Input Validation Flaw in Intel VROC Software
CVE-2022-25976

5.5MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Vroc Software
Vendor: CVE Published:; 10 May 2023

What is CVE-2022-25976?

An input validation issue in Intel VROC software versions earlier than 7.7.6.1003 allows authenticated users to potentially perform denial of service attacks by exploiting local access. This vulnerability underscores the importance of robust input validation practices to secure systems against unauthorized access and service disruptions. For detailed mitigation strategies and updates, refer to the Intel Security Advisory at the provided link.

Affected Version(s)

Intel(R) VROC software before version 7.7.6.1003

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 10, 2023
Vulnerability Reserved
May 11, 2022