CVE-2022-36392 - Vulnerability Details

Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00113.

Exploitation none

Automatable no

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

Intel(R) AMT and Intel(R) Standard Manageability in Intel (R) CSME

unaffected

Version	Status	Constraints
`before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27`	affected	—

Configuration 1 [-]

AND

cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:intel:c232:-:::::::*
	cpe:2.3:h:intel:c236:-:::::::*
	cpe:2.3:h:intel:c420:-:::::::*
	cpe:2.3:h:intel:c422:-:::::::*
	cpe:2.3:h:intel:cm236:-:::::::*
	cpe:2.3:h:intel:cm238:-:::::::*
	cpe:2.3:h:intel:x299:-:::::::*

Configuration 2 [-]

AND

cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:intel:b150:-:::::::*
	cpe:2.3:h:intel:b250:-:::::::*
	cpe:2.3:h:intel:core_i3-8100:-:::::::*
	cpe:2.3:h:intel:core_i3-8100b:-:::::::*
	cpe:2.3:h:intel:core_i3-8100h:-:::::::*
	cpe:2.3:h:intel:core_i3-8100t:-:::::::*
	cpe:2.3:h:intel:core_i3-8109u:-:::::::*
	cpe:2.3:h:intel:core_i3-8130u:-:::::::*
	cpe:2.3:h:intel:core_i3-8140u:-:::::::*
	cpe:2.3:h:intel:core_i3-8145u:-:::::::*
	cpe:2.3:h:intel:core_i3-8145ue:-:::::::*
	cpe:2.3:h:intel:core_i3-8300:-:::::::*
	cpe:2.3:h:intel:core_i3-8300t:-:::::::*
	cpe:2.3:h:intel:core_i3-8350k:-:::::::*
	cpe:2.3:h:intel:core_i5-8200y:-:::::::*
	cpe:2.3:h:intel:core_i5-8210y:-:::::::*
	cpe:2.3:h:intel:core_i5-8250u:-:::::::*
	cpe:2.3:h:intel:core_i5-8257u:-:::::::*
	cpe:2.3:h:intel:core_i5-8259u:-:::::::*
	cpe:2.3:h:intel:core_i5-8260u:-:::::::*
	cpe:2.3:h:intel:core_i5-8265u:-:::::::*
	cpe:2.3:h:intel:core_i5-8269u:-:::::::*
	cpe:2.3:h:intel:core_i5-8279u:-:::::::*
	cpe:2.3:h:intel:core_i5-8300h:-:::::::*
	cpe:2.3:h:intel:core_i5-8305g:-:::::::*
	cpe:2.3:h:intel:core_i5-8310y:-:::::::*
	cpe:2.3:h:intel:core_i5-8350u:-:::::::*
	cpe:2.3:h:intel:core_i5-8365u:-:::::::*
	cpe:2.3:h:intel:core_i5-8365ue:-:::::::*
	cpe:2.3:h:intel:core_i5-8400:-:::::::*
	cpe:2.3:h:intel:core_i5-8400b:-:::::::*
	cpe:2.3:h:intel:core_i5-8400h:-:::::::*
	cpe:2.3:h:intel:core_i5-8400t:-:::::::*
	cpe:2.3:h:intel:core_i5-8500:-:::::::*
	cpe:2.3:h:intel:core_i5-8500b:-:::::::*
	cpe:2.3:h:intel:core_i5-8500t:-:::::::*
	cpe:2.3:h:intel:core_i5-8600:-:::::::*
	cpe:2.3:h:intel:core_i5-8600k:-:::::::*
	cpe:2.3:h:intel:core_i5-8600t:-:::::::*
	cpe:2.3:h:intel:core_i7\+8700:-:::::::*
	cpe:2.3:h:intel:core_i7-8086k:-:::::::*
	cpe:2.3:h:intel:core_i7-8500y:-:::::::*
	cpe:2.3:h:intel:core_i7-8550u:-:::::::*
	cpe:2.3:h:intel:core_i7-8557u:-:::::::*
	cpe:2.3:h:intel:core_i7-8559u:-:::::::*
	cpe:2.3:h:intel:core_i7-8565u:-:::::::*
	cpe:2.3:h:intel:core_i7-8569u:-:::::::*
	cpe:2.3:h:intel:core_i7-8650u:-:::::::*
	cpe:2.3:h:intel:core_i7-8665u:-:::::::*
	cpe:2.3:h:intel:core_i7-8665ue:-:::::::*
	cpe:2.3:h:intel:core_i7-8700:-:::::::*
	cpe:2.3:h:intel:core_i7-8700b:-:::::::*
	cpe:2.3:h:intel:core_i7-8700k:-:::::::*
	cpe:2.3:h:intel:core_i7-8700t:-:::::::*
	cpe:2.3:h:intel:core_i7-8705g:-:::::::*
	cpe:2.3:h:intel:core_i7-8706g:-:::::::*
	cpe:2.3:h:intel:core_i7-8709g:-:::::::*
	cpe:2.3:h:intel:core_i7-8750h:-:::::::*
	cpe:2.3:h:intel:core_i7-8809g:-:::::::*
	cpe:2.3:h:intel:core_i7-8850h:-:::::::*
	cpe:2.3:h:intel:core_i9-8950hk:-:::::::*
	cpe:2.3:h:intel:core_m3-8100y:-:::::::*
	cpe:2.3:h:intel:h110:-:::::::*
	cpe:2.3:h:intel:h170:-:::::::*
cpe:2.3:h:intel:h270:-:::::::*
cpe:2.3:h:intel:hm170:-:::::::*
cpe:2.3:h:intel:hm175:-:::::::*
cpe:2.3:h:intel:q150:-:::::::*
cpe:2.3:h:intel:q170:-:::::::*
cpe:2.3:h:intel:q250:-:::::::*
cpe:2.3:h:intel:q270:-:::::::*
cpe:2.3:h:intel:qm170:-:::::::*
cpe:2.3:h:intel:qm175:-:::::::*
cpe:2.3:h:intel:x299:-:::::::*
cpe:2.3:h:intel:z170:-:::::::*
cpe:2.3:h:intel:z270:-:::::::*

