Vulnerability Description
Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Converged Security Management Engine Firmware | < 16.1.27 |
| Intel | B660 | - |
| Intel | H610 | - |
| Intel | H610E | - |
| Intel | H670 | - |
| Intel | Hm670 | - |
| Intel | Q670 | - |
| Intel | Q670E | - |
| Intel | R680E | - |
| Intel | W680 | - |
| Intel | Wm690 | - |
| Intel | Z690 | - |
| Intel | Atom X6200Fe | - |
| Intel | Atom X6211E | - |
| Intel | Atom X6212Re | - |
| Intel | Atom X6214Re | - |
| Intel | Atom X6413E | - |
| Intel | Atom X6414Re | - |
| Intel | Atom X6416Re | - |
| Intel | Atom X6425E | - |
Related Weaknesses (CWE)
References
- http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.hVendor Advisory
- https://security.netapp.com/advisory/ntap-20230824-0002/
- http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.hVendor Advisory
- https://security.netapp.com/advisory/ntap-20230824-0002/
FAQ
What is CVE-2022-38102?
CVE-2022-38102 is a vulnerability with a CVSS score of 7.2 (HIGH). Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of servic...
How severe is CVE-2022-38102?
CVE-2022-38102 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-38102?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Converged Security Management Engine Firmware, Intel B660, Intel H610, Intel H610E, Intel H670.