CVE-2022-30539

moderate-risk
Published 2023-02-16

Use after free in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Do I need to act?

-
0.11% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
LOCAL / HIGH complexity

Affected Products (20)

Xeon Gold 5315Y Firmware
Xeon Gold 5317 Firmware
Xeon Gold 5318N Firmware
Xeon Gold 5318S Firmware
Xeon Gold 5318Y Firmware
Xeon Gold 5320 Firmware
Xeon Gold 5320T Firmware
Xeon Gold 6312U Firmware
Xeon Gold 6314U Firmware
Xeon Gold 6326 Firmware
Xeon Gold 6330 Firmware
Xeon Gold 6330N Firmware
Xeon Gold 6334 Firmware
Xeon Gold 6336Y Firmware
Xeon Gold 6338 Firmware
Xeon Gold 6338N Firmware
Xeon Gold 6338T Firmware
Xeon Gold 6342 Firmware
Xeon Gold 6346 Firmware
Xeon Gold 6348 Firmware

Affected Vendors

Intel

References (2)

Vendor Advisory http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00717.h...
Vendor Advisory http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00717.h...
46
/ 100
moderate-risk
Severity 20/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 26/34 · High