Configuration 3 [-]

AND

cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:intel:b360:-:::::::*
	cpe:2.3:h:intel:b365:-:::::::*
	cpe:2.3:h:intel:c242:-:::::::*
	cpe:2.3:h:intel:c246:-:::::::*
	cpe:2.3:h:intel:celeron_4205u:-:::::::*
	cpe:2.3:h:intel:celeron_4305u:-:::::::*
	cpe:2.3:h:intel:celeron_4305ue:-:::::::*
	cpe:2.3:h:intel:cm246:-:::::::*
	cpe:2.3:h:intel:core_i3-8100:-:::::::*
	cpe:2.3:h:intel:core_i3-8100b:-:::::::*
	cpe:2.3:h:intel:core_i3-8100h:-:::::::*
	cpe:2.3:h:intel:core_i3-8100t:-:::::::*
	cpe:2.3:h:intel:core_i3-8109u:-:::::::*
	cpe:2.3:h:intel:core_i3-8130u:-:::::::*
	cpe:2.3:h:intel:core_i3-8140u:-:::::::*
	cpe:2.3:h:intel:core_i3-8145u:-:::::::*
	cpe:2.3:h:intel:core_i3-8145ue:-:::::::*
	cpe:2.3:h:intel:core_i3-8300:-:::::::*
	cpe:2.3:h:intel:core_i3-8300t:-:::::::*
	cpe:2.3:h:intel:core_i3-8350k:-:::::::*
	cpe:2.3:h:intel:core_i5-8200y:-:::::::*
	cpe:2.3:h:intel:core_i5-8210y:-:::::::*
	cpe:2.3:h:intel:core_i5-8250u:-:::::::*
	cpe:2.3:h:intel:core_i5-8257u:-:::::::*
	cpe:2.3:h:intel:core_i5-8259u:-:::::::*
	cpe:2.3:h:intel:core_i5-8260u:-:::::::*
	cpe:2.3:h:intel:core_i5-8265u:-:::::::*
	cpe:2.3:h:intel:core_i5-8269u:-:::::::*
	cpe:2.3:h:intel:core_i5-8279u:-:::::::*
	cpe:2.3:h:intel:core_i5-8300h:-:::::::*
	cpe:2.3:h:intel:core_i5-8305g:-:::::::*
	cpe:2.3:h:intel:core_i5-8310y:-:::::::*
	cpe:2.3:h:intel:core_i5-8350u:-:::::::*
	cpe:2.3:h:intel:core_i5-8365u:-:::::::*
	cpe:2.3:h:intel:core_i5-8365ue:-:::::::*
	cpe:2.3:h:intel:core_i5-8400:-:::::::*
	cpe:2.3:h:intel:core_i5-8400b:-:::::::*
	cpe:2.3:h:intel:core_i5-8400h:-:::::::*
	cpe:2.3:h:intel:core_i5-8400t:-:::::::*
	cpe:2.3:h:intel:core_i5-8500:-:::::::*
	cpe:2.3:h:intel:core_i5-8500b:-:::::::*
	cpe:2.3:h:intel:core_i5-8500t:-:::::::*
	cpe:2.3:h:intel:core_i5-8600:-:::::::*
	cpe:2.3:h:intel:core_i5-8600k:-:::::::*
	cpe:2.3:h:intel:core_i5-8600t:-:::::::*
	cpe:2.3:h:intel:core_i7\+8700:-:::::::*
	cpe:2.3:h:intel:core_i7-8086k:-:::::::*
	cpe:2.3:h:intel:core_i7-8500y:-:::::::*
	cpe:2.3:h:intel:core_i7-8550u:-:::::::*
	cpe:2.3:h:intel:core_i7-8557u:-:::::::*
	cpe:2.3:h:intel:core_i7-8559u:-:::::::*
	cpe:2.3:h:intel:core_i7-8565u:-:::::::*
	cpe:2.3:h:intel:core_i7-8569u:-:::::::*
	cpe:2.3:h:intel:core_i7-8650u:-:::::::*
	cpe:2.3:h:intel:core_i7-8665u:-:::::::*
	cpe:2.3:h:intel:core_i7-8665ue:-:::::::*
	cpe:2.3:h:intel:core_i7-8700:-:::::::*
	cpe:2.3:h:intel:core_i7-8700b:-:::::::*
	cpe:2.3:h:intel:core_i7-8700k:-:::::::*
	cpe:2.3:h:intel:core_i7-8700t:-:::::::*
	cpe:2.3:h:intel:core_i7-8705g:-:::::::*
	cpe:2.3:h:intel:core_i7-8706g:-:::::::*
	cpe:2.3:h:intel:core_i7-8709g:-:::::::*
	cpe:2.3:h:intel:core_i7-8750h:-:::::::*
cpe:2.3:h:intel:core_i7-8809g:-:::::::*
cpe:2.3:h:intel:core_i7-8850h:-:::::::*
cpe:2.3:h:intel:core_i9-8950hk:-:::::::*
cpe:2.3:h:intel:core_m3-8100y:-:::::::*
cpe:2.3:h:intel:h310:-:::::::*
cpe:2.3:h:intel:h370:-:::::::*
cpe:2.3:h:intel:hm370:-:::::::*
cpe:2.3:h:intel:pentium_gold_5405u:-:::::::*
cpe:2.3:h:intel:q370:-:::::::*
cpe:2.3:h:intel:qm370:-:::::::*
cpe:2.3:h:intel:z370:-:::::::*
cpe:2.3:h:intel:z390:-:::::::*

Configuration 4 [-]

AND

OR	cpe:2.3:a:intel:converged_security_management_engine_firmware::::::::
	cpe:2.3:a:intel:converged_security_management_engine_firmware::::::::

OR	cpe:2.3:h:intel:b460:-:::::::*
	cpe:2.3:h:intel:h410:-:::::::*
	cpe:2.3:h:intel:h420e:-:::::::*
	cpe:2.3:h:intel:h470:-:::::::*
	cpe:2.3:h:intel:hm470:-:::::::*
	cpe:2.3:h:intel:q470:-:::::::*
	cpe:2.3:h:intel:q470e:-:::::::*
	cpe:2.3:h:intel:qm480:-:::::::*
	cpe:2.3:h:intel:w480:-:::::::*
	cpe:2.3:h:intel:w480e:-:::::::*
	cpe:2.3:h:intel:wm490:-:::::::*
	cpe:2.3:h:intel:z490:-:::::::*

Configuration 5 [-]

AND

cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:intel:b560:-:::::::*
	cpe:2.3:h:intel:h510:-:::::::*
	cpe:2.3:h:intel:h570:-:::::::*
	cpe:2.3:h:intel:hm570:-:::::::*
	cpe:2.3:h:intel:hm570e:-:::::::*
	cpe:2.3:h:intel:q570:-:::::::*
	cpe:2.3:h:intel:qm580:-:::::::*
	cpe:2.3:h:intel:qm580e:-:::::::*
	cpe:2.3:h:intel:rm590e:-:::::::*
	cpe:2.3:h:intel:w580:-:::::::*
	cpe:2.3:h:intel:wm590:-:::::::*
	cpe:2.3:h:intel:z590:-:::::::*

Configuration 6 [-]

AND

cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:intel:b660:-:::::::*
	cpe:2.3:h:intel:h610:-:::::::*
	cpe:2.3:h:intel:h610e:-:::::::*
	cpe:2.3:h:intel:h670:-:::::::*
	cpe:2.3:h:intel:hm670:-:::::::*
	cpe:2.3:h:intel:q670:-:::::::*
	cpe:2.3:h:intel:q670e:-:::::::*
	cpe:2.3:h:intel:r680e:-:::::::*
	cpe:2.3:h:intel:w680:-:::::::*
	cpe:2.3:h:intel:wm690:-:::::::*
	cpe:2.3:h:intel:z690:-:::::::*

No data.

