CVE-2022-29871
https://notcve.org/view.php?id=CVE-2022-29871
Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Un control de acceso inadecuado en el instalador del software Intel(R) CSME anterior a la versión 2239.3.7.0 puede permitir que un usuario autenticado habilite potencialmente una escalada de privilegios mediante acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html https://security.netapp.com/advisory/ntap-20230824-0002 • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVE-2022-38087
https://notcve.org/view.php?id=CVE-2022-38087
Exposure of resource to wrong sphere in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. • https://security.netapp.com/advisory/ntap-20231124-0006 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00807.html • CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2022-38090
https://notcve.org/view.php?id=CVE-2022-38090
Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00767.html •
CVE-2022-33196 – kernel: Intel firmware update for Incorrect default permissions in some memory controller configurations
https://notcve.org/view.php?id=CVE-2022-33196
Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access. A flaw was found in the Linux kernel. Some Intel(R) Xeon(R) processors with Intel® Software Guard Extensions (SGX) may allow privilege escalation. This issue may allow a privileged user to enable privilege escalation via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00738.html https://access.redhat.com/security/cve/CVE-2022-33196 https://bugzilla.redhat.com/show_bug.cgi?id=2171252 • CWE-276: Incorrect Default Permissions •
CVE-2022-29493
https://notcve.org/view.php?id=CVE-2022-29493
Uncaught exception in webserver for the Integrated BMC in some Intel(R) platforms before versions 2.86, 2.09 and 2.78 may allow a privileged user to potentially enable denial of service via network access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00737.html • CWE-755: Improper Handling of Exceptional Conditions •