Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-12162

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-12 Sep, 2018 | 19:00
Updated At-16 Sep, 2024 | 22:36
Rejected At-
Credits

Directory permissions in the Intel OpenVINO Toolkit for Windows before version 2018.1.265 may allow an authenticated user to potentially execute code using default directory permissions via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:12 Sep, 2018 | 19:00
Updated At:16 Sep, 2024 | 22:36
Rejected At:
▼CVE Numbering Authority (CNA)

Directory permissions in the Intel OpenVINO Toolkit for Windows before version 2018.1.265 may allow an authenticated user to potentially execute code using default directory permissions via local access.

Affected Products
Vendor
Intel CorporationIntel Corporation
Product
Intel(R) OpenVINO(TM) Toolkit for Windows
Versions
Affected
  • v2018.1.265 and earlier.
Problem Types
TypeCWE IDDescription
textN/AEscalation of Privilege
Type: text
CWE ID: N/A
Description: Escalation of Privilege
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00172.html
x_refsource_CONFIRM
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00172.html
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00172.html
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00172.html
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:12 Sep, 2018 | 19:29
Updated At:03 Oct, 2019 | 00:03

Directory permissions in the Intel OpenVINO Toolkit for Windows before version 2018.1.265 may allow an authenticated user to potentially execute code using default directory permissions via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Intel Corporation
intel
>>openvino_toolkit>>Versions before 2018.1.265(exclusive)
cpe:2.3:a:intel:openvino_toolkit:*:*:*:*:*:windows:*:*
Weaknesses
CWE IDTypeSource
CWE-732Primarynvd@nist.gov
CWE ID: CWE-732
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00172.htmlsecure@intel.com
Vendor Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00172.html
Source: secure@intel.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

559Records found
CVE-2019-0106
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.25% / 47.94%
||
7 Day CHG~0.00%
Published-18 Feb, 2019 | 17:00
Updated-16 Sep, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient run protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managern/a
CVE-2019-0091
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.70%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_and_management_enginetrusted_execution_technologyIntel(R) Converged Security & Management Engine (CSME), Intel (R) Trusted Execution Engine Interface (TXE)
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2019-0105
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.91%
||
7 Day CHG~0.00%
Published-18 Feb, 2019 | 17:00
Updated-16 Sep, 2024 | 23:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient file permissions checking in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managern/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2018-3700
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 34.18%
||
7 Day CHG~0.00%
Published-18 Feb, 2019 | 17:00
Updated-16 Sep, 2024 | 22:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Code injection vulnerability in the installer for Intel(R) USB 3.0 eXtensible Host Controller Driver for Microsoft Windows 7 before version 5.0.4.43v2 may allow a user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-windows_7usb_3.0_extensible_host_controller_drivern/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2018-3645
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.47%
||
7 Day CHG~0.00%
Published-03 Apr, 2018 | 21:00
Updated-16 Sep, 2024 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Escalation of privilege in all versions of the Intel Remote Keyboard allows a local attacker to inject keystrokes into another remote keyboard session.

Action-Not Available
Vendor-Intel Corporation
Product-remote_keyboard_mobile_appremote_keyboardIntel Remote Keyboard
CVE-2018-3652
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.6||HIGH
EPSS-0.14% / 35.41%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces.

Action-Not Available
Vendor-Intel Corporation
Product-xeon_e3_1275_v5xeon_e3_1270_v6xeon_e3_1268l_v5xeon_e3_1501l_v6xeon_e3_1240_v6xeonxeon_e3_1240_v5xeon_e3_1270_v5xeon_e3_1240l_v5xeon_e3_1280_v5xeon_e3_1245_v6xeon_e3_1220_v6xeon_e3_1225_v5xeon_e3_1505m_v5xeon_bronze_3106xeon_e3_1230_v5xeon_e3_1220_v5xeon_e3_1235l_v5xeon_e3_1505l_v5xeon_e3_1501m_v6xeon_e3_1260l_v5xeon_e3_1275_v6xeon_silverxeon_e3_1225_v6xeon_goldxeon_platinumatom_cxeon_bronze_3104xeon_e3_1230_v6xeon_e3_1280_v6xeon_e3xeon_e3_1245_v5xeon_e3_1285_v6xeon_e3_1505l_v6Intel Xeon Processor
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-3667
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.61%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed files incorrectly, allowing for execution of arbitrary code and potential privilege escalation.

Action-Not Available
Vendor-Intel Corporation
Product-processor_diagnostic_toolIntel Processor Diagnostic Tool
CWE ID-CWE-1188
Initialization of a Resource with an Insecure Default
CVE-2018-3682
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.05% / 13.81%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS.

