CVE-2022-34657 MEDIUM

CVE-2022-34657

Vendor N/A

Product Intel(R) PCSD BIOS

Weakness CWE-20 · Input validation

Published August 11, 2023

Last update October 2, 2024

View on NVD All CVEs

CVSS base score

6.0/10

Attack vector Local

Attack complexity Low

Privileges required High

User interaction None

Confidentiality High

Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

What the vulnerability does

01Description

Improper input validation in firmware for some Intel(R) PCSD BIOS before version 02.01.0013 may allow a privileged user to potentially enable information disclosure via local access.

Key dates

02Disclosure timeline

August 11, 2023 CVE published

October 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-34657

Related vulnerabilities

04Related CVE

CVE-2023-41268 Possible stack overflow due to insufficient input validation CVE-2024-47823 Livewire Remote Code Execution (RCE) on File Uploads CVE-2023-32170 Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service Vulnerability CVE-2021-36283 CVE-2026-40466 Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Possible bypass of CVE-2026-34197 via HTTP discovery second-stage URI