CVE-2022-37343

high-risk
Published 2023-08-11

Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Do I need to act?

-
0.04% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.2/10 High
LOCAL / HIGH complexity

Affected Products (20)

Atom C3338R Firmware
Atom C3436L Firmware
Atom C3558R Firmware
Atom C3758R Firmware
Atom C3336 Firmware
Atom C3308 Firmware
Atom C3508 Firmware
Atom C3538 Firmware
Atom C3558 Firmware
Atom C3708 Firmware
Atom C3750 Firmware
Atom C3758 Firmware
Atom C3808 Firmware
Atom C3830 Firmware
Atom C3850 Firmware
Atom C3858 Firmware
Atom C3950 Firmware
Atom C3955 Firmware
Atom C3958 Firmware
Atom C3338 Firmware

Affected Vendors

Intel

References (4)

Vendor Advisory http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.h...
https://security.netapp.com/advisory/ntap-20230824-0001/
Vendor Advisory http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.h...
https://security.netapp.com/advisory/ntap-20230824-0001/
50
/ 100
high-risk
Severity 19/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 31/34 · Critical