Action-Not Available
Vendor-Intel Corporation
Product-hns2600tp24strbbs2600bpbr1208wftysr1304wf0yshns2600tprhns7200apr2224wfqzshns2600bpqbbs2600stqs2600tpnrs2600kptrhns2600bpblcr2208wttyc1rr2208wt2ysrbbs2600stbr2208wf0zsr2208wftzsdbs2600cw2rdbs2600cwtrr2312wf0npr2312wttysrs2600stbs2600wtts1rr2224wftzsr1208wt2gsrs2600wt2rhns2600kpfrhns2600kprr1304wttgsrbbs7200apbbs2600bpshns2600bpsr2208wfqzshns2600bpb24bbs7200aplhns2600bps24hns2600tpfrs2600wfohns2600bpq24hns2600bpblc24r2312wfqzss2600wttrr2224wttysrr1208wttgsrhns2600tpnrr1304wt2gsrhns2600bpbs2600tprr1304wftyshns7200aprls2600tptrr2208wttysrs2600stqr2308wftzsdbs2600cwtsrhns7200aprs7200aprhns2600tp24srdbs2600cw2srhns7200aplhns2600tp24rs2600kprbmc_firmwares2600wfqr2308wttysrbbs2600bpqs2600kpfrs2600tpfrs2600wftr2312wftzsIntel Server Boards, Compute Modules and Systems
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-3688
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.65%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted service paths in Intel Quartus Prime Programmer and Tools in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-quartus_prime_programmer_and_toolsIntel Quartus Prime Programmer and Tools
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2018-3627
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.26% / 49.07%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.

Action-Not Available
Vendor-Intel CorporationNetApp, Inc.
Product-xeon_e3_1270_v6xeon_e3_1275_v6xeon_e3_1240_v6element_software_management_nodexeon_e3_1225_v6xeon_e3_1240_v5xeon_e3_1270_v5xeon_e3_1240l_v5xeon_e3_1280_v5xeon_e3_1245_v6xeon_wcore_i7xeon_e3_1220_v6core_i3xeon_e3_1225_v5xeon_e3_1230_v5converged_security_management_engine_firmwarexeon_e3_1220_v5xeon_e3_1230_v6core_i5xeon_e3_1235l_v5core_i9xeon_e3_1245_v5xeon_e3_1280_v6xeon_e3_1285_v6xeon_e3_1260l_v5Intel Converged Security Management Engine (Intel CSME)
CVE-2018-3643
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.21% / 43.19%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 23:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-server_platform_services_firmwareconverged_security_management_engine_firmwareIntel(R) Converged Security and Management Engine (CSME) and Intel(R) Server Platform Services firmware
CVE-2018-3683
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.65%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted service paths in Intel Quartus Prime in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-quartus_primeIntel Quartus Prime
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2018-3649
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.16% / 37.60%
||
7 Day CHG~0.00%
Published-10 May, 2018 | 22:00
Updated-16 Sep, 2024 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DLL injection vulnerability in the installation executables (Autorun.exe and Setup.exe) for Intel's wireless drivers and related software in Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC family of products allows a local attacker to cause escalation of privilege via remote code execution.

Action-Not Available
Vendor-Intel Corporation
Product-wireless-ac_9560wireless-n_7265dual_band_wireless-n_7260dual_band_wireless-ac_7265dual_band_wireless-ac_8265dual_band_wireless-ac_7260wireless-ac_9462tri-band_wireless-ac_18260dual_band_wireless-n_7265wireless-ac_9461dual_band_wireless-ac_3160tri-band_wireless-ac_17265wireless-n_7260dual_band_wireless-ac_3165dual_band_wireless-ac_8260wireless-ac_9260dual_band_wireless-ac_3168tri-band_wireless-ac_18265Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC family of products
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2018-3635
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 23.16%
||
7 Day CHG~0.00%
Published-14 Nov, 2018 | 14:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access.

Action-Not Available
Vendor-Intel Corporation
Product-rapid_storage_technologyIntel Rapid Store Technology
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-3698
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.94%
||
7 Day CHG~0.00%
Published-14 Nov, 2018 | 14:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper file permissions in the installer for the Intel Ready Mode Technology may allow an unprivileged user to potentially gain privileged access via local access.

Action-Not Available
Vendor-Intel Corporation
Product-ready_mode_technologyIntel Ready Mode Technology
CVE-2018-3650
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.81%
||
7 Day CHG~0.00%
Published-01 Aug, 2018 | 15:00
Updated-17 Sep, 2024 | 02:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector.

