CVE-2022-37343
MEDIUMCVSS 6.7/10EPSS 0.16%
Last modified
CVE-2022-37343 is a medium-severity vulnerability rated 6.7/10 on the CVSS scale. Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.. EPSS estimates a 0.16% chance of exploitation in the next 30 days.
Description
Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Metrics
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Intel | Atom C3338r Firmware | All versions |
| Intel | Atom C3436l Firmware | All versions |
| Intel | Atom C3558r Firmware | All versions |
| Intel | Atom C3758r Firmware | All versions |
| Intel | Atom C3336 Firmware | All versions |
| Intel | Atom C3308 Firmware | All versions |
| Intel | Atom C3508 Firmware | All versions |
| Intel | Atom C3538 Firmware | All versions |
| Intel | Atom C3558 Firmware | All versions |
| Intel | Atom C3708 Firmware | All versions |
| Intel | Atom C3750 Firmware | All versions |
| Intel | Atom C3758 Firmware | All versions |
| Intel | Atom C3808 Firmware | All versions |
| Intel | Atom C3830 Firmware | All versions |
| Intel | Atom C3850 Firmware | All versions |
| Intel | Atom C3858 Firmware | All versions |
| Intel | Atom C3950 Firmware | All versions |
| Intel | Atom C3955 Firmware | All versions |
| Intel | Atom C3958 Firmware | All versions |
| Intel | Atom C3338 Firmware | All versions |
| Intel | Atom P5731 Firmware | All versions |
| Intel | Atom P5362 Firmware | All versions |
| Intel | Atom P5352 Firmware | All versions |
| Intel | Atom P5342 Firmware | All versions |
| Intel | Atom P5332 Firmware | All versions |
| Intel | Atom P5322 Firmware | All versions |
| Intel | Atom P5742 Firmware | All versions |
| Intel | Atom P5721 Firmware | All versions |
| Intel | Atom P5752 Firmware | All versions |
| Intel | Atom P5931b Firmware | All versions |
| Intel | Atom P5962b Firmware | All versions |
| Intel | Xeon D-2745nx Firmware | All versions |
| Intel | Xeon D-2757nx Firmware | All versions |
| Intel | Xeon D-2777nx Firmware | All versions |
| Intel | Xeon D-2798nx Firmware | All versions |
| Intel | Xeon D-1702 Firmware | All versions |
| Intel | Xeon D-1712tr Firmware | All versions |
| Intel | Xeon D-1713nt Firmware | All versions |
| Intel | Xeon D-1713nte Firmware | All versions |
| Intel | Xeon D-1714 Firmware | All versions |
| Intel | Xeon D-1715ter Firmware | All versions |
| Intel | Xeon D-1718t Firmware | All versions |
| Intel | Xeon D-1722ne Firmware | All versions |
| Intel | Xeon D-1726 Firmware | All versions |
| Intel | Xeon D-1732te Firmware | All versions |
| Intel | Xeon D-1733nt Firmware | All versions |
| Intel | Xeon D-1734nt Firmware | All versions |
| Intel | Xeon D-1735tr Firmware | All versions |
| Intel | Xeon D-1736 Firmware | All versions |
| Intel | Xeon D-1736nt Firmware | All versions |
Showing 50 of 114 affected configurations. See NVD for the full list.
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-37343?
Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
How severe is CVE-2022-37343?
CVE-2022-37343 has a CVSS score of 6.7/10 (MEDIUM severity). The EPSS model estimates a 0.16% probability of exploitation in the next 30 days.
How do I fix CVE-2022-37343?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2022-37343?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST