What is CVE-2022-35729?

CVE-2022-35729 is a high-severity vulnerability in Intel C621a, classified under Out-of-bounds Read. CVSS score: 7.5/10. Published 2023-02-16.

How severe is CVE-2022-35729?

High severity. CVSS v3 base score is 7.5 out of 10.

Out-of-bounds Read in Intel C621a

CVE-2022-35729

Out of bounds read in firmware for OpenBMC in some Intel(R) platforms before version 0.72 may allow unauthenticated user to potentially enable denial of service via network access.

Vulnerability class: Buffer Overflow

EPSS: 0.007 (48.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Intel C621a
Intel C624a
Intel C627a
Intel C629a
Intel Xeon_gold_5315y
Intel Xeon_gold_5317
Intel Xeon_gold_5318h
Intel Xeon_gold_5318n
Intel Xeon_gold_5318s
Intel Xeon_gold_5318y

Weakness classification (CWE)

CWE-125 — Out-of-bounds Read

References

secure@intel.com (Vendor Advisory)

Frequently asked questions

What is CVE-2022-35729?: CVE-2022-35729 is a high-severity vulnerability in Intel C621a, classified under Out-of-bounds Read. CVSS score: 7.5/10. Published 2023-02-16.
How severe is CVE-2022-35729?: High severity. CVSS v3 base score is 7.5 out of 10.