Action-Not Available
Vendor-Intel Corporation
Product-distribution_for_pythonIntel Distribution for Python
CWE ID-CWE-20
Improper Input Validation
CVE-2018-3686
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.16% / 37.70%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Code injection vulnerability in INTEL-SA-00086 Detection Tool before version 1.2.7.0 may allow a privileged user to potentially execute arbitrary code via local access.

Action-Not Available
Vendor-Intel Corporation
Product-sa-00086_detection_toolINTEL-SA-00086 Detection Tool
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2018-3687
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.65%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted service paths in Intel Quartus II Programmer and Tools in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-quartus_ii_programmer_and_toolsIntel Quartus II Programmer and Tools
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2018-3612
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.63%
||
7 Day CHG~0.00%
Published-10 May, 2018 | 22:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Intel NUC kits with insufficient input validation in system firmware, potentially allows a local attacker to elevate privileges to System Management Mode (SMM).

Action-Not Available
Vendor-n/aIntel Corporation
Product-dnkbli30.86agkaplcpx.86arybdwi35.86aayaplcel.86akyskli70.86abnkbl357.86afybyt10h.86asyskli35.86amybdwi30.86accsklm30.86amkkbly35.86adnkbli5v.86amkkbli5v.86abiosccsklm5v.86amybdwi5v.86atybyt10h.86adnkbli7v.86an/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-3638
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.42%
||
7 Day CHG~0.00%
Published-03 Apr, 2018 | 21:00
Updated-17 Sep, 2024 | 00:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Escalation of privilege in all versions of the Intel Remote Keyboard allows an authorized local attacker to execute arbitrary code as a privileged user.

