Buffer overflow in Intel Ethernet_controller_x710-am2
CVE-2022-36382
Out-of-bounds write in firmware for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 1.7.0.8 and some Intel(R) Ethernet 700 Series Controllers and Adapters before version 9.101 may allow a privileged user…
Vulnerability class: Buffer Overflow
EPSS: 0.002 (8.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.0 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H.
Affected products
- Intel Ethernet_controller_x710-am2
- Intel Ethernet_controller_x710-am2_firmware
- Intel Ethernet_controller_x710-bm2
- Intel Ethernet_controller_x710-bm2_firmware
- Intel Ethernet_controller_xl710-am1
- Intel Ethernet_controller_xl710-am1_firmware
- Intel Ethernet_controller_xl710-am2
- Intel Ethernet_controller_xl710-am2_firmware
- Intel Ethernet_controller_xl710-bm1
- Intel Ethernet_controller_xl710-bm1_firmware
Weakness classification (CWE)
References
- secure@intel.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2022-36382?
- CVE-2022-36382 is a medium-severity vulnerability in Intel Ethernet_controller_x710-am2, classified under Out-of-bounds Write. CVSS score: 6.0/10. Published 2023-02-16.
- How severe is CVE-2022-36382?
- Medium severity. CVSS v3 base score is 6.0 out of 10.