CVE-2022-36794

CWE-754CWE-1914 documents4 sources
Severity
4.4MEDIUM
EPSS
0.1%
top 81.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Server Platform Services
Timeline
PublishedFeb 16

Description

Improper condition check in some Intel(R) SPS firmware before version SPS_E3_06.00.03.300.0 may allow a privileged user to potentially enable denial of service via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:HExploitability: 1.5 | Impact: 4.0

Affected Packages2 packages

NVDintel/server_platform_services< sps_e3_06.00.03.300.0
CVEListV5intel(r)_sps_firmwarebefore version SPS_E3_06.00.03.300.0

🔴Vulnerability Details

2
GHSA
GHSA-cvg5-hjh8-246x: Improper condition check in some Intel(R) SPS firmware before version SPS_E3_062023-02-16
CVEList
CVE-2022-36794: Improper condition check in some Intel(R) SPS firmware before version SPS_E3_062023-02-16
CVE-2022-36794 (MEDIUM CVSS 4.4) | Improper condition check in some In | cvebase.io