Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-5700

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-11 Oct, 2017 | 00:00
Updated At-16 Sep, 2024 | 23:56
Rejected At-
Credits

Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator and User passwords via access to password storage.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:11 Oct, 2017 | 00:00
Updated At:16 Sep, 2024 | 23:56
Rejected At:
â–¼CVE Numbering Authority (CNA)

Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator and User passwords via access to password storage.

Affected Products
Vendor
Intel CorporationIntel Corporation
Product
NUC Kits
Versions
Affected
  • BN0049 and below
Problem Types
TypeCWE IDDescription
textN/AElevation of Privilege
Type: text
CWE ID: N/A
Description: Elevation of Privilege
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr
x_refsource_CONFIRM
http://www.securityfocus.com/bid/101241
vdb-entry
x_refsource_BID
Hyperlink: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/101241
Resource:
vdb-entry
x_refsource_BID
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/101241
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/101241
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:11 Oct, 2017 | 00:29
Updated At:20 Apr, 2025 | 01:37

Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator and User passwords via access to password storage.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.08.4HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.0
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Intel Corporation
intel
>>nuc7i7bnh_firmware>>ayaplcel.86a.0041
cpe:2.3:o:intel:nuc7i7bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i7bnh_firmware>>bnkbl357.86a.0052
cpe:2.3:o:intel:nuc7i7bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i7bnh_firmware>>ccsklm5v.86a.0052
cpe:2.3:o:intel:nuc7i7bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i7bnh_firmware>>ccsklm30.86a.0052
cpe:2.3:o:intel:nuc7i7bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i7bnh_firmware>>dnkbli5v.86a.0026
cpe:2.3:o:intel:nuc7i7bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i7bnh_firmware>>dnkbli30.86a.0026
cpe:2.3:o:intel:nuc7i7bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i7bnh_firmware>>kyskli70.86a.0050
cpe:2.3:o:intel:nuc7i7bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i7bnh_firmware>>rybdwi35.86a.0366
cpe:2.3:o:intel:nuc7i7bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i7bnh_firmware>>syskli35.86a.0062
cpe:2.3:o:intel:nuc7i7bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i7bnh_firmware>>tybyt20h.86a.0015
cpe:2.3:o:intel:nuc7i7bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i7bnh>>-
cpe:2.3:h:intel:nuc7i7bnh:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnh_firmware>>ayaplcel.86a.0041
cpe:2.3:o:intel:nuc7i5bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnh_firmware>>bnkbl357.86a.0052
cpe:2.3:o:intel:nuc7i5bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnh_firmware>>ccsklm5v.86a.0052
cpe:2.3:o:intel:nuc7i5bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnh_firmware>>ccsklm30.86a.0052
cpe:2.3:o:intel:nuc7i5bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnh_firmware>>dnkbli5v.86a.0026
cpe:2.3:o:intel:nuc7i5bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnh_firmware>>dnkbli30.86a.0026
cpe:2.3:o:intel:nuc7i5bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnh_firmware>>kyskli70.86a.0050
cpe:2.3:o:intel:nuc7i5bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnh_firmware>>rybdwi35.86a.0366
cpe:2.3:o:intel:nuc7i5bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnh_firmware>>syskli35.86a.0062
cpe:2.3:o:intel:nuc7i5bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnh_firmware>>tybyt20h.86a.0015
cpe:2.3:o:intel:nuc7i5bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnh>>-
cpe:2.3:h:intel:nuc7i5bnh:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnk_firmware>>ayaplcel.86a.0041
cpe:2.3:o:intel:nuc7i5bnk_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnk_firmware>>bnkbl357.86a.0052
cpe:2.3:o:intel:nuc7i5bnk_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnk_firmware>>ccsklm5v.86a.0052
cpe:2.3:o:intel:nuc7i5bnk_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnk_firmware>>ccsklm30.86a.0052
cpe:2.3:o:intel:nuc7i5bnk_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnk_firmware>>dnkbli5v.86a.0026
cpe:2.3:o:intel:nuc7i5bnk_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnk_firmware>>dnkbli30.86a.0026
cpe:2.3:o:intel:nuc7i5bnk_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnk_firmware>>kyskli70.86a.0050
cpe:2.3:o:intel:nuc7i5bnk_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnk_firmware>>rybdwi35.86a.0366
cpe:2.3:o:intel:nuc7i5bnk_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnk_firmware>>syskli35.86a.0062
cpe:2.3:o:intel:nuc7i5bnk_firmware:syskli35.86a.0062:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnk_firmware>>tybyt20h.86a.0015
cpe:2.3:o:intel:nuc7i5bnk_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5bnk>>-
cpe:2.3:h:intel:nuc7i5bnk:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnh_firmware>>ayaplcel.86a.0041
cpe:2.3:o:intel:nuc7i3bnh_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnh_firmware>>bnkbl357.86a.0052
cpe:2.3:o:intel:nuc7i3bnh_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnh_firmware>>ccsklm5v.86a.0052
cpe:2.3:o:intel:nuc7i3bnh_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnh_firmware>>ccsklm30.86a.0052
cpe:2.3:o:intel:nuc7i3bnh_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnh_firmware>>dnkbli5v.86a.0026
cpe:2.3:o:intel:nuc7i3bnh_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnh_firmware>>dnkbli30.86a.0026
cpe:2.3:o:intel:nuc7i3bnh_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnh_firmware>>kyskli70.86a.0050
cpe:2.3:o:intel:nuc7i3bnh_firmware:kyskli70.86a.0050:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnh_firmware>>rybdwi35.86a.0366
cpe:2.3:o:intel:nuc7i3bnh_firmware:rybdwi35.86a.0366:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnh_firmware>>syskli35.86a.0062
cpe:2.3:o:intel:nuc7i3bnh_firmware:syskli35.86a.0062:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnh_firmware>>tybyt20h.86a.0015
cpe:2.3:o:intel:nuc7i3bnh_firmware:tybyt20h.86a.0015:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnh>>-
cpe:2.3:h:intel:nuc7i3bnh:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnk_firmware>>ayaplcel.86a.0041
cpe:2.3:o:intel:nuc7i3bnk_firmware:ayaplcel.86a.0041:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnk_firmware>>bnkbl357.86a.0052
cpe:2.3:o:intel:nuc7i3bnk_firmware:bnkbl357.86a.0052:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnk_firmware>>ccsklm5v.86a.0052
cpe:2.3:o:intel:nuc7i3bnk_firmware:ccsklm5v.86a.0052:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnk_firmware>>ccsklm30.86a.0052
cpe:2.3:o:intel:nuc7i3bnk_firmware:ccsklm30.86a.0052:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnk_firmware>>dnkbli5v.86a.0026
cpe:2.3:o:intel:nuc7i3bnk_firmware:dnkbli5v.86a.0026:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3bnk_firmware>>dnkbli30.86a.0026
cpe:2.3:o:intel:nuc7i3bnk_firmware:dnkbli30.86a.0026:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-522Primarynvd@nist.gov
CWE ID: CWE-522
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/101241secure@intel.com
Third Party Advisory
VDB Entry
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-frsecure@intel.com
Patch
Third Party Advisory
http://www.securityfocus.com/bid/101241af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fraf854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/101241
Source: secure@intel.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr
Source: secure@intel.com
Resource:
Patch
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/101241
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00084&languageid=en-fr
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

114Records found
CVE-2006-6385
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.29% / 52.79%
||
7 Day CHG~0.00%
Published-08 Dec, 2006 | 01:00
Updated-07 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with "kernel-level" privileges via an incorrect function call in certain OID handlers.

Action-Not Available
Vendor-n/aIntel Corporation
Product-pro_10gbe_adapterspro_1000_pcie_adapterspro_10_100_adapterspro_1000_adaptersn/a
CVE-2017-5710
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.24%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector.

Action-Not Available
Vendor-Intel Corporation
Product-trusted_execution_engine_firmwareTrusted Execution Engine
CVE-2017-5706
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.67%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-server_platform_services_firmwareServer Platform Services
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5709
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.54%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unauthorized process to access privileged content via unspecified vector.

Action-Not Available
Vendor-Intel Corporation
Product-server_platform_services_firmwareServer Platform Services
CVE-2017-5705
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 30.59%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-manageability_engine_firmwareManageability Engine
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5707
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 30.87%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-trusted_execution_engine_firmwareTrusted Execution Engine
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5727
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.96%
||
7 Day CHG~0.00%
Published-02 Feb, 2018 | 15:00
Updated-17 Sep, 2024 | 02:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pointer dereference in subsystem in Intel Graphics Driver 15.40.x.x, 15.45.x.x, 15.46.x.x allows unprivileged user to elevate privileges via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel Graphics Driver
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-5688
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 22.10%
||
7 Day CHG~0.00%
Published-31 May, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an escalation of privilege vulnerability in the Intel Solid State Drive Toolbox versions before 3.4.5 which allow a local administrative attacker to load and execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-solid_state_drive_toolboxSolid State Drive Toolbox
CVE-2017-5711
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.39%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)Siemens AGIntel Corporation
Product-rog_strix_z270g_gaming_firmwareh110-plus_firmwareh170m-plus\/brsimatic_ipc627dprime_h110m-ptuf_z270_mark_2rog_strix_z270h_gaming\/k1prime_j3355i-cb150i_pro_gaming\/aurasimatic_ipc827ch110m-a\/dp_firmwaresimatic_ipc477d_firmwareq170t_firmwareb250m-f_plush110m-ksh110m-a_d3ex-b150m-v5rog_strix_b250i_gaming_firmwareh170_pro_gamingsimotion_p320-4strooper_b150_d3_firmwareh110s2b150m-dtuf_z370-plus_gaming_firmwareh110m-ts_firmwaresimatic_ipc647d_firmwareb150-asimatic_ipc477db150m-plus_d3_firmwarerog_maximus_viii_hero_firmwarerog_strix_z270f_gamingrog_maximus_viii_ranger_firmwareb150m-v_plus_firmwareprime_q270m-ch110-plush110s2_firmwareh110m-e_firmwareprime_h110m2\/fpt_firmwaresabertooth_z170_mark_1h110m-c\/hdmi_firmwaresinumerik_pcu50.5-p_firmwaretuf_z370-pro_gaming_firmwarerog_maximus_viii_hero_alpha_firmwarerog_maximus_ix_hero_firmwarez170-krog_strix_b250g_gaming_firmwarerog_strix_z370-f_gamingb150m-ah110m-aex-b250m-v5z170-prosimatic_ipc477eb150m-k_d3prime_h110m2_firmwarerog_maximus_viii_formulaprime_b250m-dsimatic_field_pg_m3_firmwarerog_maximus_ix_extremesimatic_ipc677cb150m-k_firmwareq170s1_firmwareex-b150m-v3_firmwareprime_b250m-jb150m-a_d3_firmwarez170m-e_d3z170-k_firmwarepio-b150m_firmwarerog_strix_h270i_gaming_firmwareh170m-plush110m-ks_r1_firmwareex-b250-v7b150m-plusz170-ar_firmwareh110m-plusb150m-v_plush110m-kex-b150-v7_firmwareh110m-a_d3_firmwarerog_strix_b250h_gaming_firmwareh110m-c\/br_firmwarez170m-plus\/brprime_h270-plus_firmwareprime_h110m2\/fptprime_z270m-plus\/br_firmwareh110t-a_firmwareh110i-plus_firmwaresimatic_ipc627d_firmwaresimatic_field_pg_m3prime_z270-kh170i-pro_firmwaresimatic_field_pg_m4simatic_ipc627ch170i-prob150m-plus_d3z170-premium_firmwaresabertooth_z170_mark_1_firmwareb150m-f_plush170m-e_d3z170-eb150-pro_firmwarepio-b150mrog_maximus_ix_codeprime_b250-plus_firmwareh110m-c_firmwarerog_maximus_x_hero_firmwaresimatic_itp1000simatic_ipc427d_firmwareh110m-e\/m.2_firmwareprime_h110m2rog_maximus_x_formularog_maximus_x_formula_firmwareh110m-d\/exper\/sib150_pro_gaming\/aura_firmwaremanageability_engine_firmwarerog_maximus_ix_herorog_strix_z270i_gamingh170-plus_d3_firmwareex-b150m-v_firmwareq170m-cm-brog_strix_z370-g_gamingprime_z270-arb150-pro_d3rog_strix_z270h_gamingh110m-cs\/br_firmwarerog_strix_z370-i_gamingrog_strix_z370-h_gaming_firmwareh110m-d_firmwaresabertooth_z170_sb150_pro_gamingh110m-a\/m.2q270m-cm-asimatic_ipc847c_firmwareh110m-rh170-pro\/usb_3.1_firmwareq170m2_firmwareb150m-kprime_z270m-plus_firmwareh110m-a_firmwareex-h110m-v3_firmwareh110m-k_x_firmwarez170m-e_d3_firmwareh170_pro_gaming_firmwareb150m-k_d3_firmwarerog_strix_z270f_gaming_firmwarerog_strix_b250f_gamingh110m-cs\/brq170s1ex-b250-v7_firmwaresabertooth_z170_s_firmwarerog_strix_b250h_gamingh110m-d\/exper\/si_firmwareex-b150m-v5_firmwareprime_b250m-d_firmwareh110m-p\/dvib150i_pro_gaming\/aura_firmwaresimatic_ipc647db150m-f_plus_firmwareh110m-ks_r1h110m-c\/ps_firmwareb150-proprime_h270-proex-h110m-v_firmwareex-b250m-v3rog_strix_z270g_gamingrog_maximus_ix_formula_firmwarerog_maximus_viii_gene_firmwareprime_z270-p_firmwareex-h110m-v3h110m-c2\/tf_firmwarez170-p_firmwareq270-sactive_management_technology_firmwaresimatic_ipc427e_firmwarez170m-plustrooper_h110_d3z170-deluxe_firmwaresimatic_ipc547d_firmwaresimatic_ipc847cprime_q270m-c_firmwaresimatic_ipc547dh170m-plus_firmwareb250_mining_expert_firmwarerog_strix_h270i_gamingrog_strix_z270h_gaming\/k1_firmwareprime_z370-pz170-e_firmwarerog_maximus_viii_extreme_firmwareb250_mining_expertb150m-a_d3simatic_ipc677dh110m-c2prime_b250m-a_firmwaresimatic_ipc627c_firmwareprime_b250m-plus\/br_firmwarez170-ah110m-k_firmwaretuf_z270_mark_1_firmwareb150_pro_gaming_d3q170m-c_firmwarez170_pro_gaming\/auraex-b250m-vh110m-a\/m.2_firmwareb150m-d_firmwarerog_strix_b250f_gaming_firmwareprime_z370-a_firmwaresinumerik_pcu50.5-crog_maximus_x_code_firmwarerog_maximus_viii_impactsimatic_ipc827d_firmwareprime_b250m-plus_firmwarez170-deluxeb150m-cprime_b250m-plush110m-cs_xb150-pro_d3_firmwareprime_b250-proz170-a_firmwareb150_pro_gaming_d3_firmwareb150-plusprime_z270-a_firmwareprime_z270-k_firmwareh110m-c\/hdmisimatic_itp1000_firmwareprime_b250-a_firmwareprime_b250-arog_maximus_viii_geneh110t-aex-b250m-v5_firmwaresimatic_ipc647c_firmwareb150-a_firmwaresimatic_ipc427drog_maximus_viii_impact_firmwareq170th110m-r_firmwareh110m-crog_maximus_ix_apex_firmwareprime_z270-ar_firmwarez170_pro_gaming\/aura_firmwareh110m-fprime_b250m-k_firmwareprime_b250m-j_firmwarerog_strix_z370-e_gamingprime_b250m-c_firmwarerog_strix_z270i_gaming_firmwareprime_b250m-ah110m-p\/dvi_firmwareb150m-a_firmwareh170-plus_d3h110m-c\/brrog_strix_b250g_gamingb250-srog_maximus_ix_extreme_firmwareprime_z270m-plusb150_pro_gaming_firmwareex-b150-v7prime_j3355i-c_firmwareb150m-c_d3_firmwaresimatic_ipc427eprime_b250-pro_firmwareh110tq170m2\/cdm\/sib150m-a\/m.2z170_pro_gaming_firmwarerog_strix_z270e_gaming_firmwareb150m-c_firmwarerog_strix_z370-e_gaming_firmwareb150_pro_gaming\/auraq170m2prime_b250m-kprime_z370-aex-h110m-vh110m-dq170t_v2b150m-plus_firmwaresimatic_ipc647csinumerik_pcu50.5-c_firmwareb150m-a\/m.2_firmwareprime_h110m-p_firmwarez170-pro_firmwaresimatic_ipc847dh110m-k_d3z170-premiumex-b250m-v_firmwarerog_strix_z370-g_gaming_firmwareh110i-plussimatic_ipc477d_pro_firmwareb250m-f_plus_firmwarerog_maximus_viii_rangerh110m-plus_firmwareh110m-f_firmwareex-b150m-vtrooper_h110_d3_firmwarerog_maximus_x_apex_firmwarez170i_pro_gamingsimatic_field_pg_m5_firmwaretrooper_b150_d3simatic_ipc677d_firmwarerog_maximus_ix_apexh110m-a\/dpb150m-c\/brrog_strix_z370-i_gaming_firmwareh170-pro_firmwareb150i_pro_gaming\/wifi\/aura_firmwareh110m-erog_maximus_x_heroh110m-cs_firmwareh110m-cssimatic_field_pg_m4_firmwareh110m-cs_x_firmwareb150m-c_d3rog_maximus_viii_extremeh110s1_firmwaretuf_z270_mark_1z170m-plus\/br_firmwareex-b150m-v3prime_z270-pb150-plus_firmwareprime_z370-p_firmwareq170m2\/cdm\/si_firmwarerog_maximus_ix_formulatuf_z370-pro_gamingh170m-e_d3_firmwareb250m-c_prorog_strix_b250i_gamingrog_strix_z370-h_gamingprime_z270m-plus\/brh110m-ks_firmwareb250-mr_firmwareq170m-cm-b_firmwaresimatic_ipc477e_firmwarerog_strix_h270f_gamingrog_strix_z370-f_gaming_firmwareh110s1prime_h270m-plusz170-p_d3prime_b250m-cz170i_pro_gaming_firmwarerog_maximus_viii_heroh110m-tssimatic_ipc477d_propio-b250i_firmwareq170t_v2_firmwareprime_h270m-plus_firmwareb150m-c\/br_firmwareq170m-crog_maximus_x_codetuf_z370-plus_gamingb250-mrh170-prosimatic_ipc547erog_maximus_viii_formula_firmwareb250m-c_pro_firmwarerog_strix_h270f_gaming_firmwareh170-pro\/usb_3.1z170-p_d3_firmwarerog_maximus_x_apexpio-b250ib150m_pro_gaming_firmwarez170m-plus_firmwaresimatic_ipc547e_firmwaresimatic_ipc827dh110m-c\/psh110m-k_d3_firmwarerog_maximus_viii_hero_alphasimatic_field_pg_m5b150i_pro_gaming\/wifi\/aurarog_strix_z270h_gaming_firmwarerog_maximus_ix_code_firmwareprime_h270-pro_firmwareb150m_pro_gamingh110m-c2\/tfq270m-cm-a_firmwareh110m-c2_firmwarerog_strix_z270e_gamingtuf_z270_mark_2_firmwaresimatic_ipc677c_firmwareprime_b250m-plus\/brq270-s_firmwareh110t_firmwareex-b250m-v3_firmwarez170-ph110m-e\/m.2z170-arh110m-k_xsinumerik_pcu50.5-pb250-s_firmwareprime_z270-asimotion_p320-4s_firmwareprime_b250-plusprime_h270-plussimatic_ipc847d_firmwareh170m-plus\/br_firmwarez170_pro_gamingsimatic_ipc827c_firmwareActive Management Technology
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5736
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.05% / 14.27%
||
7 Day CHG~0.00%
Published-20 Mar, 2018 | 20:00
Updated-16 Sep, 2024 | 23:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege in Intel Software Guard Extensions Platform Software Component before 1.9.105.42329 allows a local attacker to execute arbitrary code as administrator.

Action-Not Available
Vendor-Intel Corporation
Product-software_guard_extensions_platform_software_componentSoftware Guard Extensions Platform Software Component
CWE ID-CWE-269
Improper Privilege Management
CVE-2017-5683
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.47%
||
7 Day CHG~0.00%
Published-04 Apr, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Privilege escalation in IntelHAXM.sys driver in the Intel Hardware Accelerated Execution Manager before version 6.0.6 allows a local user to gain system level access.

Action-Not Available
Vendor-Intel Corporation
Product-hardware_accelerated_execution_managerIntel Hardware Accelerated Execution Manager
CVE-2021-0188
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.86%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:36
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Return of pointer value outside of expected range in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_e3-1565l_v5xeon_e3-1235l_v5_firmwarexeon_e3-1260l_v5_firmwarexeon_e3-1240l_v5xeon_e3-1575m_v5xeon_e3-1240_v6_firmwarexeon_e3-1220_v5xeon_e3-1505m_v5_firmwarexeon_e3-1578l_v5_firmwarexeon_e3-1268l_v5xeon_e3-1230_v6xeon_e3-1285_v6_firmwarexeon_e3-1501l_v6xeon_e3-1505m_v5xeon_e3-1220_v5_firmwarexeon_e3-1240_v5xeon_e3-1585l_v5_firmwarexeon_e3-1585_v5xeon_e3-1535m_v6xeon_e3-1535m_v6_firmwarexeon_e3-1585_v5_firmwarexeon_e3-1220_v6xeon_e3-1240_v6xeon_e3-1230_v5xeon_e3-1240_v5_firmwarexeon_e3-1501m_v6xeon_e3-1220_v6_firmwarexeon_e3-1545m_v5_firmwarexeon_e3-1275_v5_firmwarexeon_e3-1585l_v5xeon_e3-1535m_v5_firmwarexeon_e3-1505l_v5_firmwarexeon_e3-1245_v5xeon_e3-1501m_v6_firmwarexeon_e3-1275_v5xeon_e3-1280_v5_firmwarexeon_e3-1505l_v6xeon_e3-1225_v6xeon_e3-1280_v6xeon_e3-1558l_v5_firmwarexeon_e3-1280_v5xeon_e3-1285_v6xeon_e3-1505l_v6_firmwarexeon_e3-1235l_v5xeon_e3-1225_v5_firmwarexeon_e3-1245_v6_firmwarexeon_e3-1230_v6_firmwarexeon_e3-1565l_v5_firmwarexeon_e3-1275_v6xeon_e3-1225_v6_firmwarexeon_e3-1270_v6xeon_e3-1275_v6_firmwarexeon_e3-1545m_v5xeon_e3-1515m_v5_firmwarexeon_e3-1505m_v6xeon_e3-1230_v5_firmwarexeon_e3-1270_v5_firmwarexeon_e3-1535m_v5xeon_e3-1578l_v5xeon_e3-1245_v6xeon_e3-1505m_v6_firmwarexeon_e3-1505l_v5xeon_e3-1240l_v5_firmwarexeon_e3-1501l_v6_firmwarexeon_e3-1260l_v5xeon_e3-1280_v6_firmwarexeon_e3-1268l_v5_firmwarexeon_e3-1575m_v5_firmwarexeon_e3-1225_v5xeon_e3-1270_v5xeon_e3-1515m_v5xeon_e3-1558l_v5xeon_e3-1270_v6_firmwarexeon_e3-1245_v5_firmwareIntel(R) Processors
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2000-0516
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.40% / 60.59%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When configured to store configuration information in an LDAP directory, Shiva Access Manager 5.0.0 stores the root DN (Distinguished Name) name and password in cleartext in a file that is world readable, which allows local users to compromise the LDAP server.

Action-Not Available
Vendor-n/aIntel Corporation
Product-shiva_access_managern/a
CVE-2016-8102
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.49%
||
7 Day CHG~0.00%
Published-08 Dec, 2016 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted service path vulnerability in Intel Wireless Bluetooth Drivers 16.x, 17.x, and before 18.1.1607.3129 allows local users to launch processes with elevated privileges.

Action-Not Available
Vendor-Intel Corporation
Product-wireless_bluetooth_driversIntel Wireless Bluetooth Drivers
CVE-2016-8101
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.19%
||
7 Day CHG~0.00%
Published-10 Oct, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The updater subsystem in Intel SSD Toolbox before 3.3.7 allows local users to gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aIntel Corporation
Product-solid-state_drive_toolboxn/a
CVE-2009-4419
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.15%
||
7 Day CHG~0.00%
Published-24 Dec, 2009 | 17:00
Updated-07 Aug, 2024 | 07:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the SINIT Authenticated Code Module (ACM), which allows local users to bypass the Trusted Execution Technology protection mechanism and gain privileges by modifying the MCHBAR register to point to an attacker-controlled region, which prevents the SENTER instruction from properly applying VT-d protection while an MLE is being loaded.

Action-Not Available
Vendor-n/aIntel Corporation
Product-gm45_chipsetq43_express_chipsetpm45_express_chipsetq35_chipsetq45_chipsetn/a
CWE ID-CWE-16
Not Available
CVE-2018-12147
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 13.63%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-05 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of privileges via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_platform_services_firmwareconverged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) CSME Assets Advisory
CWE ID-CWE-20
Improper Input Validation
CVE-2018-12173
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.6||HIGH
EPSS-0.04% / 12.58%
||
7 Day CHG~0.00%
Published-10 Oct, 2018 | 18:00
Updated-16 Sep, 2024 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.

