CVE-2022-43505

moderate-risk

Published 2023-08-11

Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 4.1/10 Medium

LOCAL / HIGH complexity

Affected Products (20)

Pentium J6426 Firmware

Pentium J4205 Firmware

Pentium J3710 Firmware

Pentium J2900 Firmware

Pentium J2850 Firmware

Pentium N6415 Firmware

Pentium N4200E Firmware

Pentium N4200 Firmware

Pentium N3710 Firmware

Pentium N3700 Firmware

Pentium N3540 Firmware

Pentium N3530 Firmware

Pentium N3520 Firmware

Pentium N3510 Firmware

Celeron J6412 Firmware

Celeron J6413 Firmware

Celeron J4025 Firmware

Celeron J4125 Firmware

Celeron J3355E Firmware

Celeron J3455E Firmware

Affected Vendors

Intel

References (4)

Vendor Advisory http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.h...

https://security.netapp.com/advisory/ntap-20230824-0001/

Vendor Advisory http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.h...

https://security.netapp.com/advisory/ntap-20230824-0001/

/ 100

moderate-risk

Severity 11/34 · Low

Exploitability 0/34 · Minimal

Exposure 33/34 · Critical