CVE-2022-44611

high-risk

Published 2023-08-11

Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.

Do I need to act?

0.03% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.9/10 Medium

ADJACENT_NETWORK / HIGH complexity

Affected Products (20)

Celeron J6413 Firmware

Celeron N6211 Firmware

Pentium J6425 Firmware

Pentium N6415 Firmware

Atom X6211E Firmware

Atom X6413E Firmware

Atom X6425E Firmware

Atom X6212Re Firmware

Atom X6414Re Firmware

Atom X6425Re Firmware

Atom X6427Fe Firmware

Atom X6200Fe Firmware

Xeon W-1350 Firmware

Xeon W-1350P Firmware

Xeon W-1370 Firmware

Xeon W-1370P Firmware

Xeon W-1390 Firmware

Xeon W-1390P Firmware

Xeon W-1390T Firmware

Core I9-8950Hk Firmware

Affected Vendors

Intel

References (4)

Vendor Advisory http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.h...

https://security.netapp.com/advisory/ntap-20230824-0001/

Vendor Advisory http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.h...

https://security.netapp.com/advisory/ntap-20230824-0001/

/ 100

high-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 33/34 · Critical