CVE & CISA-KEV Catalog

CVE-2023-22327

MEDIUM
6.0
CVSS v3
NVD

Description

Out-of-bounds write in firmware for some Intel(R) FPGA products before version 2.8.1 may allow a privileged user to potentially enable information disclosure via local access.

How to fix

Remediation Available
agilex 7 fpga f-series 006 firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
agilex 7 fpga f-series 008 firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
agilex 7 fpga f-series 012 firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
agilex 7 fpga f-series 014 firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
agilex 7 fpga f-series 019 firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
agilex 7 fpga f-series 022 firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
agilex 7 fpga f-series 023 firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
agilex 7 fpga f-series 027 firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
agilex 7 fpga i-series 019 firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
agilex 7 fpga i-series 022 firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
agilex 7 fpga i-series 023 firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
agilex 7 fpga i-series 027 firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
agilex 7 fpga i-series 035 firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
agilex 7 fpga i-series 040 firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
agilex 7 fpga i-series 041 firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
agilex 7 fpga m-series 039 firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 dx 1100 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 dx 2100 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 dx 2800 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 gx 10m fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 gx 1100 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 gx 1650 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 gx 1660 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 gx 2100 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 gx 2110 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 gx 2500 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 gx 2800 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 gx 400 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 gx 650 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 gx 850 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 mx 1650 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 mx 2100 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 nx 2100 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 sx 1100 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 sx 1650 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 sx 2100 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 sx 2500 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 sx 2800 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 sx 400 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 sx 650 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 sx 850 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 tx 1100 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 tx 1650 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 tx 2100 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 tx 2500 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 tx 2800 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 tx 400 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD
stratix 10 tx 850 fpga firmwareNVD
Affected:< 2.8.1Fixed in:2.8.1CVE-2023-22327derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityNone

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Exploit Intelligence

0.23%probability of exploitation in 30 days
13thpercentile

Low risk: more likely to be exploited than 13% of all known CVEs.

References

Patch1

Related Vulnerabilities

Other CWE-787 (Out-of-bounds Write) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2025-22457Critical9.0100%KEV + RansomFix
CVE-2025-0282Critical9.0100%KEV + Ransom-
CVE-2015-3113Critical9.8100%KEVFix
CVE-2021-20038Critical9.8100%KEV + Ransom-
CVE-2023-4863High8.8100%KEVFix
CVE-2020-16040Medium6.5100%-Fix
Embed a live status badge for CVE-2023-22327
CVE-2023-22327 severity badge

Markdown

[![CVE-2023-22327](https://tridentstack.com/cve/badge/CVE-2023-22327.svg)](https://tridentstack.com/cve/CVE-2023-22327)

HTML

<a href="https://tridentstack.com/cve/CVE-2023-22327"><img src="https://tridentstack.com/cve/badge/CVE-2023-22327.svg" alt="CVE-2023-22327"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.