Action-Not Available
Vendor-Intel Corporation
Product-server_system_r1000wf_firmwareserver_board_s2600wfrserver_system_r1000wfrserver_board_s2600bpr_firmwareserver_board_s2600bprcompute_module_hns2600bprserver_system_h2000gr_firmwarecompute_module_hns2600bp_firmwareserver_system_r1000wfr_firmwareserver_board_s2600st_firmwarecompute_module_hns2600bpserver_system_h2000g_firmwareserver_system_h2000grserver_system_r2000wfrserver_system_r2000wf_firmwareserver_system_h2000gserver_board_s2600bpserver_system_r2000wfserver_system_r1000wfcompute_module_hns2600bpr_firmwareserver_board_s2600wfserver_board_s2600bp_firmwareserver_board_s2600wf_firmwareserver_board_s2600wfr_firmwareserver_board_s2600stserver_board_s2600str_firmwareserver_system_r2000wfr_firmwareserver_board_s2600strIntel Server Boards Firmware
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-12203
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.17% / 38.17%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-16 Sep, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service vulnerability in Platform Sample/ Silicon Reference firmware for 8th Generation Intel Core Processor, 7th Generation Intel Core Processor may allow privileged user to potentially execute arbitrary code via local access.

Action-Not Available
Vendor-Intel Corporation
Product-core_i5platform_sample_firmwaresilicon_reference_firmwarecore_i7core_i3Intel Platform Sample / Silicon Reference firmware
CVE-2015-2291
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-5.61% / 90.34%
||
7 Day CHG+0.75%
Published-09 Aug, 2017 | 18:00
Updated-22 Oct, 2025 | 00:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-03-03||Apply updates per vendor instructions.

(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-windowsethernet_diagnostics_driver_iqvw64.sysethernet_diagnostics_driver_iqvw32.sysn/aEthernet Diagnostics Driver for Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11170
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.30%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:36
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Authentication bypass in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hpcr1304wftysrbbs2600bpbhns2600bpb24rhpcr2208wf0zsrr1304wftysrhpcr2208wftzsrr2208wftzsrr2208wf0zsrr1208wftysr1304wf0ysr2224wfqzshns2600bpqbbs2600stqhpcr2312wftzsrhns2600bpbrhpcr2224wftzsrhns2600bpblchpcr2208wftzsrxbbs2600stbr2208wf0zsr2208wftzshns2600bpsrr1208wftysrr2208wftzsrxbbs2600stbrhns2600bpbrxr2312wf0nphns2600bpblcrs2600stbr2224wftzsrr2208wfqzsrr2224wftzsbbs2600bpqrbbs2600stqrr2208wfqzsbbs2600bpshns2600bpshpcr2312wf0nprhns2600bpq24rhns2600bpb24hns2600bps24hns2600bpq24hns2600bpblc24r2312wfqzshpcr1208wftysrs9256wk1hlchpchns2600bpsrbbs2600bpsrr2312wf0nprs2600stbrs2600wftrhns2600bpbhpcr2208wfqzsrs9248wk2hlcr1304wftysbbs2600bpbrs9248wk2hachpcr1208wfqysrhns2600bpblc24rs2600wf0rs2600stqrs9232wk1hlcs2600stqs9232wk2hacr2308wftzss9248wk1hlcs2600wfqrhpcr2308wftzsrr1208wfqysrhpchns2600bpbrr2312wftzsrr2308wftzsrhpcr1304wf0ysrhpchns2600bpqrs2600wf0hns2600bps24rs9232wk2hlchns2600bpqrs2600wfqbbs2600bpqr1304wf0ysrbaseboard_management_controller_firmwares2600wfthns2600bpb24rxr2312wftzsIntel(R) BMC
CWE ID-CWE-287
Improper Authentication
CVE-2018-3672
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.04% / 12.44%
||
7 Day CHG~0.00%
Published-01 Aug, 2018 | 15:00
Updated-17 Sep, 2024 | 01:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a system calls.

Action-Not Available
Vendor-Intel Corporation
Product-intel_smart_sound_technologySmart Sound Technology
CVE-2018-12220
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.05% / 16.90%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-16 Sep, 2024 | 18:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logic bug in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to execute arbitrary code via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel(R) Graphics Driver for Windows
CVE-2018-12192
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.07% / 21.07%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-16 Sep, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.

Action-Not Available
Vendor-Intel Corporation
Product-server_platform_services_firmwareconverged_security_management_engine_firmwareIntel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology
CWE ID-CWE-287
Improper Authentication
CVE-2018-12202
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 35.55%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-17 Sep, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Privilege escalation vulnerability in Platform Sample/ Silicon Reference firmware for 8th Generation Intel(R) Core Processor, 7th Generation Intel(R) Core Processor may allow privileged user to potentially leverage existing features via local access.

Action-Not Available
Vendor-Intel Corporation
Product-core_i5platform_sample_firmwaresilicon_reference_firmwarecore_i7core_i3Intel Platform Sample / Silicon Reference firmware
CVE-2017-5708
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.71%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow unauthorized process to access privileged content via unspecified vector.

Action-Not Available
Vendor-Intel Corporation
Product-manageability_engine_firmwareManageability Engine
CVE-2011-5174
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 16.11%
||
7 Day CHG~0.00%
Published-15 Sep, 2012 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) in Intel Q67 Express, C202, C204, C206 Chipsets, and Mobile Intel QM67, and QS67 Chipset before 2nd_gen_i5_i7_SINIT_51.BIN Express; Intel Q57, 3450 Chipsets and Mobile Intel QM57 and QS57 Express Chipset before i5_i7_DUAL_SINIT_51.BIN and i7_QUAD_SINIT_51.BIN; Mobile Intel GM45, GS45, and PM45 Express Chipset before GM45_GS45_PM45_SINIT_51.BIN; Intel Q35 Express Chipsets before Q35_SINIT_51.BIN; and Intel 5520, 5500, X58, and 7500 Chipsets before SINIT ACM 1.1 allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors.

