Vulnerability Description
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Converged Security Management Engine Firmware | < 11.12.94 |
| Intel | C232 | - |
| Intel | C236 | - |
| Intel | C420 | - |
| Intel | C422 | - |
| Intel | Cm236 | - |
| Intel | Cm238 | - |
| Intel | X299 | - |
| Intel | B150 | - |
| Intel | B250 | - |
| Intel | Core I3-8100 | - |
| Intel | Core I3-8100B | - |
| Intel | Core I3-8100H | - |
| Intel | Core I3-8100T | - |
| Intel | Core I3-8109U | - |
| Intel | Core I3-8130U | - |
| Intel | Core I3-8140U | - |
| Intel | Core I3-8145U | - |
| Intel | Core I3-8145Ue | - |
| Intel | Core I3-8300 | - |
Related Weaknesses (CWE)
References
- http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.hVendor Advisory
- https://security.netapp.com/advisory/ntap-20230824-0002/
- http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.hVendor Advisory
- https://security.netapp.com/advisory/ntap-20230824-0002/
FAQ
What is CVE-2022-36392?
CVE-2022-36392 is a vulnerability with a CVSS score of 8.6 (HIGH). Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME ma...
How severe is CVE-2022-36392?
CVE-2022-36392 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-36392?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Converged Security Management Engine Firmware, Intel C232, Intel C236, Intel C420, Intel C422.