Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-3698

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-14 Nov, 2018 | 14:00
Updated At-05 Aug, 2024 | 04:50
Rejected At-
Credits

Improper file permissions in the installer for the Intel Ready Mode Technology may allow an unprivileged user to potentially gain privileged access via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:14 Nov, 2018 | 14:00
Updated At:05 Aug, 2024 | 04:50
Rejected At:
▼CVE Numbering Authority (CNA)

Improper file permissions in the installer for the Intel Ready Mode Technology may allow an unprivileged user to potentially gain privileged access via local access.

Affected Products
Vendor
Intel CorporationIntel Corporation
Product
Intel Ready Mode Technology
Versions
Affected
  • all versions
Problem Types
TypeCWE IDDescription
textN/AEscalation of Privilege
Type: text
CWE ID: N/A
Description: Escalation of Privilege
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/105995
vdb-entry
x_refsource_BID
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00198.html
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/105995
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00198.html
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/105995
vdb-entry
x_refsource_BID
x_transferred
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00198.html
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/105995
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00198.html
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:14 Nov, 2018 | 14:29
Updated At:03 Oct, 2019 | 00:03

Improper file permissions in the installer for the Intel Ready Mode Technology may allow an unprivileged user to potentially gain privileged access via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Intel Corporation
intel
>>ready_mode_technology>>*
cpe:2.3:a:intel:ready_mode_technology:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/105995secure@intel.com
Third Party Advisory
VDB Entry
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00198.htmlsecure@intel.com
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/105995
Source: secure@intel.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00198.html
Source: secure@intel.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

372Records found
CVE-2020-24514
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.11% / 30.86%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 18:48
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication in some Intel(R) RealSense(TM) IDs may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-realsense_id_f450realsense_id_f455_firmwarerealsense_id_f450_firmwarerealsense_id_f455Intel(R) RealSense(TM) IDs
CWE ID-CWE-287
Improper Authentication
CVE-2022-24297
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.69%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:35
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_11_pro_kit_nuc11tnhi30l_firmwarenuc11dbbi7_firmwarenuc_9_pro_compute_element_nuc9vxqnb_firmwarenuc_11_pro_kit_nuc11tnki7nuc11pa_firmwarenuc8i3cysnnuc_9_pro_kit_nuc9vxqnx_firmwarenuc_11_compute_element_cm11ebi58w_firmwarenuc_11_pro_board_nuc11tnbi50znuc_11_pro_kit_nuc11tnki30z_firmwarenuc_8_compute_element_cm8pcbnuc_8_compute_element_cm8pcb_firmwarelapkc71fnuc_11_pro_board_nuc11tnbi70z_firmwarenuc_11_pro_board_nuc11tnbi7nuc_11_compute_element_cm11ebc4w_firmwarenuc_11_pro_kit_nuc11tnki50znuc_11_pro_kit_nuc11tnki5nuc_kit_nuc8i5benuc8i3cysmlapbc710nuc_11_pro_kit_nuc11tnhi50znuc_8_compute_element_cm8i3cbnuc8i3cysn_firmwarenuc_kit_nuc8i5be_firmwarenuc11pahnuc_11_pro_board_nuc11tnbi30z_firmwarenuc_9_pro_kit_nuc9v7qnx_firmwarenuc_8_compute_element_cm8ccbnuc11dbbi9_firmwarenuc_11_pro_board_nuc11tnbi5nuc_9_pro_compute_element_nuc9v7qnblapbc710_firmwarelapkc51enuc_11_pro_kit_nuc11tnki3nuc_11_pro_kit_nuc11tnki70znuc_8_compute_element_cm8i7cblapkc71f_firmwarenuc_11_enthusiast_kit_nuc11phki7cnuc11panuc_11_pro_kit_nuc11tnhi70lnuc_11_pro_kit_nuc11tnhi50lnuc_8_compute_element_cm8i7cb_firmwarenuc9i9qnnuc_11_pro_board_nuc11tnbi70znuc_11_pro_kit_nuc11tnhi30znuc_11_pro_kit_nuc11tnhi50w_firmwarelapbc510_firmwarenuc_11_compute_element_cm11ebi716wnuc_11_pro_kit_nuc11tnki30znuc_kit_nuc8i3b_firmwarenuc11btmi9nuc11btmi7nuc9i7qnnuc9i7qn_firmwarenuc_8_compute_element_cm8i5cb_firmwarenuc_11_compute_element_cm11ebi38w_firmwarenuc_11_pro_kit_nuc11tnhi70l_firmwarenuc_11_pro_kit_nuc11tnhi70qnuc_11_pro_kit_nuc11tnhi70znuc9i5qn_firmwarenuc_kit_nuc8i7be_firmwarenuc_11_pro_kit_nuc11tnhi30lnuc8i3cysm_firmwarelapkc71e_firmwarenuc_11_pro_kit_nuc11tnhi30z_firmwarenuc_11_pro_board_nuc11tnbi5_firmwarenuc_11_pro_kit_nuc11tnki50z_firmwarenuc11paq_firmwarenuc_11_pro_board_nuc11tnbi3_firmwarenuc_11_pro_kit_nuc11tnhi5_firmwarenuc_11_pro_kit_nuc11tnhi7_firmwarenuc_kit_nuc8i3bnuc_11_pro_kit_nuc11tnhi50l_firmwarenuc_11_enthusiast_mini_pc_nuc11phki7caanuc11btmi9_firmwarenuc_9_pro_kit_nuc9vxqnxnuc_11_pro_board_nuc11tnbi30znuc_11_pro_kit_nuc11tnhi3nuc_11_enthusiast_kit_nuc11phki7c_firmwarenuc_11_pro_board_nuc11tnbi3nuc_11_pro_kit_nuc11tnhi7nuc_11_pro_board_nuc11tnbi7_firmwarenuc_11_pro_kit_nuc11tnki5_firmwarelapbc510nuc_11_pro_kit_nuc11tnki3_firmwarenuc_8_compute_element_cm8i5cbnuc_11_pro_kit_nuc11tnhi70q_firmwarenuc11pah_firmwarenuc_8_compute_element_cm8i3cb_firmwarelapkc51e_firmwarenuc_11_compute_element_cm11ebi716w_firmwarenuc11paqnuc_9_pro_compute_element_nuc9v7qnb_firmwarenuc_11_pro_kit_nuc11tnki70z_firmwarenuc_9_pro_kit_nuc9v7qnxnuc_11_compute_element_cm11ebi58wnuc_11_pro_kit_nuc11tnhi5nuc_11_pro_kit_nuc11tnhi3_firmwarenuc_11_pro_board_nuc11tnbi50z_firmwarenuc_11_compute_element_cm11ebc4wnuc11dbbi9nuc11btmi7_firmwarenuc_11_pro_kit_nuc11tnhi50wnuc_kit_nuc8i7benuc_11_pro_kit_nuc11tnki7_firmwarenuc_11_pro_kit_nuc11tnhi30p_firmwarenuc_11_pro_kit_nuc11tnhi30pnuc_11_pro_kit_nuc11tnhi70z_firmwarenuc_8_compute_element_cm8ccb_firmwarenuc_11_enthusiast_mini_pc_nuc11phki7caa_firmwarenuc9i5qnnuc11dbbi7nuc9i9qn_firmwarenuc_11_pro_kit_nuc11tnhi50z_firmwarenuc_9_pro_compute_element_nuc9vxqnblapkc71enuc_11_compute_element_cm11ebi38wIntel(R) NUCs
CVE-2022-21204
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus(R) Prime Pro Edition
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-21174
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus(R) Prime Pro Edition
CVE-2022-21128
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:35
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-advisorIntel(R) Advisor software
CVE-2020-24473
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:01
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds write in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_system_r2312wfqzsserver_system_r1304wftysserver_board_s2600bpsserver_board_s2600bpqrserver_system_r2208wf0zsserver_board_s2600wftcompute_module_hns2600bpb24rserver_system_r2312wftzsrserver_system_r1208wftysserver_board_s2600bpbserver_board_s2600stqrserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r2308wftzsrserver_board_s2600bpqcompute_module_hns2600bps24rserver_system_r1304wftysrserver_board_s2600stbserver_board_s2600wfqserver_system_r2208wfqzsrserver_board_s2600bpsrcompute_module_hns2600bpsrserver_system_r2312wf0npserver_system_r2312wf0nprserver_system_r2224wfqzsserver_board_s2600stbrserver_system_r1208wfqysrserver_system_r2312wftzsserver_board_s2600wfqrserver_board_s2600stqserver_system_r2224wftzscompute_module_hns2600bpqrserver_system_r2208wf0zsrcompute_module_hns2600bpbrserver_system_r2308wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_r2208wftzsrserver_system_r1208wftysrserver_system_r2208wftzsserver_board_s2600bpbrcompute_module_hns2600bpq24rserver_system_r2224wftzsrbaseboard_management_controller_firmwareserver_board_s2600wftrserver_board_s2600wf0Intel(R) Server Boards, Server Systems and Compute Modules
CWE ID-CWE-787
Out-of-bounds Write
CVE-2010-0560
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.10% / 27.50%
||
7 Day CHG~0.00%
Published-08 Feb, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the BIOS in Intel Desktop Board DB, DG, DH, DP, and DQ Series allows local administrators to execute arbitrary code in System Management Mode (SSM) via unknown attack vectors.

Action-Not Available
Vendor-n/aIntel Corporation
Product-intel_desktop_boardn/a
CVE-2020-24481
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.26%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:45
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions for the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartusIntel(R) Quartus Prime Pro and Standard edition software
CVE-2020-24456
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:56
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the Intel(R) Board ID Tool version v.1.01 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-board_id_toolIntel(R) Board ID Tool
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2018-3703
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-10 Jan, 2019 | 20:00
Updated-16 Sep, 2024 | 16:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in the installer for the Intel(R) SSD Data Center Tool for Windows before v3.0.17 may allow authenticated users to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-Microsoft CorporationIntel Corporation
Product-windowsssd_data_center_toolIntel(R) SSD Data Center Tool for Windows
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-12208
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.6||HIGH
EPSS-0.40% / 59.95%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-17 Sep, 2024 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access.

Action-Not Available
Vendor-Intel Corporation
Product-server_platform_services_firmwareconverged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-3645
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.49%
||
7 Day CHG~0.00%
Published-03 Apr, 2018 | 21:00
Updated-16 Sep, 2024 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Escalation of privilege in all versions of the Intel Remote Keyboard allows a local attacker to inject keystrokes into another remote keyboard session.

Action-Not Available
Vendor-Intel Corporation
Product-remote_keyboard_mobile_appremote_keyboardIntel Remote Keyboard
CVE-2018-3652
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.6||HIGH
EPSS-0.14% / 35.42%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces.

Action-Not Available
Vendor-Intel Corporation
Product-xeon_e3_1275_v5xeon_e3_1270_v6xeon_e3_1268l_v5xeon_e3_1501l_v6xeon_e3_1240_v6xeonxeon_e3_1240_v5xeon_e3_1270_v5xeon_e3_1240l_v5xeon_e3_1280_v5xeon_e3_1245_v6xeon_e3_1220_v6xeon_e3_1225_v5xeon_e3_1505m_v5xeon_bronze_3106xeon_e3_1230_v5xeon_e3_1220_v5xeon_e3_1235l_v5xeon_e3_1505l_v5xeon_e3_1501m_v6xeon_e3_1260l_v5xeon_e3_1275_v6xeon_silverxeon_e3_1225_v6xeon_goldxeon_platinumatom_cxeon_bronze_3104xeon_e3_1230_v6xeon_e3_1280_v6xeon_e3xeon_e3_1245_v5xeon_e3_1285_v6xeon_e3_1505l_v6Intel Xeon Processor
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-3667
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.63%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed files incorrectly, allowing for execution of arbitrary code and potential privilege escalation.

Action-Not Available
Vendor-Intel Corporation
Product-processor_diagnostic_toolIntel Processor Diagnostic Tool
CWE ID-CWE-1188
Initialization of a Resource with an Insecure Default
CVE-2018-3682
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.05% / 13.83%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS.

Action-Not Available
Vendor-Intel Corporation
Product-hns2600tp24strbbs2600bpbr1208wftysr1304wf0yshns2600tprhns7200apr2224wfqzshns2600bpqbbs2600stqs2600tpnrs2600kptrhns2600bpblcr2208wttyc1rr2208wt2ysrbbs2600stbr2208wf0zsr2208wftzsdbs2600cw2rdbs2600cwtrr2312wf0npr2312wttysrs2600stbs2600wtts1rr2224wftzsr1208wt2gsrs2600wt2rhns2600kpfrhns2600kprr1304wttgsrbbs7200apbbs2600bpshns2600bpsr2208wfqzshns2600bpb24bbs7200aplhns2600bps24hns2600tpfrs2600wfohns2600bpq24hns2600bpblc24r2312wfqzss2600wttrr2224wttysrr1208wttgsrhns2600tpnrr1304wt2gsrhns2600bpbs2600tprr1304wftyshns7200aprls2600tptrr2208wttysrs2600stqr2308wftzsdbs2600cwtsrhns7200aprs7200aprhns2600tp24srdbs2600cw2srhns7200aplhns2600tp24rs2600kprbmc_firmwares2600wfqr2308wttysrbbs2600bpqs2600kpfrs2600tpfrs2600wftr2312wftzsIntel Server Boards, Compute Modules and Systems
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-3688
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.68%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted service paths in Intel Quartus Prime Programmer and Tools in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-quartus_prime_programmer_and_toolsIntel Quartus Prime Programmer and Tools
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2018-3627
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.26% / 49.07%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.

Action-Not Available
Vendor-Intel CorporationNetApp, Inc.
Product-xeon_e3_1270_v6xeon_e3_1275_v6xeon_e3_1240_v6element_software_management_nodexeon_e3_1225_v6xeon_e3_1240_v5xeon_e3_1270_v5xeon_e3_1240l_v5xeon_e3_1280_v5xeon_e3_1245_v6xeon_wcore_i7xeon_e3_1220_v6core_i3xeon_e3_1225_v5xeon_e3_1230_v5converged_security_management_engine_firmwarexeon_e3_1220_v5xeon_e3_1230_v6core_i5xeon_e3_1235l_v5core_i9xeon_e3_1245_v5xeon_e3_1280_v6xeon_e3_1285_v6xeon_e3_1260l_v5Intel Converged Security Management Engine (Intel CSME)
CVE-2018-3683
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.68%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted service paths in Intel Quartus Prime in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-quartus_primeIntel Quartus Prime
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2018-3635
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 23.20%
||
7 Day CHG~0.00%
Published-14 Nov, 2018 | 14:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access.

Action-Not Available
Vendor-Intel Corporation
Product-rapid_storage_technologyIntel Rapid Store Technology
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-3650
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-01 Aug, 2018 | 15:00
Updated-17 Sep, 2024 | 02:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector.

Action-Not Available
Vendor-Intel Corporation
Product-distribution_for_pythonIntel Distribution for Python
CWE ID-CWE-20
Improper Input Validation
CVE-2018-3686
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.16% / 37.70%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Code injection vulnerability in INTEL-SA-00086 Detection Tool before version 1.2.7.0 may allow a privileged user to potentially execute arbitrary code via local access.

Action-Not Available
Vendor-Intel Corporation
Product-sa-00086_detection_toolINTEL-SA-00086 Detection Tool
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2018-3687
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.68%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted service paths in Intel Quartus II Programmer and Tools in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-quartus_ii_programmer_and_toolsIntel Quartus II Programmer and Tools
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2018-3612
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.66%
||
7 Day CHG~0.00%
Published-10 May, 2018 | 22:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Intel NUC kits with insufficient input validation in system firmware, potentially allows a local attacker to elevate privileges to System Management Mode (SMM).

Action-Not Available
Vendor-n/aIntel Corporation
Product-dnkbli30.86agkaplcpx.86arybdwi35.86aayaplcel.86akyskli70.86abnkbl357.86afybyt10h.86asyskli35.86amybdwi30.86accsklm30.86amkkbly35.86adnkbli5v.86amkkbli5v.86abiosccsklm5v.86amybdwi5v.86atybyt10h.86adnkbli7v.86an/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-3638
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.45%
||
7 Day CHG~0.00%
Published-03 Apr, 2018 | 21:00
Updated-17 Sep, 2024 | 00:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Escalation of privilege in all versions of the Intel Remote Keyboard allows an authorized local attacker to execute arbitrary code as a privileged user.

Action-Not Available
Vendor-Intel Corporation
Product-remote_keyboard_mobile_appremote_keyboardIntel Remote Keyboard
CVE-2018-3668
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.54%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted service paths in Intel Processor Diagnostic Tool (IPDT) before version 4.1.0.27 allows a local attacker to potentially execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-processor_diagnostic_toolIntel Processor Diagnostic Tool
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2018-3659
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.20% / 42.20%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-17 Sep, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may allow an unauthenticated user to potentially disclose information via physical access.

Action-Not Available
Vendor-Intel Corporation
Product-converged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) Platform Trust Technology (PTT)
CVE-2018-3700
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 34.19%
||
7 Day CHG~0.00%
Published-18 Feb, 2019 | 17:00
Updated-16 Sep, 2024 | 22:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Code injection vulnerability in the installer for Intel(R) USB 3.0 eXtensible Host Controller Driver for Microsoft Windows 7 before version 5.0.4.43v2 may allow a user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-windows_7usb_3.0_extensible_host_controller_drivern/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2018-3701
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.23%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in the installer for Intel(R) PROSet/Wireless WiFi Software version 20.100 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset\/wireless_wifiIntel(R) PROSet/Wireless WiFi Software Advisory
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-3643
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.21% / 43.19%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 23:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-server_platform_services_firmwareconverged_security_management_engine_firmwareIntel(R) Converged Security and Management Engine (CSME) and Intel(R) Server Platform Services firmware
CVE-2018-18097
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-13 Dec, 2018 | 23:00
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-solid_state_drive_toolboxIntel Solid State Drive Toolbox
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-18095
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.19% / 41.12%
||
7 Day CHG~0.00%
Published-11 Jul, 2019 | 20:31
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication in firmware for Intel(R) SSD DC S4500 Series and Intel(R) SSD DC S4600 Series before SCV10150 may allow an unprivileged user to potentially enable escalation of privilege via physical access.