Action-Not Available
Vendor-n/aIntel Corporation
Product-7500_chipsetc206_chipsetmobile_intel_gm45_chipset3450_chipsetmobile_intel_qm57_chipsetx58_chipsetmobile_intel_qs67_chipsetmobile_intel_qm67_chipset5520_chipsetq35_express_chipsetmobile_intel_pm45_express_chipset5500_chipsetsinit_authenticated_code_modulec204_chipsetmobile_intel_qs57_express_chipsetc202_chipsetq67_express_chipsetq57_chipsetmobile_intel_qs57_chipsetmobile_intel_gs45_chipsetn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-33092
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.06%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 18:47
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the installer for the Intel(R) NUC M15 Laptop Kit HID Event Filter driver pack before version 2.2.1.383 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_m15_laptop_kit_hid_event_filter_driver_packnuc_m15_laptop_kit_lapbc710nuc_m15_laptop_kit_lapbc510Intel(R) NUC M15 Laptop Kit HID Event Filter driver pack
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-11092
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 13.67%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-open_cloud_integrity_tehnologyopenattestationOpen Cloud Integrity Technology and OpenAttestation
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2019-0180
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 13.67%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-open_cloud_integrity_tehnologyopenattestationOpen Cloud Integrity Technology and OpenAttestation
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2019-0183
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-3.3||LOW
EPSS-0.05% / 14.14%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-open_cloud_integrity_tehnologyopenattestationOpen Cloud Integrity Technology and OpenAttestation
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2019-0178
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-3.6||LOW
EPSS-0.04% / 13.67%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-open_cloud_integrity_tehnologyopenattestationOpen Cloud Integrity Technology and OpenAttestation
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2019-0179
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 13.67%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-open_cloud_integrity_tehnologyopenattestationOpen Cloud Integrity Technology and OpenAttestation
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2019-0182
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-3.3||LOW
EPSS-0.05% / 14.14%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-open_cloud_integrity_tehnologyopenattestationOpen Cloud Integrity Technology and OpenAttestation
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2019-0175
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 13.67%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-open_cloud_integrity_tehnologyopenattestationOpen Cloud Integrity Technology and OpenAttestation
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2019-0120
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 13.51%
||
7 Day CHG-0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-celeron_n4000celeron_n2830pentium_silver_n5000n5000celeron_n2840pentium_silver_n5000_firmwareceleron_n3350_firmwarej4205_firmwareceleron_n2940_firmwareceleron_n2930celeron_n2840_firmwareceleron_n3450n3540_firmwareceleron_j4105celeron_j3160j3710_firmwaren5000_firmwareceleron_n3350celeron_j3160_firmwareatom_330celeron_n3450_firmwareceleron_j4005_firmwareceleron_n4100celeron_j3060_firmwareatom_230_firmwarepentium_silver_j5005j5005_firmwareatom_x5-e3940celeron_n3000celeron_n2930_firmwaren3530celeron_j3355_firmwarej3710celeron_j4005j5005atom_x5-e3930celeron_j3060celeron_j3355celeron_n4100_firmwareatom_x5-e3940_firmwareatom_x7-e3950celeron_j4105_firmwareatom_230n3530_firmwareceleron_n2940celeron_n2830_firmwarepentium_silver_j5005_firmwareatom_x5-e3930_firmwareatom_330_firmwareatom_x7-e3950_firmwarej4205celeron_n3000_firmwareceleron_n4000_firmwaren3540celeron_j3455celeron_j3455_firmwareIntel(R) Unified Extensible Firmware Interface (UEFI)
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-41614
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.99%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficiently protected credentials in the Intel(R) ON Event Series Android application before version 2.0 may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-on_event_seriesIntel(R) ON Event Series Android application
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-40685
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 44.70%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficiently protected credentials in the Intel(R) DCM software before version 5.0.1 may allow an authenticated user to potentially enable information disclosure via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managerIntel(R) DCM software
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2023-32280
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.18% / 39.92%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:37
Updated-14 Jan, 2026 | 18:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficiently protected credentials in some Intel(R) Server Product OpenBMC firmware before versions egs-1.05 may allow an unauthenticated user to enable information disclosure via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-openbmcxeon_platinum_8468xeon_gold_6421nxeon_platinum_8468hxeon_gold_6448hxeon_gold_6442yxeon_platinum_8471nxeon_gold_6448yxeon_platinum_8490hxeon_gold_6438y\+xeon_gold_6414uxeon_gold_5433nxeon_gold_6458qxeon_platinum_8454hxeon_platinum_8460hxeon_gold_6444yxeon_platinum_8480\+xeon_gold_6423nxeon_gold_5403nxeon_gold_5423nxeon_gold_6403nxeon_gold_6418hxeon_gold_5411nxeon_gold_5415\+xeon_platinum_8470xeon_silver_4410yxeon_platinum_8452yxeon_platinum_8458pxeon_gold_5412uxeon_gold_6434xeon_platinum_8462y\+xeon_gold_6438nxeon_silver_4410txeon_platinum_8461vxeon_gold_6434hxeon_gold_6426yxeon_gold_6443nxeon_gold_6428nxeon_platinum_8450hxeon_platinum_8470nxeon_gold_6454sxeon_gold_5420\+xeon_gold_5416sxeon_platinum_8460y\+xeon_gold_6430xeon_gold_6416hxeon_gold_5418yxeon_gold_5418nxeon_bronze_3408uxeon_platinum_8444hxeon_gold_6438mxeon_gold_6433nexeon_gold_6433nxeon_platinum_8468vIntel(R) Server Product OpenBMC firmwareeagle_stream
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-30601
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.68% / 82.19%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 00:00
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable information disclosure and escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwarestandard_manageabilityIntel(R) AMT and Intel(R) Standard Manageability
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-30944
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.55%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 00:00
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwarestandard_manageabilityIntel(R) AMT and Intel(R) Standard Manageability
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-29507
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.99%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:59
Updated-18 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficiently protected credentials in the Intel(R) Team Blue mobile application in all versions may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-team_blueversion
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-30296
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.80% / 74.19%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:59
Updated-25 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficiently protected credentials in the Intel(R) Datacenter Group Event iOS application, all versions, may allow an unauthenticated user to potentially enable information disclosure via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-datacenter_group_eventversion
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-26844
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.84%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:58
Updated-25 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficiently protected credentials in the installation binaries for Intel(R) SEAPI in all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-single_event_apiversion
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2017-5704
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.08%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Platform sample code firmware included with 4th Gen Intel Core Processor, 5th Gen Intel Core Processor, 6th Gen Intel Core Processor, and 7th Gen Intel Core Processor potentially exposes password information in memory to a local attacker with administrative privileges.

