CVE-2022-36382

Name: CVE-2022-36382
Creator: NVD / NIST
Published: 2023-02-16T21:15:13.353+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 4.4/10EPSS 0.19%

Last modified Jun 17, 2026

CVE-2022-36382 is a medium-severity vulnerability rated 4.4/10 on the CVSS scale. Out-of-bounds write in firmware for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 1.7.0.8 and some Intel(R) Ethernet 700 Series Controllers and Adapters before version 9.101 may allow a privileged user to potentially enable denial of service via local access.. EPSS estimates a 0.19% chance of exploitation in the next 30 days.

Description

Out-of-bounds write in firmware for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 1.7.0.8 and some Intel(R) Ethernet 700 Series Controllers and Adapters before version 9.101 may allow a privileged user to potentially enable denial of service via local access.

Metrics

CVSS 3.1

4.4/10

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

EPSS Probability

0.19%

8.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-787

Affected Software

Vendor	Product	Versions
Intel	Ethernet Network Controller E810-Cam1 Firmware	< 1.7.0.8
Intel	Ethernet Network Controller E810-Cam2 Firmware	< 1.7.0.8
Intel	Ethernet Network Controller E810-Xxvam2 Firmware	< 1.7.0.8
Intel	Ethernet Controller X710-Am2 Firmware	< 9.101
Intel	Ethernet Controller X710-Bm2 Firmware	< 9.101
Intel	Ethernet Controller Xl710-Am1 Firmware	< 9.101
Intel	Ethernet Controller Xl710-Am2 Firmware	< 9.101
Intel	Ethernet Controller Xl710-Bm1 Firmware	< 9.101
Intel	Ethernet Controller Xl710-Bm2 Firmware	< 9.101
Intel	Ethernet Controller Xxv710-Am1 Firmware	< 9.101
Intel	Ethernet Controller Xxv710-Am2 Firmware	< 9.101
Intel	Ethernet Converged Network Adapter X710-Da2 Firmware	< 9.101
Intel	Ethernet Converged Network Adapter X710-Da4 Firmware	< 9.101
Intel	Ethernet Converged Network Adapter Xl710-Da1 Firmware	< 9.101
Intel	Ethernet Converged Network Adapter Xl710-Da2 Firmware	< 9.101

References

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00754.htmlVendor Advisory
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00754.htmlVendor Advisory

Timeline

Published: Feb 16, 2023
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2022-36382?

How severe is CVE-2022-36382?

CVE-2022-36382 has a CVSS score of 4.4/10 (MEDIUM severity). The EPSS model estimates a 0.19% probability of exploitation in the next 30 days.

How do I fix CVE-2022-36382?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2022-36382?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST