CVE-2022-36348

Vulnerability

Active debug code present in Intel Server Platform Services (SPS) firmware versions prior to SPS_E5_04.04.04.300.0 may be leveraged by an authenticated user to escalate privileges. The debug code was inadvertently left active in production firmware builds, exposing functionality intended only for development or testing. This affects Intel SPS firmware for certain server platforms.

Exploitation

An attacker must have local access to the system and valid authentication credentials. With these prerequisites, the attacker can interact with the exposed debug interfaces to execute privileged operations. The exact steps are not publicly detailed, but the presence of active debug code implies that debug commands or backdoor-like functionality can be invoked.

Impact

Successful exploitation allows an authenticated local attacker to escalate their privileges, potentially gaining full control over the SPS firmware and the underlying platform. This could lead to compromise of system integrity, confidentiality, and availability, as SPS manages critical platform functions.

Mitigation

Intel has released firmware version SPS_E5_04.04.04.300.0 to address this issue. Users should update their Intel SPS firmware to this version or later. The advisory is documented in INTEL-SA-00718 [1]. No workarounds are provided; updating is the recommended mitigation.