Information disclosure in Intel PCSD BIOS - CVE-2022-34657
Published: August 10, 2023
Vulnerability identifier: #VU79370
CSH Severity: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-34657
CWE-ID: CWE-200
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Intel PCSD BIOS
Intel PCSD BIOS
Software vendor:
Intel
Intel
Description
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to excessive data output. A local user can gain unauthorized access to sensitive information on the system.
Remediation
Install updates from vendor's website.
The following produces are affected:
- Intel® Server Board:
- S2600WFT, S2600WFTF, S2600WFTR, S2600WFQ, S2600WFQR, S2600WF0, S2600WF0R.
- Intel® Server System:
- R1208WFQYSR, R1208WFTYS, R1208WFTYSR.
- R1304WF0YS, R1304WF0YSR, R1304WFTYS, R1304WFTYSR.
- R2208WF0ZS, R2208WF0ZSR, R2208WFQZS, R2208WFQZSR, R2208WFTZS, R2208WFTZSR.
- R2224WFQZS, R2224WFTZS, R2224WFTZSR.
- R2308WFTZS, R2308WFTZSR.
- R2312WF0NP, R2312WF0NPR, R2312WFQZS, R2312WFTZS, R2312WFTZSR.