Action-Not Available
Vendor-Intel Corporation
Product-remote_keyboard_mobile_appremote_keyboardIntel Remote Keyboard
CVE-2021-33137
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.81%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in the Intel(R) Kernelflinger project may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-kernelflingerIntel(R) Kernelflinger project
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-33089
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.81%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 18:56
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the software installer for the Intel(R) NUC HDMI Firmware Update Tool for NUC8i3BE, NUC8i5BE, NUC8i7BE before version 1.78.4.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_hdmi_firmware_update_toolnuc_kit_nuc8i3benuc_kit_nuc8i7benuc_kit_nuc8i5beIntel(R) NUC HDMI Firmware Update Tool for NUC8i3BE, NUC8i5BE, NUC8i7BE
CVE-2021-33101
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.10%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) GPA software before version 21.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzersIntel(R) GPA software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-33071
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.78%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:03
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the installer for the Intel(R) oneAPI Rendering Toolkit before version 2021.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_rendering_toolkitIntel(R) oneAPI Rendering Toolkit
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-33106
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.81%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 18:35
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the Safestring library maintained by Intel(R) may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-safestring_libraryIntel(R) Safestring Library
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-33062
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.78%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:10
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the software installer for the Intel(R) VTune(TM) Profiler before version 2021.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-vtune_profilerIntel(R) VTune(TM) Profiler
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-33150
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.33% / 55.32%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 17:54
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-core_i7-6870hqatom_c3950core_i3-7100hcore_i7-8850hcore_i3-10100core_i3-6100ucore_i3-7300core_i5-1038ng7core_i5-11400celeron_j4125core_i7-10510yz370core_i5-6350hqcore_i5-11600kcore_i3-6300tcore_i9-10900tecore_i5-6360ucore_i3-6157uceleron_3865ucore_i3-10100ycore_i5-11260hcore_i3-1115g4ecore_i5-10600th270c627pentium_gold_g5400tcore_i5-6500tcore_i5-7500c627acore_i5-6260uc625atom_c2508c621apentium_gold_g6505tcore_i5-7440hqatom_c2516core_i7-8709gatom_c3758pentium_gold_g6505xeon_d-2177ntceleron_3867ucore_i9-11900kfcore_i7-7660ucore_i7-7700hqatom_c3308pentium_gold_g6500tcore_i9-10900tcore_i5-6402pcore_i7-10700tecore_i9-10900kcore_i3-10105q370celeron_j3455ecore_i5-11400tcore_i7-11700kcore_i5-11400fcore_i7-8550ucore_i5-10400tcore_i7-1185g7xeon_d-2796teh370c246core_i7-6700hqc629acore_i3-8300xeon_d-2142itceleron_j4105core_i7-10700kfatom_c2338core_i5-7500tq150c232xeon_d-2187ntxeon_d-2775tecore_i7-1065g7core_i9-11900kcore_i5-10500hcore_i5-6267ucore_i5-10600kfcore_i3-1000g1celeron_j3060core_i5-7y54celeron_3955ucore_i3-1005g1core_i7-1068ng7c626core_i5-7400atom_c2550celeron_j3355ecore_i7-6567uz270core_i5-7287ucore_i3-10100ec236pentium_gold_g5420tatom_c2518core_i7-7560uatom_c3538core_i7-11600hcore_i7-7920hqcore_i7-10700core_i5-11600kfcore_i5-7600tatom_c2558q170atom_c3508core_i5-1145grecore_i3-7020uceleron_j3355xeon_d-2799core_i5-1135g7core_i3-1115g4xeon_d-2145ntcore_i3-8145ucore_i5-10400xeon_d-2173itxeon_d-2161ixeon_d-2766ntcore_i7-7567ucore_i7-8700katom_c2530c621xeon_d-2163itcore_i3-1120g4core_i5-1155g7core_i7-7820hqcore_i7-7820eqxeon_d-2123itcore_i5-11400hcore_i9-11900hcore_i3-8109uceleron_j3455core_i7-1185g7ecore_i3-1110g4core_i7-10810ucore_i3-10300tcore_i3-8100xeon_d-2776ntcore_i3-8145uecore_i5-1130g7pentium_gold_4425ycore_i3-7320core_i7-10700ecore_i5-8350ucore_i9-11900core_i5-6585rcore_i3-10100tecore_i7-10700tcore_i3-7100pentium_gold_6500yatom_c2538core_i5-6300hqcore_i7-11390hxeon_d-2786ntecore_i5-7y57core_i5-1145g7core_i7-6700tecore_i5-10500ecore_i7-10750hcore_i9-10850katom_c2358xeon_d-2143itxeon_d-2753ntcore_i5-7260uceleron_3855ucore_i3-8100hcore_i5-6600core_i9-10900ecore_i7-8706gc624celeron_3965ucore_i5-8250ucore_i3-6300core_i9-11