Project Subscriptions

Vendors	Products
Intel Subscribe	B150 Subscribe B250 Subscribe B360 Subscribe B365 Subscribe B460 Subscribe B560 Subscribe B660 Subscribe C232 Subscribe C236 Subscribe C242 Subscribe C246 Subscribe C420 Subscribe C422 Subscribe Celeron 4205u Subscribe Celeron 4305u Subscribe Celeron 4305ue Subscribe Cm236 Subscribe Cm238 Subscribe Cm246 Subscribe Converged Security Management Engine Firmware Subscribe Core I3-8100 Subscribe Core I3-8100b Subscribe Core I3-8100h Subscribe Core I3-8100t Subscribe Core I3-8109u Subscribe Core I3-8130u Subscribe Core I3-8140u Subscribe Core I3-8145u Subscribe Core I3-8145ue Subscribe Core I3-8300 Subscribe Core I3-8300t Subscribe Core I3-8350k Subscribe Core I5-8200y Subscribe Core I5-8210y Subscribe Core I5-8250u Subscribe Core I5-8257u Subscribe Core I5-8259u Subscribe Core I5-8260u Subscribe Core I5-8265u Subscribe Core I5-8269u Subscribe Core I5-8279u Subscribe Core I5-8300h Subscribe Core I5-8305g Subscribe Core I5-8310y Subscribe Core I5-8350u Subscribe Core I5-8365u Subscribe Core I5-8365ue Subscribe Core I5-8400 Subscribe Core I5-8400b Subscribe Core I5-8400h Subscribe Core I5-8400t Subscribe Core I5-8500 Subscribe Core I5-8500b Subscribe Core I5-8500t Subscribe Core I5-8600 Subscribe Core I5-8600k Subscribe Core I5-8600t Subscribe Core I7-8086k Subscribe Core I7-8500y Subscribe Core I7-8550u Subscribe Core I7-8557u Subscribe Core I7-8559u Subscribe Core I7-8565u Subscribe Core I7-8569u Subscribe Core I7-8650u Subscribe Core I7-8665u Subscribe Core I7-8665ue Subscribe Core I7-8700 Subscribe Core I7-8700b Subscribe Core I7-8700k Subscribe Core I7-8700t Subscribe Core I7-8705g Subscribe Core I7-8706g Subscribe Core I7-8709g Subscribe Core I7-8750h Subscribe Core I7-8809g Subscribe Core I7-8850h Subscribe Core I7\+8700 Subscribe Core I9-8950hk Subscribe Core M3-8100y Subscribe H110 Subscribe H170 Subscribe H270 Subscribe H310 Subscribe H370 Subscribe H410 Subscribe H420e Subscribe H470 Subscribe H510 Subscribe H570 Subscribe H610 Subscribe H610e Subscribe H670 Subscribe Hm170 Subscribe Hm175 Subscribe Hm370 Subscribe Hm470 Subscribe Hm570 Subscribe Hm570e Subscribe Hm670 Subscribe Pentium Gold 5405u Subscribe Q150 Subscribe Q170 Subscribe Q250 Subscribe Q270 Subscribe Q370 Subscribe Q470 Subscribe Q470e Subscribe Q570 Subscribe Q670 Subscribe Q670e Subscribe Qm170 Subscribe Qm175 Subscribe Qm370 Subscribe Qm480 Subscribe Qm580 Subscribe Qm580e Subscribe R680e Subscribe Rm590e Subscribe W480 Subscribe W480e Subscribe W580 Subscribe W680 Subscribe Wm490 Subscribe Wm590 Subscribe Wm690 Subscribe X299 Subscribe Z170 Subscribe Z270 Subscribe Z370 Subscribe Z390 Subscribe Z490 Subscribe Z590 Subscribe Z690 Subscribe
Intel And Intel Standard Manageability In Intel Csme Subscribe	Intel And Intel Standard Manageability In Intel Csme Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2022-39105	Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html
https://security.netapp.com/advisory/ntap-20230824-0002/

History

Thu, 17 Oct 2024 15:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Intel And Intel Standard Manageability In Intel Csme Intel And Intel Standard Manageability In Intel Csme intel And Intel Standard Manageability In Intel Csme
Weaknesses		CWE-116
CPEs		cpe:2.3:a:intel_and_intel_standard_manageability_in_intel_csme:intel_and_intel_standard_manageability_in_intel_csme::::::::
Vendors & Products		Intel And Intel Standard Manageability In Intel Csme Intel And Intel Standard Manageability In Intel Csme intel And Intel Standard Manageability In Intel Csme
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: intel

Published: 2023-08-11T02:36:55.653Z

Updated: 2025-02-13T16:32:48.992Z

Reserved: 2022-07-24T03:00:08.597Z

Link: CVE-2022-36392

Vulnrichment

Updated: 2024-08-03T10:00:04.315Z

NVD

Status : Modified

Published: 2023-08-11T03:15:13.250

Modified: 2024-11-21T07:12:55.977

Link: CVE-2022-36392

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object