CVE-2022-38090
high-risk
Published 2023-02-16
Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access.
Do I need to act?
-
0.04% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.0/10
Medium
LOCAL
/ LOW complexity
Affected Products (20)
Xeon Gold 5315Y Firmware
Xeon Gold 5317 Firmware
Xeon Gold 5318N Firmware
Xeon Gold 5318S Firmware
Xeon Gold 5318Y Firmware
Xeon Gold 5320 Firmware
Xeon Gold 5320T Firmware
Xeon Gold 6312U Firmware
Xeon Gold 6314U Firmware
Xeon Gold 6326 Firmware
Xeon Gold 6330 Firmware
Xeon Gold 6330N Firmware
Xeon Gold 6334 Firmware
Xeon Gold 6336Y Firmware
Xeon Gold 6338 Firmware
Xeon Gold 6338N Firmware
Xeon Gold 6338T Firmware
Xeon Gold 6342 Firmware
Xeon Gold 6346 Firmware
Xeon Gold 6348 Firmware
Affected Vendors
References (2)
53
/ 100
high-risk
Severity
20/34 · Moderate
Exploitability
0/34 · Minimal
Exposure
33/34 · Critical