Vulnerabilities > CVE-2022-36794 - Improper Check for Unusual or Exceptional Conditions vulnerability in Intel Server Platform Services

CVSS 4.4 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

intel

CWE-754

NVD

Published: 2023-02-16

Updated: 2023-03-06

Summary

Improper condition check in some Intel(R) SPS firmware before version SPS_E3_06.00.03.300.0 may allow a privileged user to potentially enable denial of service via local access.

Vulnerable Configurations

Part	Description	Count
Application	Intel Intel Server Platform Services E3_05.01.04.200 Intel Server Platform Services E5_04.01.04.400 Intel Server Platform Services Sps_E3_04.01.04.054.0 Intel Server Platform Services Sps_E3_04.01.04.109.0 Intel Server Platform Services Sps_E3_04.01.04.200 Intel Server Platform Services Sps_E3_04.08.04.070.0 Intel Server Platform Services Sps_E3_05.01.04.300.0	7

Common Weakness Enumeration (CWE)

CWE-754 - Improper Check for Unusual or Exceptional Conditions

References

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00718.html