Skip to main content

Core I5 7640X Firmware CVE-2022-26006

MEDIUM
Improper Input Validation (CWE-20)
2022-11-11 secure@intel.com
Intel Privilege Escalation Core I5 7640X Firmware Core I7 3820 Firmware Core I7 3920Xm Firmware Core I7 3930K Firmware Core I7 3940Xm Firmware Core I7 3960X Firmware Core I7 3970X Firmware Core I7 4820K Firmware Core I7 4930K Firmware Core I7 4930Mx Firmware Core I7 4940Mx Firmware Core I7 4960X Firmware Core I7 5820K Firmware Core I7 5930K Firmware Core I7 5960X Firmware Core I7 6800K Firmware Core I7 6850K Firmware Core I7 6900K Firmware Core I7 6950X Firmware Core I7 7740X Firmware Core I7 7800X Firmware Core I7 7820X Firmware Core I7 9800X Firmware Core I9 10900X Firmware Core I9 10920X Firmware Core I9 10940X Firmware Core I9 10980Xe Firmware Core I9 7900X Firmware Core I9 7920X Firmware Core I9 7940X Firmware Core I9 7960X Firmware Core I9 7980Xe Firmware Core I9 9820X Firmware Core I9 9900X Firmware Core I9 9920X Firmware Core I9 9940X Firmware Core I9 9960X Firmware Core I9 9980Xe Firmware Xeon E5 1428L V3 Firmware Xeon E5 1620 V3 Firmware Xeon E5 1620 V4 Firmware Xeon E5 1630 V3 Firmware Xeon E5 1630 V4 Firmware Xeon E5 1650 V3 Firmware Xeon E5 1650 V4 Firmware Xeon E5 1660 V3 Firmware Xeon E5 1660 V4 Firmware Xeon E5 1680 V3 Firmware Xeon E5 1680 V4 Firmware Xeon E5 2408L V3 Firmware Xeon E5 2418L V3 Firmware Xeon E5 2428L V3 Firmware Xeon E5 2438L V3 Firmware Xeon E5 2603 V3 Firmware Xeon E5 2603 V4 Firmware Xeon E5 2608L V3 Firmware Xeon E5 2608L V4 Firmware Xeon E5 2609 V3 Firmware Xeon E5 2609 V4 Firmware Xeon E5 2618L V3 Firmware Xeon E5 2618L V4 Firmware Xeon E5 2620 V3 Firmware Xeon E5 2620 V4 Firmware Xeon E5 2623 V3 Firmware Xeon E5 2623 V4 Firmware Xeon E5 2628L V3 Firmware Xeon E5 2628L V4 Firmware Xeon E5 2630 V3 Firmware Xeon E5 2630 V4 Firmware Xeon E5 2630L V3 Firmware Xeon E5 2630L V4 Firmware Xeon E5 2637 V3 Firmware Xeon E5 2637 V4 Firmware Xeon E5 2640 V3 Firmware Xeon E5 2640 V4 Firmware Xeon E5 2643 V3 Firmware Xeon E5 2643 V4 Firmware Xeon E5 2648L V3 Firmware Xeon E5 2648L V4 Firmware Xeon E5 2650 V3 Firmware Xeon E5 2650 V4 Firmware Xeon E5 2650L V3 Firmware Xeon E5 2650L V4 Firmware Xeon E5 2658 V3 Firmware Xeon E5 2658 V4 Firmware Xeon E5 2658A V3 Firmware Xeon E5 2660 V3 Firmware Xeon E5 2660 V4 Firmware Xeon E5 2667 V3 Firmware Xeon E5 2667 V4 Firmware Xeon E5 2670 V3 Firmware Xeon E5 2680 V3 Firmware Xeon E5 2680 V4 Firmware Xeon E5 2683 V3 Firmware Xeon E5 2683 V4 Firmware Xeon E5 2687W V3 Firmware Xeon E5 2687W V4 Firmware Xeon E5 2690 V3 Firmware Xeon E5 2690 V4 Firmware Xeon E5 2695 V3 Firmware Xeon E5 2695 V4 Firmware Xeon E5 2697 V3 Firmware Xeon E5 2697 V4 Firmware Xeon E5 2697A V4 Firmware Xeon E5 2698 V3 Firmware Xeon E5 2698 V4 Firmware Xeon E5 2699 V3 Firmware Xeon E5 2699 V4 Firmware Xeon E5 2699A V4 Firmware Xeon E5 2699R V4 Firmware Xeon E5 4610 V3 Firmware Xeon E5 4610 V4 Firmware Xeon E5 4620 V3 Firmware Xeon E5 4620 V4 Firmware Xeon E5 4627 V3 Firmware Xeon E5 4627 V4 Firmware Xeon E5 4628L V4 Firmware Xeon E5 4640 V3 Firmware Xeon E5 4640 V4 Firmware Xeon E5 4648 V3 Firmware Xeon E5 4650 V3 Firmware Xeon E5 4650 V4 Firmware Xeon E5 4655 V3 Firmware Xeon E5 4655 V4 Firmware Xeon E5 4660 V3 Firmware Xeon E5 4660 V4 Firmware Xeon E5 4667 V3 Firmware Xeon E5 4667 V4 Firmware Xeon E5 4669 V3 Firmware Xeon E5 4669 V4 Firmware
6.7
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.7 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 11, 2022 - 16:15 nvd
MEDIUM 6.7

DescriptionNVD

Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

AnalysisAI

Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-20. Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Affected products include: Intel Core I5-7640X Firmware, Intel Core I7-3820 Firmware, Intel Core I7-3920Xm Firmware, Intel Core I7-3930K Firmware, Intel Core I7-3940Xm Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2022-26006 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy