Sign-up

ID

VAR-202208-0712


CVE

CVE-2022-28697


TITLE

Intel's  Intel Standard Manageability  and  Intel Active Management Technology  Firmware vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2022-015166

DESCRIPTION

Improper access control in firmware for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Intel's Intel Standard Manageability and Intel Active Management Technology There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-28697 // JVNDB: JVNDB-2022-015166 // VULHUB: VHN-424626

AFFECTED PRODUCTS

vendor:intelmodel:active management technologyscope:eqversion:*

Trust: 1.0

vendor:intelmodel:standard manageabilityscope:eqversion:*

Trust: 1.0

vendor:インテルmodel:intel active management technologyscope: - version: -

Trust: 0.8

vendor:インテルmodel:intel standard manageabilityscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-015166 // NVD: CVE-2022-28697

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-28697
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-28697
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202208-2654
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2022-28697
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-28697
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-015166 // CNNVD: CNNVD-202208-2654 // NVD: CVE-2022-28697

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-015166 // NVD: CVE-2022-28697

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202208-2654

PATCH

title:Intel Active Management Technology Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=205043

Trust: 0.6

sources: CNNVD: CNNVD-202208-2654

EXTERNAL IDS

db:NVDid:CVE-2022-28697

Trust: 3.3

db:JVNid:JVNVU99494206

Trust: 0.8

db:JVNDBid:JVNDB-2022-015166

Trust: 0.8

db:CNNVDid:CNNVD-202208-2654

Trust: 0.7

db:AUSCERTid:ESB-2022.3939

Trust: 0.6

db:VULHUBid:VHN-424626

Trust: 0.1

sources: VULHUB: VHN-424626 // JVNDB: JVNDB-2022-015166 // CNNVD: CNNVD-202208-2654 // NVD: CVE-2022-28697

REFERENCES

url:https://security.netapp.com/advisory/ntap-20221014-0004/

Trust: 2.5

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00709.html

Trust: 2.5

url:https://jvn.jp/vu/jvnvu99494206/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-28697

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-28697/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3939

Trust: 0.6

sources: VULHUB: VHN-424626 // JVNDB: JVNDB-2022-015166 // CNNVD: CNNVD-202208-2654 // NVD: CVE-2022-28697

SOURCES

db:VULHUBid:VHN-424626
db:JVNDBid:JVNDB-2022-015166
db:CNNVDid:CNNVD-202208-2654
db:NVDid:CVE-2022-28697

LAST UPDATE DATE

2024-08-14T12:46:01.306000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-424626date:2022-11-07T00:00:00
db:JVNDBid:JVNDB-2022-015166date:2023-09-25T08:45:00
db:CNNVDid:CNNVD-202208-2654date:2022-10-17T00:00:00
db:NVDid:CVE-2022-28697date:2023-05-22T15:29:13.273

SOURCES RELEASE DATE

db:VULHUBid:VHN-424626date:2022-08-18T00:00:00
db:JVNDBid:JVNDB-2022-015166date:2023-09-25T00:00:00
db:CNNVDid:CNNVD-202208-2654date:2022-08-10T00:00:00
db:NVDid:CVE-2022-28697date:2022-08-18T21:15:08.467