980hkh310core_i9-11900fq250core_i5-10500tec242core_i5-11500core_i9-11950hcore_i3-6100teatom_c3750core_i7-11700xeon_d-2798ntcore_i7-8700bcore_i5-10500tcm246core_i7-1195g7core_i5-10310ucore_i9-10885hcore_i5-10600core_i7-8557ucore_i5-7440eqcore_i3-6320core_i5-10310ycore_i7-1165g7xeon_d-2738core_i7-11850heatom_c3338core_i5-1145g7eatom_x7-e3950core_i7-10700kcore_i5-6440eqcore_i5-1030g7celeron_j4025core_i9-10980hkxeon_d-2733ntcm236atom_c2730core_i7-6650ucore_i7-11370hz170core_i5-7442eqcore_i7-8665uecore_i3-8130ucore_i3-7167ucore_i3-8300tcore_i5-11500hcore_i5-1035g4core_i5-11600txeon_d-2795ntcore_i5-6287ucore_i7-8650ucore_i7-8500yxeon_d-2779core_i5-10200hpentium_silver_n5030core_i7-8705gpentium_silver_j5040z390atom_c3558rceleron_n4000core_i5-10400fcore_i7-1160g7core_i7-7600uatom_c3808core_i3-7100eatom_c2750h170core_i3-7101ecore_i7-8706g_atom_c2738celeron_j4005celeron_n3150core_i5-6300upentium_silver_n5000xeon_d-2141iatom_c2308core_i7-1180g7core_i3-6100hcore_i7-7500ucore_i3-10320b250core_i3-10110yxeon_d-2752ntecore_i5-1035g7core_i7-7820hkpentium_gold_g5400core_i3-10105fceleron_n3700core_i5-8305gcore_i3-6100atom_x5-e3940core_i3-6098pcore_i5-6400core_i7-10875hcore_i3-1115grecore_i3-7101tecore_i5-11600core_i5-7400tcore_i7-7700atom_c2316core_i7-11700fcore_i3-11100hecore_i5-10400hcore_i3-6100tcore_i7-8750hcore_i7-8665ub365core_i5-7300hqcore_i3-10305txeon_d-2183itxeon_d-2712tcore_i3-8140uh110core_i3-8350kcore_i5-6600kcore_i5-10600kcore_i7-8086kc628core_i7-10850hcore_i7-6700tatom_c3958atom_c3338rx299core_i3-10105tcore_i5-11300hcore_i5-6500tecore_i3-8100bcore_i5-6500core_i3-1000g4core_i3-6167ucore_i9-10900kfcore_i3-10100tatom_c3858xeon_d-2146ntcore_i5-7267ucore_i5-8600kcore_i3-7100ucore_i5-6442eqcore_i7-8700txeon_d-2752tercore_i5-11500hecore_i3-7100tc622core_i7-11700tpentium_j4205core_i3-6102ecm238core_i5-1140g7core_i7-11700kfcore_i7-10610ucore_i7-6770hqpentium_gold_g5420celeron_3965ycore_i7-6700kcore_i7-6970hqcore_i7-11375hcore_i7-7y75core_i7-8559ucore_i7-6822eqcore_i3-7300tatom_c3850core_i5-11500tatom_c3955core_i9-11900tcore_i7-6785rcore_i7-6560ucore_i7-1060g7core_i7-6600ucore_i7-1185grecore_i7-8569ucore_i3-10325celeron_4205ucore_i7-7700tatom_c3558core_i7-8700core_i5-6685rxeon_d-2796ntcore_i3-7130ucore_i5-8400atom_c3436lcore_i7-8809gcore_i5-11320hatom_c3708core_i5-7600core_i5-6400tcore_i7-6500ucore_i5-1035g1core_i3-10305core_i7-11850hxeon_d-2166ntcore_i3-7350kb150core_i3-10110uq270core_i5-10505c629atom_c3336core_i7-6700core_i7-6820eqcore_i7-6920hqcore_i5-7600kcore_i7-6820hkatom_c2758celeron_4305ucore_i3-6006ucore_i7-10710uatom_c2718celeron_j3160core_i5-10210ycore_i9-10900core_i5-10300hcore_i5-7360uatom_x5-e3930core_i5-7300upentium_gold_g6500core_i7-11800hcore_i3-10300atom_c2350core_i5-6600tpentium_gold_4417ucore_i9-10900fcore_i3-1125g4core_i7-8565ucore_i5-1030g4core_i3-8100tcore_i7-7700katom_c3830core_i7-10870hcore_i3-10100fcore_i7-10510uceleron_n3050b360core_i5-6440hqcore_i3-7102ecore_i7-6660ucore_i3-6100ecore_i5-6200ucore_i5-7200ucore_i7-10700fceleron_n3000core_i5-10210ucore_i7-6820hqatom_c3758rceleron_4305uecore_i5-10500pentium_silver_j5005Intel(R) Trace Hub instances which
CVE-2021-33077
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.19% / 40.95%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:35
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient control flow management in firmware for some Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-optane_ssd_905poptane_ssd_dc_p4800xoptane_ssd_900poptane_memory_h20_with_solid_state_storageoptane_ssd_dc_p4801xoptane_ssd_905p_firmwareoptane_ssd_p5800xoptane_memory_h20_with_solid_state_storage_firmwareoptane_ssd_dc_p4801x_firmwareoptane_ssd_dc_p4800x_firmwareoptane_ssd_p5800x_firmwareoptane_memory_h10_with_solid_state_storageoptane_memory_h10_with_solid_state_storage_firmwareoptane_ssd_900p_firmwareIntel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products
CVE-2021-33059
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 17.18%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:13
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) Administrative Tools for Intel(R) Network Adapters driver for Windows before version 1.4.0.15, may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-administrative_tools_for_intel_network_adaptersIntel(R) Administrative Tools for Intel(R) Network Adapters
CWE ID-CWE-20
Improper Input Validation
CVE-2018-18095
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.19% / 41.13%
||
7 Day CHG~0.00%
Published-11 Jul, 2019 | 20:31
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication in firmware for Intel(R) SSD DC S4500 Series and Intel(R) SSD DC S4600 Series before SCV10150 may allow an unprivileged user to potentially enable escalation of privilege via physical access.

