CVE-2022-38102

Vulnerability

Improper input validation in firmware for some Intel(R) Converged Security and Management Engine (CSME) before versions 15.0.45 and 16.1.27 may allow a privileged user to potentially enable denial of service via local access [1]. The vulnerability resides in input validation routines that fail to properly sanitize data, leading to an exploitable condition under local access with high privileges.

Exploitation

An attacker must have local access to the affected system and possess elevated privileges, such as administrator or system-level rights. No user interaction beyond authentication is required, and no network attack vector is involved. The attacker can trigger the flaw by sending specially crafted input to the vulnerable firmware interface, causing the system to enter an unstable state.

Impact

Successful exploitation leads to a denial of service (DoS) condition, disrupting the normal operation of the Intel CSME and potentially the host system. The attack does not result in information disclosure, privilege escalation, or code execution; it solely impacts availability. The scope is limited to the affected Intel CSME firmware versions.

Mitigation

Intel has released updated firmware versions 15.0.45 and 16.1.27 to address this vulnerability [1]. Users and system administrators should update their Intel CSME firmware to the latest versions provided by their hardware vendor. No known public exploit or inclusion in CISA's KEV as of the publication date.