Vulnerability-Lookup

FKIE_CVE-2023-42772

Vulnerability from fkie_nvd - Published: 2024-09-16 17:15 - Updated: 2026-06-17 06:24

Severity

8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Untrusted pointer dereference in UEFI firmware for some Intel(R) reference processors may allow a privileged user to potentially enable escalation of privilege via local access.

References

	URL	Tags
	secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01071.html
	af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20241011-0009/

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "defaultStatus": "unaffected",
          "product": "UEFI firmware for some Intel(R) reference processors",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "source": "secure@intel.com"
    },
    {
      "affectedData": [
        {
          "cpes": [
            "cpe:2.3:o:intel:core_i9-10900x_x-series_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:core_i9-10920x_x-series_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:core_i9-10940x_x-series_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-1603_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-1607_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-1620_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-1620_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-1630_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-1630_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-1650_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-1650_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-1660_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-1660_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-1680_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-1680_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2603_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2603_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2609_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2609_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2620_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2620_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2623_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2623_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2630_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2630_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2637_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2637_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2640_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2640_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2643_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2643_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2650_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2650_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2658_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2658_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2660_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2660_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2667_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2667_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2670_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2679_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2680_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2680_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2683_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2683_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2689_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2690_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2690_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2695_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2695_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2697_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2697_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2698_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2698_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2699_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-2699_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4610_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4610_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4620_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4620_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4627_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4627_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4640_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4640_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4648_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4650_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4650_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4655_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4660_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4660_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4667_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4667_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4669_v3_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_e5-4669_v4_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1513n_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1518_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1520_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1521_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1523n_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1527_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1528_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1529_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1531_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1533n_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1537_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1539_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1540_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1541_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1548_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1553n_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1557_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1559_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1567_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1571_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_processor_d-1577_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-1581_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-1587_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-1602_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-1612_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-1622_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-1627_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-1632_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-1637_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-1702_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-1714_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-1726_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-1736_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-1739_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-2191_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-2738_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-2779_firmware:-:*:*:*:*:*:*:*",
            "cpe:2.3:o:intel:xeon_d-2799_firmware:-:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unknown",
          "product": "xeon_d-2799_firmware",
          "vendor": "intel",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Untrusted pointer dereference in UEFI firmware for some Intel(R) reference processors may allow a privileged user to potentially enable escalation of privilege via local access."
    },
    {
      "lang": "es",
      "value": "La desreferencia de puntero no confiable en el firmware UEFI para algunos procesadores de referencia Intel(R) puede permitir que un usuario privilegiado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local."
    }
  ],
  "id": "CVE-2023-42772",
  "lastModified": "2026-06-17T06:24:28.477",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "secure@intel.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "PRESENT",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "HIGH",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "HIGH",
          "subConfidentialityImpact": "HIGH",
          "subIntegrityImpact": "HIGH",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "secure@intel.com",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2023-42772",
          "options": [
            {
              "exploitation": "none"
            },
            {
              "automatable": "no"
            },
            {
              "technicalImpact": "total"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2024-09-16T20:21:50.697442Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2024-09-16T17:15:59.993",
  "references": [
    {
      "source": "secure@intel.com",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01071.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.netapp.com/advisory/ntap-20241011-0009/"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-822"
        }
      ],
      "source": "secure@intel.com",
      "type": "Secondary"
    }
  ]
}

CVE-2023-42772 (GCVE-0-2023-42772)

Vulnerability from cvelistv5 – Published: 2024-09-16 16:38 – Updated: 2025-11-03 21:49

Summary

Untrusted pointer dereference in UEFI firmware for some Intel(R) reference processors may allow a privileged user to potentially enable escalation of privilege via local access.

