CVE-2022-26343

high-risk

Published 2023-02-16

Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Do I need to act?

0.08% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.2/10 High

LOCAL / LOW complexity

Affected Products (20)

Xeon Bronze 3104 Firmware

Xeon Bronze 3106 Firmware

Xeon Bronze 3204 Firmware

Xeon Bronze 3206R Firmware

Xeon D-1513N Firmware

Xeon D-1518 Firmware

Xeon D-1520 Firmware

Xeon D-1521 Firmware

Xeon D-1523N Firmware

Xeon D-1527 Firmware

Xeon D-1528 Firmware

Xeon D-1529 Firmware

Xeon D-1531 Firmware

Xeon D-1533N Firmware

Xeon D-1537 Firmware

Xeon D-1539 Firmware

Xeon D-1540 Firmware

Xeon D-1541 Firmware

Xeon D-1543N Firmware

Xeon D-1548 Firmware

Affected Vendors

Intel

References (2)

Vendor Advisory http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00717.h...

/ 100

high-risk

Severity 25/34 · High

Exploitability 0/34 · Minimal

Exposure 33/34 · Critical