Action-Not Available
Vendor-Intel Corporation
Product-ssd_dc_s4600_firmwaressd_dc_s4500ssd_dc_s4600ssd_dc_s4500_firmwareIntel(R) SSD DC S4500/S4600 Series
CWE ID-CWE-287
Improper Authentication
CVE-2018-12175
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.78%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-17 Sep, 2024 | 03:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access.

Action-Not Available
Vendor-Intel Corporation
Product-distribution_for_pythonIntel(R) Distribution for Python 2018
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2018-12169
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.6||HIGH
EPSS-0.06% / 17.13%
||
7 Day CHG-0.00%
Published-21 Sep, 2018 | 20:00
Updated-05 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation Intel Core Processor contains a logic error which may allow physical attacker to potentially bypass firmware authentication.

Action-Not Available
Vendor-n/aLenovo Group LimitedIntel Corporation
Product-thinkpad_x380_yogathinkpad_t470thinkpad_t25thinkpad_t480sthinkpad_t570thinkpad_l380thinkpad_t580core_i3thinkpad_p51sthinkpad_x1_yogathinkpad_x1_carbonthinkpad_x1_tabletcore_i5thinkpad_e480thinkpad_l380_yogathinkpad_p51thinkpad_p52thinkpad_l480thinkpad_l580thinkpad_11ethinkpad_p72thinkpad_t470sthinkpad_x270thinkpad_t470pthinkpad_e580core_i7thinkpad_x280thinkpad_p71core_i9thinkpad_t480thinkpad_yoga_370thinkpad_p52sn/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-12190
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 33.62%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-16 Sep, 2024 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-converged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology
CWE ID-CWE-20
Improper Input Validation
CVE-2018-12174
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 25.10%
||
7 Day CHG~0.00%
Published-14 Nov, 2018 | 14:00
Updated-05 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE 2018 Update 3 may allow an authenticated user to potentially escalate privileges via local access.

Action-Not Available
Vendor-Intel Corporation
Product-parallel_studio_xeIntel Parallel Studio XE 2018
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-12160
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 10.07%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access.

Action-Not Available
Vendor-Intel Corporation
Product-data_migration_softwareIntel(R) Data Migration Software
CWE ID-CWE-276
Incorrect Default Permissions
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2018-12152
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-1.83% / 82.15%
||
7 Day CHG~0.00%
Published-10 Oct, 2018 | 18:00
Updated-16 Sep, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unauthenticated remote user to potentially execute arbitrary WebGL code via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel Graphics Driver
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-12208
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.6||HIGH
EPSS-0.40% / 59.95%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-17 Sep, 2024 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access.

Action-Not Available
Vendor-Intel Corporation
Product-server_platform_services_firmwareconverged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-12221
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.81%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-16 Sep, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause an integer overflow via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel(R) Graphics Driver for Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2023-42099
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.55%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:13
Updated-12 Aug, 2025 | 19:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability

Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DSA Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21846.

Action-Not Available
Vendor-Intel Corporation
Product-driver_\&_support_assistantDriver & Support Assistantdriver\&support_assistant
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-26258
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.52% / 65.72%
||
7 Day CHG-0.31%
Published-12 May, 2022 | 16:35
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may allow an authorized user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-killer_control_centerIntel(R) Killer(TM) Control Center software
CVE-2020-12374
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 24.19%
||
7 Day CHG~0.00%
Published-19 Feb, 2021 | 15:17
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hns2600bpb24rr1304wftysrr2208wf0zsrr1208wftysr2208wftzsrr1304wf0ysr2312wf0nprhns2600bpbr1304wftyshns2600bpqr2224wfqzsr1000wfhns2600bpblc24rs2600bpqrhns2600bpbrs2600stqhns2600bpblcr2308wftzshns2600bpsrr1208wftysrr2208wf0zsr2208wftzsr2312wf0npr1208wfqysrr2224wftzsrr2208wfqzsrs2600stbr2224wftzsr2312wftzsrr2308wftzsrs2600wf0bmc_firmwarehns2600bps24rhns2600bpqrs2600wfqr2208wfqzshns2600bpshns2600bpq24rhns2600bpb24hns2600bps24r1304wf0ysrhns2600bpq24s2600wfts2600bpbrhns2600bpblc24s2600bpsrr2312wfqzsr2312wftzsIntel(R) Server Boards, Server Systems and Compute Modules
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-12307
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.78%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:13
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in some Intel(R) High Definition Audio drivers before version 9.21.00.4561 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-high_definition_audio_driverIntel(R) High Definition Audio drivers
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-12320
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.10%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:15
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in Intel(R) SCS Add-on for Microsoft* SCCM before version 2.1.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-scs_add-on_for_microsoft_sccmIntel(R) SCS Add-on for Microsoft* SCCM
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-12337
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.65%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:15
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_board_h27002-404nuc_8_mainstream-g_kit_nuc8i7inhnuc_8_pro_kit_nuc8i3pnknuc_8_pro_board_nuc8i3pnbnuc_8_pro_kit_nuc8i3pnhnuc_kit_h26998-402nuc_board_h27002-400nuc_8_mainstream-g_mini_pc_nuc8i7inhnuc_board_nuc8cchbnuc_8_pro_mini_pc_nuc8i3pnknuc_kit_h26998-405_firmwarenuc_8_mainstream-g_mini_pc_nuc8i5inhnuc_8_mainstream-g_kit_nuc8i7inh_firmwarenuc_kit_h26998-500_firmwarenuc_kit_h26998-402_firmwarenuc_8_pro_board_nuc8i3pnb_firmwarenuc_8_rugged_kit_nuc8cchkrnuc_board_h27002-404_firmwarenuc_8_mainstream-g_kit_nuc8i5inh_firmwarenuc_8_mainstream-g_kit_nuc8i5inhnuc_board_nuc8cchb_firmwarenuc_kit_h26998-500nuc_kit_h26998-404nuc_board_h27002-500_firmwarenuc_8_rugged_kit_nuc8cchkr_firmwarenuc_board_h27002-400_firmwarenuc_board_h27002-402_firmwarenuc_kit_h26998-403_firmwarenuc_kit_h26998-403nuc_board_h27002-402nuc_kit_h26998-401nuc_kit_h26998-405nuc_8_pro_mini_pc_nuc8i3pnk_firmwarenuc_8_mainstream-g_mini_pc_nuc8i5inh_firmwarenuc_board_h27002-401_firmwarenuc_8_pro_kit_nuc8i3pnh_firmwarenuc_board_h27002-401nuc_kit_h26998-401_firmwarenuc_board_h27002-500nuc_9_pro_kit_nuc9v7qnxnuc_9_pro_kit_nuc9vxqnx_firmwarenuc_9_pro_kit_nuc9vxqnxnuc_9_pro_kit_nuc9v7qnx_firmwarenuc_8_mainstream-g_mini_pc_nuc8i7inh_firmwarenuc_8_pro_kit_nuc8i3pnk_firmwarenuc_kit_h26998-404_firmwareIntel(R) NUCs
CVE-2018-12196
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.16% / 37.35%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-16 Sep, 2024 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.

