CVE-2022-38102

Summary

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.

Affected Software

VendorProductVersion RangeStatus
n/aIntel(R) Converged Security and Management Enginebefore versions 15.0.45, and 16.1.27affected

Weaknesses

  • denial of service
  • CWE-20: Improper Input validation

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References