Back to search
CVE-2022-22445
Published: Jul 18, 2022
Modified: Sep 17, 2024
PUBLISHED
CVSS v3.0
7.6
HIGH
Description
An attacker that gains service access to the FSP (POWER9 only) or gains admin authority to a partition can compromise partition firmware.
| Vendor | Product | Versions |
|---|---|---|
IBM | PowerVM Hypervisor | affected FW1010affected FW950 |
CVSS v3.0 Details
CVSS v3.0 Vector
CVSS:3.0/PR:H/S:C/AV:N/A:L/UI:N/AC:L/I:H/C:N/E:U/RL:O/RC:C
Privileges Required
High
Scope
Changed
Attack Vector
Network
Availability
Low
User Interaction
None
Attack Complexity
Low
Integrity
High
Confidentiality
None
References
https://www.ibm.com/support/pages/node/6604071
x_refsource_CONFIRM
ibm-power9-cve202222445-sec-bypass (224546)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now