#VU79560 Insufficient control flow management in Intel products - CVE-2022-43505
Published: August 15, 2023
Vulnerability identifier: #VU79560
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-43505
CWE-ID: CWE-691
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
9th Generation Intel Core Processors
8th Generation Intel Core Processors
Intel Celeron Processor G Series
Intel Pentium Gold Processor Series
Intel Core X-series Processor
Intel Xeon W Processors
7th Generation Intel Core Processors
10th Generation Intel Core Processors
Intel Celeron Processor N Series
Intel Celeron Processor J Series
Intel Pentium Processor Silver Series
Intel Xeon Processor E5 v3 Family
Intel Xeon Processor E5 v4 Family
Intel Xeon D Processors
2nd Generation Intel Xeon Scalable Processors
Intel Xeon Processor E7 v3 Family
Intel Xeon Processor E7 v4 Family
Intel Core Processors with Intel Hybrid Technology
Intel Xeon Processor E3 v6 Family
Intel Xeon D-1633N Processor
Intel Atom Processor C3XXX
3rd Generation Intel Xeon Scalable Processors
Intel Atom Processor A Series
Intel Xeon Scalable Processors
Intel Atom Processor E3900 Series
Intel Pentium Processor N Series
Intel Pentium Processor J Series
9th Generation Intel Core Processors
8th Generation Intel Core Processors
Intel Celeron Processor G Series
Intel Pentium Gold Processor Series
Intel Core X-series Processor
Intel Xeon W Processors
7th Generation Intel Core Processors
10th Generation Intel Core Processors
Intel Celeron Processor N Series
Intel Celeron Processor J Series
Intel Pentium Processor Silver Series
Intel Xeon Processor E5 v3 Family
Intel Xeon Processor E5 v4 Family
Intel Xeon D Processors
2nd Generation Intel Xeon Scalable Processors
Intel Xeon Processor E7 v3 Family
Intel Xeon Processor E7 v4 Family
Intel Core Processors with Intel Hybrid Technology
Intel Xeon Processor E3 v6 Family
Intel Xeon D-1633N Processor
Intel Atom Processor C3XXX
3rd Generation Intel Xeon Scalable Processors
Intel Atom Processor A Series
Intel Xeon Scalable Processors
Intel Atom Processor E3900 Series
Intel Pentium Processor N Series
Intel Pentium Processor J Series
Software vendor:
Intel
Intel
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient control flow management in the BIOS firmware. A local user can perform a denial of service (DoS) attack.
Remediation
Install updates from vendor's website.