Action-Not Available
Vendor-Intel Corporation
Product-converged_security_management_engine_firmwareIntel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology
CWE ID-CWE-20
Improper Input Validation
CVE-2020-8759
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.19%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:09
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the installer for Intel(R) SSD DCT versions before 3.0.23 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ssd_data_center_toolIntel(R) SSD DCT Advisory
CVE-2021-0161
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.65%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset_ac_3165amt_wi-fi_6_ax201proset_ac_9462amt_ac_9560_firmwareproset_ac_8265killer_wi-fi_6_ax1650amt_wi-fi_6_ax201_firmwareproset_ac_3165_firmwareamt_ac_8265_firmwareproset_ac_8260proset_ac_9461_firmwareproset_wi-fi_6_ax201_firmwareproset_wi-fi_6e_ax210proset_wireless_7265_\(rev_d\)_firmwareamt_wi-fi_6_ax210_firmwareproset_wi-fi_6_ax200_firmwarekiller_wi-fi_6_ax1650_firmwareproset_wi-fi_6_ax200proset_ac_9461proset_ac_8260_firmwareamt_wi-fi_6_ax200amt_wi-fi_6_ax210amt_ac_8260_firmwareamt_ac_8260killer_ac_1550_firmwareamt_ac_9260_firmwareproset_ac_8265_firmwareproset_wireless_7265_\(rev_d\)proset_ac_9462_firmwareproset_wi-fi_6_ax201killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwareproset_ac_9260killer_wi-fi_6e_ax1675proset_ac_9560amt_wi-fi_6_ax200_firmwareamt_ac_9260proset_ac_9260_firmwareamt_ac_8265amt_ac_9560proset_ac_9560_firmwarekiller_ac_1550proset_ac_3168proset_ac_3168_firmwareIntel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 and 11
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0146
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.38% / 58.75%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:25
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-celeron_j1750celeron_j4125_firmwarepentium_silver_n5000_firmwareceleron_n2940_firmwareceleron_j1850_firmwarepentium_j2850pentium_silver_n5030celeron_j1900_firmwareceleron_n2920_firmwareceleron_n3350celeron_n3050celeron_j1850celeron_n6210pentium_j3710_firmwarepentium_n6415_firmwarepentium_silver_j5005celeron_n3000celeron_n2930_firmwareceleron_n2807celeron_n2815pentium_j3710pentium_j2900atom_x5-e3940_firmwareceleron_n4100_firmwareatom_c3000_firmwareceleron_n2940celeron_n2830_firmwarepentium_silver_j5005_firmwareatom_x5-e3930_firmwareceleron_n5105celeron_n3000_firmwarepentium_j2850_firmwarepentium_n3530celeron_j3455pentium_silver_n6000celeron_n3350_firmwareceleron_n2807_firmwareceleron_n4500celeron_n2820pentium_n6415celeron_n4500_firmwareceleron_j3160celeron_j3355e_firmwareceleron_n3150_firmwareceleron_n3450_firmwareceleron_n3150celeron_n4100celeron_n5100_firmwareceleron_n2805celeron_n2806celeron_n3060celeron_j1750_firmwareatom_x5-e3940pentium_n3530_firmwarepentium_silver_n6000_firmwareceleron_n5105_firmwarepentium_n3710_firmwareceleron_n4120_firmwarepentium_n4200celeron_n4120celeron_n3350eceleron_n3050_firmwareceleron_n4000_firmwareceleron_j3455_firmwareceleron_n3010celeron_n2840celeron_n2806_firmwarepentium_j6426celeron_n2808pentium_n4200e_firmwareceleron_j4025celeron_n2910pentium_j4205celeron_n2930celeron_j1800