel:r2208wf0zsr:-:::::::*
	cpe:2.3:h:intel:r2208wfqzs:-:::::::*
	cpe:2.3:h:intel:r2208wfqzsr:-:::::::*
	cpe:2.3:h:intel:r2208wftzs:-:::::::*
	cpe:2.3:h:intel:r2208wftzsr:-:::::::*
	cpe:2.3:h:intel:r2224wfqzs:-:::::::*
	cpe:2.3:h:intel:r2224wftzs:-:::::::*
	cpe:2.3:h:intel:r2224wftzsr:-:::::::*
	cpe:2.3:h:intel:r2308wftzs:-:::::::*
	cpe:2.3:h:intel:r2308wftzsr:-:::::::*
	cpe:2.3:h:intel:r2312wf0np:-:::::::*
	cpe:2.3:h:intel:r2312wf0npr:-:::::::*
	cpe:2.3:h:intel:r2312wfqzs:-:::::::*
	cpe:2.3:h:intel:r2312wftzs:-:::::::*
	cpe:2.3:h:intel:r2312wftzsr:-:::::::*
	cpe:2.3:h:intel:s2600wf0:-:::::::*
	cpe:2.3:h:intel:s2600wf0r:-:::::::*
	cpe:2.3:h:intel:s2600wfq:-:::::::*
	cpe:2.3:h:intel:s2600wfqr:-:::::::*
	cpe:2.3:h:intel:s2600wft:-:::::::*
	cpe:2.3:h:intel:s2600wftf:-:::::::*
	cpe:2.3:h:intel:s2600wftr:-:::::::*

cpe:2.3:o:intel:pcsd_bios:*:*:*:*:*:*:*:*

History

17 Aug 2023, 14:41

Type	Values Removed	Values Added
CWE		CWE-20
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 4.4
References	~~(MISC) http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00742.html -~~	(MISC) http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00742.html - Vendor Advisory
CPE		cpe:2.3:h:intel:r1304wftys:-:::::::* cpe:2.3:h:intel:r2208wfqzs:-:::::::* cpe:2.3:h:intel:r2208wftzs:-:::::::* cpe:2.3:h:intel:r2312wftzsr:-:::::::* cpe:2.3:o:intel:pcsd_bios:::::::: cpe:2.3:h:intel:r2224wfqzs:-:::::::* cpe:2.3:h:intel:r2312wftzs:-:::::::* cpe:2.3:h:intel:r2208wf0zs:-:::::::* cpe:2.3:h:intel:r1304wf0ys:-:::::::* cpe:2.3:h:intel:r2208wf0zsr:-:::::::* cpe:2.3:h:intel:s2600wft:-:::::::* cpe:2.3:h:intel:r1304wftysr:-:::::::* cpe:2.3:h:intel:r2308wftzs:-:::::::* cpe:2.3:h:intel:r2312wfqzs:-:::::::* cpe:2.3:h:intel:s2600wftr:-:::::::* cpe:2.3:h:intel:s2600wftf:-:::::::* cpe:2.3:h:intel:r2308wftzsr:-:::::::* cpe:2.3:h:intel:r1304wf0ysr:-:::::::* cpe:2.3:h:intel:s2600wf0:-:::::::* cpe:2.3:h:intel:s2600wf0r:-:::::::* cpe:2.3:h:intel:r2224wftzs:-:::::::* cpe:2.3:h:intel:s2600wfqr:-:::::::* cpe:2.3:h:intel:r1208wfqysr:-:::::::* cpe:2.3:h:intel:r1208wftysr:-:::::::* cpe:2.3:h:intel:r1208wftys:-:::::::* cpe:2.3:h:intel:r2312wf0npr:-:::::::* cpe:2.3:h:intel:s2600wfq:-:::::::* cpe:2.3:h:intel:r2208wftzsr:-:::::::* cpe:2.3:h:intel:r2208wfqzsr:-:::::::* cpe:2.3:h:intel:r2224wftzsr:-:::::::* cpe:2.3:h:intel:r2312wf0np:-:::::::*

11 Aug 2023, 03:44

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-08-11 03:15

Updated : 2024-02-05 00:01

NVD link : CVE-2022-34657

Mitre link : CVE-2022-34657

CVE.ORG link : CVE-2022-34657

JSON object : View

Products Affected

intel

r1208wftys
r1304wf0ysr
r2208wf0zs
r2208wf0zsr
r1304wf0ys
pcsd_bios
r1208wfqysr
r2312wfqzs
r2312wftzs
s2600wft
s2600wf0r
r2312wf0np
r1208wftysr
r2208wfqzs
r2312wftzsr
r1304wftysr
s2600wftf
r2308wftzs
r2224wftzsr
s2600wf0
s2600wftr
r2224wftzs
r2312wf0npr
r2224wfqzs
r2308wftzsr
r2208wftzsr
s2600wfqr
r1304wftys
s2600wfq
r2208wftzs
r2208wfqzsr

CWE

CWE-20

Improper Input Validation

4.4 /10