Core I9 7940X Firmware
CVE-2022-21136
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access.
AnalysisAI
Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-20. Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access. Affected products include: Intel Core I9-7940X Firmware, Intel Core I9-7960X Firmware, Intel Core I9-7980Xe Firmware, Intel Core I9-7920X Firmware, Intel Core I9-7900X Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Core I9 7940X Firmware
View allInsufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R)
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially e
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized
Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable infor
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially
Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure
Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow a
Same weakness CWE-20 – Improper Input Validation
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today