Action-Not Available
Vendor-Intel Corporation
Product-core_i7core_i5core_i3Intel Core Processor
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2021-33107
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.07% / 20.47%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK before version 16.0.3, Intel(R) SCS before version 12.2 and Intel(R) MEBx before versions 11.0.0.0012, 12.0.0.0011, 14.0.0.0004 and 15.0.0.0004 may allow an unauthenticated user to potentially enable information disclosure via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-core_i7-8850hcore_i5-10610u_firmwarecore_i3-10100core_i9-10910_firmwarecore_i9-8950hk_firmwareh470w480ecore_i5-1038ng7core_i5-10400t_firmwarecore_i9-7900xcore_i9-9900kscore_i5_10110y_firmwarecore_i7-10510ycore_i7-10710u_firmwarecore_i3_9100_firmwarez370core_i7_8560ub560core_i9-9800x_firmwarecore_i3_9300core_i9-7920xcore_i3-10100_firmwarew580core_i9-10900_firmwarecore_i9-9960xcore_i9-7960x_firmwarecore_i3_8300t_firmwarecore_i9-10900tecore_i9-8950hkcore_i5-1030g4_firmwarecore_i3-10100yh410core_i3_9300tcore_i5-10600tcore_i5-10600kf_firmwareh270c627core_i7-10875h_firmwarec627acore_i5_9500core_i9-10900e_firmwareb460c625core_i3_9100tc621acore_i5_8400t_firmwarecore_i9-9920xcore_i9-9900kf_firmwarecore_i7-8709gcore_i9-10910core_i5-10600t_firmwarecore_i5_8500_firmwarecore_i5-10300h_firmwarecore_i9_9900core_i9-10900tcore_i3-10100t_firmwareh420ecore_i7-10700f_firmwarecore_i5-10500t_firmwarecore_i7-10700tecore_i5-10600_firmwarecore_i9-10900kcore_i3_8350k_firmwarecore_i3-10105core_i5_9600tcore_i7_8565u_firmwarecore_i9-10900kf_firmwarecore_i7-8550ucore_i5-10400tcore_i7_8550ucore_i7-10810u_firmwarecore_i9-10920x_firmwarecore_i9-10940xcore_i9-9880h_firmwarecore_i7_1060ng7_firmwarec246core_i9-10900xc629acore_i3-8300q470ecore_i7-10700kfcore_i9_9900kfcore_i5-10110y_firmwarecore_i7_9700t_firmwarecore_i3_9350kq150c232core_i9-10900te_firmwarecore_i7_9700k_firmwarecore_i3_9300t_firmwarecore_i7-1065g7core_i5-10500hcore_i3_9100t_firmwarecore_i5_10210ycore_i5-10600kfcore_i3-1000g1core_i7-10700_firmwareq470core_i5-1035g1_firmwarecore_i5_8600kcore_i3-1005g1core_i7-1068ng7core_i5-1038ng7_firmwarec626core_i9-10850hz270core_i3-10305t_firmwarecore_i5_8500core_i3-10100ec236core_i9_firmwarecore_i9-10850k_firmwarecore_i3_9300_firmwarecore_i7-10700kf_firmwarecore_i5_9500_firmwarecore_i7-10700q570core_i3_8100tcore_i5_8600t_firmwarecore_i7_1060g7core_i7-10610u_firmwarecore_i5-10500e_firmwareq170core_i7_8700core_i7_9700f_firmwarecore_i9-9940x_firmwarec422core_i5_9500t_firmwarecore_i5_8500tcore_i3-8145ucore_i5-10400core_i3_9350k_firmwareactive_management_technology_software_development_kitcore_i7-8700kc621core_i5_l16g7_firmwarecore_i9core_i7-10870h_firmwarecore_i5_8600core_i3_8350kcore_i7_8700t_firmwarecore_i3-8109ucore_i5_9600core_i7-10810ucore_i3-10300tcore_i3-8100core_i5_9400t_firmwarecore_i5_8400tcore_i3-8145uecore_i5_8600_firmwarecore_i7-10700te_firmwarecore_i7-10700ecore_i5-8350ucore_i5_9500fcore_i7_1068ng7core_i7_8650ucore_i3_8100core_i3-10100tecore_i7-10700tcore_i9-9900kfcore_i9_9900tcore_i3_firmwarecore_i5-10210u_firmwarecore_i5-10500ecore_i7-10750hcore_i9-10850kcore_i3-10100te_firmwarecore_i7_8550u_firmwarecore_i5_9600_firmwarecore_i7-1060ng7core_i5-10600k_firmwarecore_i5_9400fcore_i3-8100hcore_i9-10900ecore_i5-10610ucore_i7-8706gc624core_i5-8250ucore_i3-10110y_firmwarecore_i5_8400core_i9_9900_firmwarecore_i9-7980xe_firmwareq250core_i3_8300tcore_i5-10500tec242core_i9-10920xcore_i5-10210y_firmwarecore_i5_m480_firmwarecore_i7-8700bcore_i5-10500tcm246core_i7_1065g7_firmwarecore_i5-10310ucore_i9-10885hcore_i5-10600core_i5-10500_firmwarexeoncore_i7-8557ucore_i5-10310ycore_i7_8560u_firmwarecore_i5-10310y_firmwarecore_i5\+8400h510core_i7-10750h_firmwarecore_i3_9100core_i7_10510ycore_i9-9820x_firmwarecore_i7-10700kcore_i5-1030g7core_i9_9880hcore_i9-10980hkcm236core_i7_1060g7_firmwarecore_i5_9600kcore_i9-9880hcore_i3-1000g1_firmwarecore_i5core_i7-10700k_firmwarecore_i7_1068ng7_firmwarecore_i9-10900t_firmwarez170core_i5_l16g7core_i3-10305_firmwarecore_i7-8665uecore_i3-10325_firmwarecore_i3-8130ucore_i7-10510y_firmwarecore_i7_8700_firmwarecore_i3-8300tcore_i5-1035g4core_i5-1030ng7core_i9_9980hkcore_i7-1060ng7_firmwarecore_i7_8559u_firmwarecore_i7-1060g7_firmwarecore_i7-8650ucore_i7-8500ycore_i7-1068ng7_firmwarecore_i5-10200hcore_i9-9900kcore_i7-8705gcore_i9-7960xcore_i5-10400fcore_i7_9700kfcore_i7_9700tcore_i5_9600k_firmwarecore_i5-1035g7_firmwarecore_i7\+8700_firmwareh170core_i5_9600kf_firmwarecore_i7_9700_firmwarew480core_i5_9400tcore_i7-8706g_core_i9-9900core_i9-9820xcore_i5_9600t_firmwarecore_i5_9600kfcore_i3h570core_i3-10320_firmwarecore_i7_8700kcore_i5_10310ycore_i9_9900ks_firmwarecore_i5_10310y_firmwarecore_i5_9400core_i3-10320b250core_i3-10110ycore_i5-1035g7pentium_gold_g5400core_i3-10105fcore_i5-8305gcore_i5_8500t_firmwaresetup_and_configuration_softwarecore_i7-10875hcore_i7-8750hcore_i5-10400hcore_i3_8100fcore_i7_10510y_firmwarecore_i7-8665ucore_i3-10100e_firmwarecore_i3-10305