CVE-2024-22382

Improper input validation in PprRequestLog module in UEFI firmware for some Intel(R) Server D50DNP Family products may allow a privileged user to enable escalation of privilege via local access.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 6.0

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html

Configurations

No configuration.

History

21 Nov 2024, 08:56

Type	Values Removed	Values Added
Summary		(es) La validación de entrada incorrecta en el módulo PprRequestLog en el firmware UEFI para algunos productos de la familia Intel(R) Server D50DNP puede permitir que un usuario privilegiado habilite la escalada de privilegios a través del acceso local.
References	~~() https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html -~~	() https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html -

16 May 2024, 21:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-16 21:16

Updated : 2024-11-21 08:56

NVD link : CVE-2024-22382

Mitre link : CVE-2024-22382

CVE.ORG link : CVE-2024-22382

JSON object : View

Products Affected

No product.

CWE

CWE-20

Improper Input Validation

7.5 /10