CVE-2022-36392

Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access.

Published: Aug 11, 2023
Updated: Aug 22, 2023
CVE: CVE-2022-36392
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
intel / converged_security_management_engine_firmware	-	11.12.94
intel / converged_security_management_engine_firmware	-	11.8.94
intel / converged_security_management_engine_firmware	-	12.0.93
intel / converged_security_management_engine_firmware	-	14.1.70
intel / converged_security_management_engine_firmware	14.5.0	14.5.50
intel / converged_security_management_engine_firmware	-	15.0.45
intel / converged_security_management_engine_firmware	-	16.1.27

Vulnerability Database

289,599

CVE-2022-36392