Severity

8.2 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

escalation of privilege
CWE-822 - Untrusted pointer dereference

Assigner

intel

References

2 references

URL	Tags
https://www.intel.com/content/www/us/en/security-…
https://security.netapp.com/advisory/ntap-2024101…

Impacted products

2 products

Vendor	Product	Version
n/a	UEFI firmware for some Intel(R) reference processors	Affected: See references
intel	xeon_d-2799_firmware	Affected: 0 , < * (custom) cpe:2.3:o:intel:core_i9-10900x_x-series_firmware:-:::::::* cpe:2.3:o:intel:core_i9-10920x_x-series_firmware:-:::::::* cpe:2.3:o:intel:core_i9-10940x_x-series_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-1603_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-1607_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-1620_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-1620_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-1630_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-1630_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-1650_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-1650_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-1660_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-1660_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-1680_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-1680_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2603_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2603_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2609_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2609_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2620_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2620_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2623_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2623_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2630_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2630_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2637_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2637_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2640_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2640_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2643_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2643_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2650_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2650_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2658_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2658_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2660_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2660_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2667_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2667_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2670_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2679_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2680_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2680_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2683_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2683_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2689_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2690_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2690_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2695_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2695_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2697_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2697_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2698_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2698_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2699_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-2699_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4610_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4610_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4620_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4620_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4627_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4627_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4640_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4640_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4648_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4650_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4650_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4655_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4660_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4660_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4667_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4667_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4669_v3_firmware:-:::::::* cpe:2.3:o:intel:xeon_e5-4669_v4_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1513n_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1518_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1520_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1521_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1523n_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1527_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1528_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1529_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1531_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1533n_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1537_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1539_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1540_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1541_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1548_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1553n_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1557_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1559_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1567_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1571_firmware:-:::::::* cpe:2.3:o:intel:xeon_processor_d-1577_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-1581_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-1587_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-1602_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-1612_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-1622_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-1627_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-1632_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-1637_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-1702_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-1714_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-1726_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-1736_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-1739_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-2191_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-2738_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-2779_firmware:-:::::::* cpe:2.3:o:intel:xeon_d-2799_firmware:-:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:intel:core_i9-10900x_x-series_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:core_i9-10920x_x-series_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:core_i9-10940x_x-series_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-1603_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-1607_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-1620_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-1620_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-1630_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-1630_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-1650_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-1650_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-1660_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-1660_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-1680_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-1680_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2603_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2603_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2609_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2609_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2620_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2620_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2623_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2623_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2630_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2630_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2637_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2637_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2640_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2640_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2643_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2643_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2650_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2650_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2658_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2658_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2660_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2660_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2667_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2667_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2670_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2679_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2680_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2680_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2683_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2683_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2689_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2690_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2690_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2695_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2695_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2697_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2697_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2698_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2698_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2699_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-2699_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4610_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4610_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4620_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4620_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4627_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4627_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4640_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4640_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4648_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4650_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4650_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4655_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4660_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4660_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4667_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4667_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4669_v3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e5-4669_v4_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1513n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1518_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1520_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1521_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1523n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1527_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1528_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1529_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1531_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1533n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1537_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1539_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1540_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1541_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1548_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1553n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1557_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1559_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1567_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1571_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_processor_d-1577_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1581_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1587_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1602_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1612_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1622_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1627_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1632_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1637_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1702_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1714_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1726_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1736_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1739_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2191_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2738_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2779_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2799_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "xeon_d-2799_firmware",
            "vendor": "intel",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-42772",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-16T20:21:50.697442Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-17T20:56:46.886Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T21:49:35.298Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20241011-0009/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "UEFI firmware for some Intel(R) reference processors",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Untrusted pointer dereference in UEFI firmware for some Intel(R) reference processors may allow a privileged user to potentially enable escalation of privilege via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "escalation of privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-822",
              "description": "Untrusted pointer dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-16T16:38:42.667Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01071.html",
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01071.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2023-42772",
    "datePublished": "2024-09-16T16:38:42.667Z",
    "dateReserved": "2023-10-25T03:00:09.570Z",
    "dateUpdated": "2025-11-03T21:49:35.298Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2023-42772

CVE-2023-42772 (GCVE-0-2023-42772)

Tags

Sightings

Nomenclature