_firmwareceleron_n2840_firmwarepentium_silver_n6005_firmwarepentium_n3540_firmwarepentium_n3510pentium_silver_n5030_firmwareceleron_j6413celeron_j3160_firmwareceleron_j3455e_firmwareceleron_j4005_firmwarepentium_j2900_firmwareceleron_j3060_firmwarepentium_n3700celeron_n2920pentium_n3520_firmwareceleron_n3160_firmwarepentium_n3520celeron_n2815_firmwarepentium_n3700_firmwareceleron_j3060pentium_silver_n6005pentium_j4205_firmwareceleron_n2820_firmwareceleron_j4105_firmwareceleron_n3160celeron_n6211atom_x7-e3950_firmwareceleron_n4020_firmwarepentium_n4200_firmwareceleron_n6210_firmwareceleron_n4505_firmwareceleron_n6211_firmwareceleron_n3060_firmwareceleron_n3010_firmwarepentium_silver_n5000pentium_n3540celeron_n4000celeron_j3455eceleron_n2830pentium_n4200eceleron_n3350e_firmwareceleron_n3450celeron_n5100celeron_j6413_firmwareceleron_n2805_firmwarepentium_n3710celeron_n4020celeron_j4105celeron_j6412celeron_n2810celeron_j4025_firmwarepentium_n3510_firmwarepentium_silver_j5040_firmwareceleron_j1800celeron_j6412_firmwareceleron_j1900celeron_n2808_firmwareatom_c3000celeron_n4505celeron_j3355_firmwareceleron_j4005atom_x5-e3930celeron_j3355atom_x7-e3950celeron_n2910_firmwarepentium_silver_j5040celeron_n2810_firmwarepentium_j6426_firmwareceleron_j3355eceleron_j4125Intel(R) processors which
CVE-2021-0164
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.65%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset_ac_3165amt_wi-fi_6_ax201proset_ac_9462amt_ac_9560_firmwareproset_ac_8265killer_wi-fi_6_ax1650amt_wi-fi_6_ax201_firmwareproset_ac_3165_firmwareamt_ac_8265_firmwareproset_ac_8260proset_ac_9461_firmwareproset_wi-fi_6_ax201_firmwareproset_wi-fi_6e_ax210proset_wireless_7265_\(rev_d\)_firmwareamt_wi-fi_6_ax210_firmwareproset_wi-fi_6_ax200_firmwarekiller_wi-fi_6_ax1650_firmwareproset_wi-fi_6_ax200proset_ac_9461proset_ac_8260_firmwareamt_wi-fi_6_ax200amt_wi-fi_6_ax210amt_ac_8260_firmwareamt_ac_8260killer_ac_1550_firmwareamt_ac_9260_firmwareproset_ac_8265_firmwareproset_wireless_7265_\(rev_d\)proset_ac_9462_firmwareproset_wi-fi_6_ax201killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwareproset_ac_9260killer_wi-fi_6e_ax1675proset_ac_9560amt_wi-fi_6_ax200_firmwareamt_ac_9260proset_ac_9260_firmwareamt_ac_8265amt_ac_9560proset_ac_9560_firmwarekiller_ac_1550proset_ac_3168proset_ac_3168_firmwareIntel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 and 11
CVE-2021-0151
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.81%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:20
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the installer for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products in Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ax1650ax1675_firmwareac_9462ac_8265ac_3165_firmwareac_9560_firmwareac_8265_firmwareac_7265_firmwareax1675ax200ac_3165ac_9461ac_8260ac_9260ax1650_firmwareac_9461_firmwareac_9462_firmwareac_3168ac_9560ax200_firmwareac1550_firmwareac_3168_firmwareax201ax201_firmwareax210_firmwareac_9260_firmwareac1550ac_7265ac_8260_firmwareax210Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products in Windows 10
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 11
  • 12
  • Next
Details not found