CVE-2022-0004

high-risk

Published 2022-05-12

Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Do I need to act?

0.33% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.8/10 Medium

PHYSICAL / LOW complexity

Affected Products (20)

Core I9-10885H Firmware

Core I9-10850K Firmware

Core I9-10850H Firmware

Core I7-10875H Firmware

Core I7-10870H Firmware

Core I7-10850H Firmware

Core I7-10810U Firmware

Core I7-10750H Firmware

Core I7-10710U Firmware

Core I7-10700Te Firmware

Core I7-10700T Firmware

Core I7-10700Kf Firmware

Core I7-10700K Firmware

Core I7-10700F Firmware

Core I7-10510U Firmware

Core I7-10510Y Firmware

Core I7-10700 Firmware

Core I7-10700E Firmware

Core I5-10600K Firmware

Core I5-10610U Firmware

Affected Vendors

Intel

References (2)

Vendor Advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00613....

/ 100

high-risk

Severity 22/34 · High

Exploitability 1/34 · Minimal

Exposure 33/34 · Critical