tcore_i5-10505_firmwarecore_i7_8700k_firmwarecore_i9-7940x_firmwarecore_i9-9940xcore_i3-8140ucore_i9-9980xe_firmwareh110core_i7_9700fcore_i9-9900t_firmwarecore_i9-7940xcore_i9-9900xcore_i3-8350kcore_i5-10110ycore_i7-8086kcore_i5-10600kc628core_i9-7900x_firmwarecore_i7-10850hcore_i3-1005g1_firmwarecore_i9-9900x_firmwarecore_i5-10500te_firmwarecore_i3-10300t_firmwarex299xeon_firmwarecore_i3-10105tcore_i9-9900k_firmwarecore_i5_9500tcore_i7-10510u_firmwarecore_i3-8100bcore_i3-1000g4core_i3-10105t_firmwarecore_i5-10400h_firmwarecore_i3-10100f_firmwarecore_i9-10900f_firmwarecore_i9-10900kfcore_i3-10100tcore_i9-9980hk_firmwarecore_i5-8600kcore_i7_1065g7core_i7-8700tcore_i3_9320core_i9-9980hkcore_i9_9980hk_firmwarec622z490core_i9_9900kcore_i5-1035g4_firmwarecore_i7-10700e_firmwarecm238core_i3_8100f_firmwarecore_i7-10610ucore_i5-1030g7_firmwarecore_i7_firmwarecore_i7-8559ucore_i9-10850h_firmwarecore_i9-9920x_firmwarecore_i9_9880h_firmwarecore_i5-10400f_firmwarecore_i5_10110ycore_i3_9350kf_firmwarecore_i7-1060g7core_i9-10980xe_firmwarecore_i3_8100_firmwarecore_i5_9400_firmwarecore_i7_8086kcore_i7_8565ucore_i7_8500y_firmwarecore_i7-8569ucore_i7-10700t_firmwarecore_i3-10325core_i9-7920x_firmwarecore_i9-9900tceleron_4205ucore_i9-9980xecore_i7-8700core_i3-1000ng4_firmwarecore_i5-8400core_i7_9700kf_firmwarecore_i3-10105f_firmwarecore_i7-8809gcore_i3_8300core_i3-10105_firmwarecore_i3-1000ng4core_i5\+8500core_i7\+8700core_i9_9900kf_firmwarecore_i3-10110u_firmwarecore_i7-10850h_firmwarecore_i9-10980xecore_i7_1060ng7core_i3-10305core_i5-1035g1b150q270core_i3-10110ucore_i5-10505core_i9-10885h_firmwarec629core_i3-10100y_firmwarecore_i7_8086k_firmwarecore_i9-10900x_firmwarecore_i3_9100fceleron_4305ucore_i3_9350kfcore_i7_8650u_firmwarecore_i5_firmwarecore_i7-10710ucore_i5-10210ycore_i9-10900core_i3-1000g4_firmwarecore_i7-1065g7_firmwarecore_i5-10300hmanagement_engine_bios_extensioncore_i5-1030ng7_firmwarecore_i7_8700tcore_i5_8600k_firmwarecore_i3_9320_firmwarecore_i9-9900ks_firmwarecore_i3-10300core_i9-10900fcore_i9-9960x_firmwarecore_i5_9500f_firmwarecore_i5\+8400_firmwarecore_i7-8565ucore_i5-10310u_firmwarecore_i9-10940x_firmwarez590core_i5-1030g4core_i3-8100tcore_i5-10200h_firmwarecore_i7core_i5_10210y_firmwarecore_i9_9900kscore_i9-10980hk_firmwarecore_i7-10870hcore_i3-10100fcore_i7-10510ucore_i5-10400_firmwarecore_i9_9900k_firmwarecore_i9-9900_firmwarecore_i7_9700kcore_i3_8100t_firmwarecore_i3-10300_firmwarecore_i5-10500h_firmwarecore_i7_9700core_i9_9900t_firmwarecore_i5_8400_firmwarecore_i9-7980xecore_i7_8559ucore_i3_8300_firmwarecore_i5_m480core_i7-10700fcore_i5-10210ucore_i9-10900k_firmwarecore_i5\+8500_firmwareceleron_4305uecore_i5_9400f_firmwarecore_i3_9100f_firmwarecore_i5_8600tcore_i5-10500core_i7_8500ycore_i9-9800xIntel(R) AMT SDK before version 16.0.3, Intel(R) SCS before version 12.2 and Intel(R) MEBx
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2020-12309
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.08% / 23.21%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 17:58
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficiently protected credentialsin subsystem in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ssd_dc_p4800xssd_dc_p4101_firmwaressd_dc_p4510ssd_pro_5450s_firmwaressd_e_5100soptane_ssd_905poptane_ssd_900pssd_pro_5400sssd_660p_firmwaressd_pro_5400s_firmwaressd_dc_p4610ssd_dc_p4510_firmwaressd_pro_6000p_firmwareoptane_ssd_900p_firmwaressd_760p_firmwaressd_dc_p4101ssd_dc_p4801x_firmwaressd_dc_p4800x_firmwaressd_660pssd_pro_7600pssd_760pssd_pro_6000pssd_pro_5450sssd_e_6100pssd_e_6100p_firmwaressd_dc_p4610_firmwareoptane_ssd_905p_firmwaressd_dc_p4801xssd_e_5100s_firmwaressd_pro_7600p_firmwareIntel(R) Client SSDs and some Intel(R) Data Center SSDs
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2020-12333
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.16%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:17
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficiently protected credentials in the Intel(R) QAT for Linux before version 1.7.l.4.10.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT for Linux
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2020-12316
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.99%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:14
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficiently protected credentials in the Intel(R) EMA before version 1.3.3 may allow an authorized user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-endpoint_management_assistantIntel(R) EMA
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2020-0540
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-1.99% / 83.65%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 14:00
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficiently protected credentials in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-522
Insufficiently Protected Credentials
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found