Information Disclosure Vulnerability in 3rd Generation Intel Xeon Scalable Processors
CVE-2022-33972

6.1MEDIUM

Key Information:

Vendor: Intel
Status: 3rd Generation Intel(r) Xeon(r) Scalable Processors
Vendor: CVE Published:; 16 February 2023

What is CVE-2022-33972?

A vulnerability exists in the microcode keying mechanism of certain 3rd Generation Intel Xeon Scalable Processors that could allow a privileged user to potentially disclose sensitive information through local access. This flaw emphasizes the importance of ensuring proper access controls and vigilance in security practices when handling sensitive data.

Affected Version(s)

3rd Generation Intel(R) Xeon(R) Scalable Processors See references

References

http://www.intel.com/content/www/us/en/security-center/ad...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 16, 2023
Vulnerability Reserved
Jul 2, 2022