CVE-2023-22276

CWE-421 CWE-362 — Race Condition3 documents3 sources

Severity

4.7MEDIUM

EPSS

0.0%

top 91.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Ethernet Network Controller E810-cam1 Firmware Intel Ethernet Network Controller E810-cam2 Firmware Intel Ethernet Network Controller E810-xxvam2 Firmware

Timeline

PublishedAug 11

Description

Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 2.0 | Impact: 4.0

Affected Packages4 packages

▶CVEListV5intel(r)_ethernet_controllers_and_adapters_e810_seriesbefore version 1.7.2.4

▶NVDintel/ethernet_network_controller_e810-cam1_firmware< 1.7.2.4

▶NVDintel/ethernet_network_controller_e810-cam2_firmware< 1.7.2.4

▶NVDintel/ethernet_network_controller_e810-xxvam2_firmware< 1.7.2.4

🔴Vulnerability Details

CVEList

CVE-2023-22276: Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1↗2023-08-11

▶

GHSA

GHSA-4w59-2w8q-ghq2: Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1↗2023-08-11

▶