Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2022-33945
PUBLISHED
More InfoOfficial Page
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
View Known Exploited Vulnerability (KEV) details
Published At-14 Nov, 2023 | 19:05
Updated At-14 Aug, 2024 | 20:01
Rejected At-
▼CVE Numbering Authority (CNA)

Improper input validation in some Intel(R) Server board and Intel(R) Server System BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Affected Products
Vendor
n/a
Product
Intel(R) Server board and Intel(R) Server System BIOS firmware
Default Status
unaffected
Versions
Affected
  • See references
Problem Types
TypeCWE IDDescription
N/AN/Aescalation of privilege
CWECWE-20Improper input validation
Type: N/A
CWE ID: N/A
Description: escalation of privilege
Type: CWE
CWE ID: CWE-20
Description: Improper input validation
Metrics
VersionBase scoreBase severityVector
3.18.2HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00719.html
N/A
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00719.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00719.html
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00719.html
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Vendor
Intel Corporationintel
Product
server_m20ntp_family
CPEs
  • cpe:2.3:o:intel:server_m20ntp_family:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 0022.D02 (custom)
Vendor
Intel Corporationintel
Product
server_system_m70klp_family
CPEs
  • cpe:2.3:o:intel:server_system_m70klp_family:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 01.04.0029 (custom)
Vendor
Intel Corporationintel
Product
server_board_m10jnp2sb_family
CPEs
  • cpe:2.3:o:intel:server_board_m10jnp2sb_family:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 7.219 (custom)
Vendor
Intel Corporationintel
Product
server_board_s2600bp_family
CPEs
  • cpe:2.3:o:intel:server_board_s2600bp_family:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 02.01.0015 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20 Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found