CVE-2022-33196

HIGH7.2

Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access

Published Feb 16, 2023

Modified 1 years ago

Details

Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access.

References

WEB

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00738.html

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2022-33196

CVSS Analysis

CVSS v3.1

7.2

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

HighAC:H

Privileges Required

HighPR:H

User Interaction

NoneUI:N

Scope

ChangedS:C

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

NoneA:N

7.2/CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

Ecosystems

Timeline

PublishedFeb 16, 2023

ModifiedJan 27, 2025