CVE-2022-34301 — Vulnetix

CVE-2022-34301 PUBLISHED

Es bestehen mehrere Schwachstellen in der Intel Firmware. Diese Fehler betreffen die UEFI-Firmware bestimmter Intel Server-Produkte aufgrund von unsachgemäßer Eingabevalidierung, Use-after-free-Fehlern und unzureichender Zugriffskontrolle. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um sich erweiterte Rechte zu verschaffen und vertrauliche Informationen preiszugeben. Um einige dieser Schwachstellen auszunutzen, muss ein Angreifer zusätzliche Maßnahmen ergreifen, oder er muss über erweiterte Rechte verfügen.

EPSS 0.12% · 31.2th percentile

Risk Scores

EPSS Score

0.12%

31.2th percentile

Affected Products

Vendor	Product	Versions
Oracle	Oracle Linux
Dell	Dell BIOS Precision
HPE	HPE Synergy
Red Hat	Red Hat OpenShift Container Platform <4.14.0
Gentoo	Gentoo Linux
Debian	Debian Linux
SUSE	SUSE Linux
HP	HP Computer SimpliVity Server
HP	HP Computer
RESF	RESF Rocky Linux
Red Hat	Red Hat Enterprise Linux
Red Hat	Red Hat Enterprise Linux 9
Intel	Intel Firmware Server Board M20NTP Family
Dell	Dell PowerScale OneFS
Ubuntu	Ubuntu Linux
Red Hat	Red Hat OpenShift Data Foundation 4
HPE	HPE ProLiant
Intel	Intel Firmware Server Board M10JNP2SB Family
Fedora	Fedora Linux
Intel	Intel Firmware Server Board M70KLP Family <v01.04.0030

…and 5 more

Exploit Intelligence

cvrf.go (github-poc)
cvrf.go (github-poc)
cvrf.go (github-poc)
cvrf.go (github-poc)
cvrf.go (github-poc)

Timeline

Aug 26, 2022 CVE Published
Aug 27, 2022 EPSS Score
Sep 2, 2022 EPSS Score
Oct 12, 2022 EPSS Score
Nov 26, 2022 EPSS Score
Jan 11, 2023 EPSS Score
Feb 25, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 12, 2023 EPSS Score
Jul 12, 2023 EPSS Score
Aug 27, 2023 EPSS Score
Oct 11, 2023 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1185.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1185 advisory
https://access.redhat.com/errata/RHSA-2023:2161 advisory
https://access.redhat.com/errata/RHSA-2023:2177 advisory
https://access.redhat.com/errata/RHSA-2023:2179 advisory
https://access.redhat.com/errata/RHSA-2023:2202 advisory
https://access.redhat.com/errata/RHSA-2023:2216 advisory
https://access.redhat.com/errata/RHSA-2023:2234 advisory
https://access.redhat.com/errata/RHSA-2023:2256 advisory
https://access.redhat.com/errata/RHSA-2023:2258 advisory
https://access.redhat.com/errata/RHSA-2023:2326 advisory
https://access.redhat.com/errata/RHSA-2023:2370 advisory
https://access.redhat.com/errata/RHSA-2023:2459 advisory
https://access.redhat.com/errata/RHSA-2023:2487 advisory
https://access.redhat.com/errata/RHSA-2023:2582 advisory
https://access.redhat.com/errata/RHSA-2023:2589 advisory
https://access.redhat.com/errata/RHSA-2023:2653 advisory
https://access.redhat.com/errata/RHSA-2023:2633 advisory
https://access.redhat.com/errata/RHSA-2023:2893 advisory
https://access.redhat.com/errata/RHSA-2023:3067 advisory

…and 62 more

Open in Interactive Console →