Main Vulnerability Database Vulnerabilities #VU72456

#VU72456 Incorrect default permissions in 3rd Generation Intel Xeon Scalable Processors and Intel Xeon D Processors - CVE-2022-33196

Published: February 21, 2023

Vulnerability identifier: #VU72456

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-33196

CWE-ID: CWE-276

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
3rd Generation Intel Xeon Scalable Processors
Intel Xeon D Processors

Software vendor:
Intel

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to incorrect default permissions for memory controller configurations for some Intel Xeon processors when using Intel Software Guard Extensions. A local user escalate privileges on the system.

Remediation

Install updates from vendor's website.

External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00738.html

#VU72456 Incorrect default permissions in 3rd Generation Intel Xeon Scalable Processors and Intel Xeon D Processors - CVE-2022-33196

Description

Remediation

External links

Please verify you're human