What is CVE-2022-36392?

CVE-2022-36392 is a high-severity vulnerability in Intel B150, classified under Improper Input Validation. CVSS score: 8.6/10. Published 2023-08-11.

How severe is CVE-2022-36392?

High severity. CVSS v3 base score is 8.6 out of 10.

Improper input validation in Intel B150

CVE-2022-36392

Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to pote…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.005 (41.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H.

Affected products

Intel B150
Intel B250
Intel B360
Intel B365
Intel B460
Intel B560
Intel B660
Intel C232
Intel C236
Intel C242

Weakness classification (CWE)

CWE-20 — Improper Input Validation
CWE-116 — Improper Encoding or Escaping of Output

References

secure@intel.com (Vendor Advisory)
secure@intel.com

Frequently asked questions

What is CVE-2022-36392?: CVE-2022-36392 is a high-severity vulnerability in Intel B150, classified under Improper Input Validation. CVSS score: 8.6/10. Published 2023-08-11.
How severe is CVE-2022-36392?: High severity. CVSS v3 base score is 8.6 out of 10.