Improper Condition Check in Intel SPS Firmware
CVE-2022-36794

6MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Sps Firmware
Vendor: CVE Published:; 16 February 2023

What is CVE-2022-36794?

A security flaw exists in certain versions of Intel SPS firmware, allowing a privileged user local access that could lead to a denial of service condition. This improper condition check in the firmware may enable unauthorized actions if exploited, emphasizing the necessity of updating to safeguard against potential threats. For detailed insights, refer to Intel's security advisory.

Affected Version(s)

Intel(R) SPS firmware before version SPS_E3_06.00.03.300.0

References

http://www.intel.com/content/www/us/en/security-center/ad...

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 16, 2023
Vulnerability Reserved
Jul 28, 2022