Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2022-28693 |
CWE-ID | CWE-1037 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Intel Xeon E Processors Hardware solutions / Firmware Intel Xeon W Processors Hardware solutions / Firmware Intel Core X-series Processors Hardware solutions / Firmware 2nd Generation Intel Xeon Scalable Processors Hardware solutions / Firmware 3rd Generation Intel Xeon Scalable Processors Hardware solutions / Firmware 10th Generation Intel Core Processors Hardware solutions / Firmware Intel Core Processors with Intel Hybrid Technology Hardware solutions / Firmware 11th Generation Intel Core Processors Hardware solutions / Firmware 8th Generation Intel Core Processors Hardware solutions / Firmware Intel Pentium Gold Processor Series Hardware solutions / Firmware Intel Celeron Processor 5000 Series Hardware solutions / Firmware 12th Generation Intel Core Processors Hardware solutions / Firmware Intel Celeron Processors Hardware solutions / Firmware 9th Generation Intel Core Processors Client/Desktop applications / Web browsers |
Vendor | Intel |
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU65221
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2022-28693
CWE-ID:
CWE-1037 - Processor optimization removal or modification of security-critical code
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to unprotected alternative channel of return branch target prediction. A local user can gain access to sensitive information.
Install updates from vendor's website.
Vulnerable software versionsIntel Xeon E Processors: All versions
Intel Xeon W Processors: All versions
Intel Core X-series Processors: All versions
2nd Generation Intel Xeon Scalable Processors: All versions
3rd Generation Intel Xeon Scalable Processors: All versions
10th Generation Intel Core Processors: All versions
Intel Core Processors with Intel Hybrid Technology: All versions
11th Generation Intel Core Processors: All versions
8th Generation Intel Core Processors: All versions
Intel Pentium Gold Processor Series: All versions
Intel Celeron Processor 5000 Series: All versions
12th Generation Intel Core Processors: All versions
Intel Celeron Processors: All versions
9th Generation Intel Core Processors: All versions
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00707.html
http://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/return-stack-buffer-underflow.html
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?