CVE-2022-0004 — Intel Atom X5-e3930 Firmware vulnerability

3 documents3 sources

Severity

6.8MEDIUMNVD

EPSS

0.3%

top 44.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

356

Intel Atom X5-e3930 Firmware Intel Atom X5-e3940 Firmware Intel Atom X6200fe Firmware +353 more

Timeline

PublishedMay 12

Latest updateMay 13

Description

Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages356 packages

▶NVDintel/c232_firmware< 11.8.92

▶NVDintel/c236_firmware< 11.8.92

▶NVDintel/c242_firmware< 12.0.90

▶NVDintel/c246_firmware< 12.0.90

▶NVDintel/c420_firmware< 11.12.92

🔴Vulnerability Details

GHSA

GHSA-qcfq-hp3w-9892: Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may↗2022-05-13

▶

📋Vendor Advisories

VMware

VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050)↗2022-02-15

▶