CVE-2023-22327

Out-of-bounds write in firmware for some Intel(R) FPGA products before version 2.8.1 may allow a privileged user to potentially enable information disclosure via local access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
intelCNA
6 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 26%
VendorProductVersion
intelagilex_7_fpga_f-series_006_firmware
𝑥
< 2.8.1
intelagilex_7_fpga_f-series_008_firmware
𝑥
< 2.8.1
intelagilex_7_fpga_f-series_012_firmware
𝑥
< 2.8.1
intelagilex_7_fpga_f-series_014_firmware
𝑥
< 2.8.1
intelagilex_7_fpga_f-series_019_firmware
𝑥
< 2.8.1
intelagilex_7_fpga_f-series_022_firmware
𝑥
< 2.8.1
intelagilex_7_fpga_f-series_023_firmware
𝑥
< 2.8.1
intelagilex_7_fpga_f-series_027_firmware
𝑥
< 2.8.1
intelagilex_7_fpga_i-series_019_firmware
𝑥
< 2.8.1
intelagilex_7_fpga_i-series_022_firmware
𝑥
< 2.8.1
intelagilex_7_fpga_i-series_023_firmware
𝑥
< 2.8.1
intelagilex_7_fpga_i-series_027_firmware
𝑥
< 2.8.1
intelagilex_7_fpga_i-series_035_firmware
𝑥
< 2.8.1
intelagilex_7_fpga_i-series_040_firmware
𝑥
< 2.8.1
intelagilex_7_fpga_i-series_041_firmware
𝑥
< 2.8.1
intelagilex_7_fpga_m-series_039_firmware
𝑥
< 2.8.1
intelstratix_10_dx_1100_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_dx_2100_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_dx_2800_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_gx_10m_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_gx_1100_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_gx_1650_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_gx_1660_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_gx_2100_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_gx_2110_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_gx_2500_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_gx_2800_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_gx_400_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_gx_650_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_gx_850_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_mx_1650_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_mx_2100_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_nx_2100_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_sx_1100_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_sx_1650_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_sx_2100_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_sx_2500_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_sx_2800_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_sx_400_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_sx_650_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_sx_850_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_tx_1100_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_tx_1650_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_tx_2100_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_tx_2500_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_tx_2800_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_tx_400_fpga_firmware
𝑥
< 2.8.1
intelstratix_10_tx_850_fpga_firmware
𝑥
< 2.8.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00957.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00957.html