Action-Not Available
Vendor-Intel Corporation
Product-ssd_dc_s4600_firmwaressd_dc_s4500ssd_dc_s4600ssd_dc_s4500_firmwareIntel(R) SSD DC S4500/S4600 Series
CWE ID-CWE-287
Improper Authentication
CVE-2018-18094
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.98%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 17:01
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in installer for Intel(R) Media SDK before 2018 R2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-media_sdkIntel(R) Media SDK Advisory
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-44454
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus(R) Prime Pro Edition
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11109
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.10% / 28.21%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:09
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aF5, Inc.Intel Corporation
Product-big-ip_i7800big-ip_10250vbig-ip_i7600big-ip_i10600_firmwarebig-ip_i15800_firmwarebig-ip_i7800_firmwarebig-ip_b4340n_firmwarebig-ip_12250vbig-ip_10150v-n_firmwarebig-ip_application_acceleration_managerbig-ip_fraud_protection_servicebig-ip_10350v-n_firmwarebig-ip_policy_enforcement_managerserver_platform_services_firmwarebig-ip_local_traffic_managerbig-ip_i5800big-ip_application_security_managerbig-ip_i11800big-ip_b4300viprion_2200_firmwarebig-ip_b2250_firmwarebig-ip_i5600_firmwarebig-ip_b4300_firmwarebig-ip_10050s_firmwarebig-ip_access_policy_managerbig-ip_i11600big-ip_i15800big-ip_10350v-nbig-ip_i5800_firmwarebig-ip_10000s_firmwarebig-ip_i5600big-ip_b4340nbig-ip_i15600_firmwarebig-ip_global_traffic_managerbig-ip_b4450nbig-ip_12250v_firmwarebig-ip_analyticsbig-ip_10250v_firmwarebig-ip_10050sbig-ip_i10800big-ip_domain_name_systembig-ip_b4450n_firmwarebig-ip_i10800_firmwarebig-ip_10200v-s_firmwareviprion_2200big-ip_i15600big-ip_link_controllerbig-ip_i10600big-ip_b2250big-ip_i11800_firmwarebig-ip_i7600_firmwarebig-ip_10150v-nbig-ip_10000sbig-ip_i11600_firmwarebig-ip_10200v-sbig-ip_advanced_firewall_managerIntel(R) SPS
CVE-2021-0167
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.69%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset_ac_3165amt_wi-fi_6_ax201proset_ac_9462amt_ac_9560_firmwareproset_ac_8265killer_wi-fi_6_ax1650amt_wi-fi_6_ax201_firmwareproset_ac_3165_firmwareamt_ac_8265_firmwareproset_ac_8260proset_ac_9461_firmwareproset_wi-fi_6_ax201_firmwareproset_wi-fi_6e_ax210proset_wireless_7265_\(rev_d\)_firmwareamt_wi-fi_6_ax210_firmwareproset_wi-fi_6_ax200_firmwarekiller_wi-fi_6_ax1650_firmwareproset_wi-fi_6_ax200proset_ac_9461proset_ac_8260_firmwareamt_wi-fi_6_ax200amt_wi-fi_6_ax210amt_ac_8260_firmwareamt_ac_8260killer_ac_1550_firmwareamt_ac_9260_firmwareproset_ac_8265_firmwareproset_wireless_7265_\(rev_d\)proset_ac_9462_firmwareproset_wi-fi_6_ax201killer_wi-fi_6e_ax1675_firmwareproset_wi-fi_6e_ax210_firmwareproset_ac_9260killer_wi-fi_6e_ax1675proset_ac_9560amt_wi-fi_6_ax200_firmwareamt_ac_9260proset_ac_9260_firmwareamt_ac_8265amt_ac_9560proset_ac_9560_firmwarekiller_ac_1550proset_ac_3168proset_ac_3168_firmwareIntel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11
CVE-2021-33118
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:07
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the software installer for the Intel(R) Serial IO driver for Intel(R) NUC 11 Gen before version 30.100.2104.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-serial_io_driver_for_intel_nuc_11_genIntel(R) Serial IO driver for Intel(R) NUC 11 Gen
CVE-2021-33058
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.36%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:11
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the installer Intel(R)Administrative Tools for Intel(R) Network Adaptersfor Windowsbefore version 1.4.0.21 may allow an unauthenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-administrative_tools_for_intel_network_adaptersversion
CVE-2021-33108
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 17.23%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:35
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-in-band_manageabilityIntel(R) In-Band Manageability software
CWE ID-CWE-20
Improper Input Validation
CVE-2021-33071
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:03
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the installer for the Intel(R) oneAPI Rendering Toolkit before version 2021.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_rendering_toolkitIntel(R) oneAPI Rendering Toolkit
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-33106
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 18:35
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the Safestring library maintained by Intel(R) may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-safestring_libraryIntel(R) Safestring Library
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-33101
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.13%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) GPA software before version 21.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzersIntel(R) GPA software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-33137
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in the Intel(R) Kernelflinger project may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-kernelflingerIntel(R) Kernelflinger project
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-33059
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 17.23%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:13
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) Administrative Tools for Intel(R) Network Adapters driver for Windows before version 1.4.0.15, may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-administrative_tools_for_intel_network_adaptersIntel(R) Administrative Tools for Intel(R) Network Adapters
CWE ID-CWE-20
Improper Input Validation
CVE-2021-33080
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.37% / 57.94%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:35
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Exposure of sensitive system information due to uncleared debug information in firmware for some Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products may allow an unauthenticated user to potentially enable information disclosure or escalation of privilege via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-optane_ssd_905poptane_ssd_dc_p4800xoptane_ssd_900poptane_memory_h20_with_solid_state_storageoptane_ssd_dc_p4801xoptane_ssd_905p_firmwareoptane_ssd_p5800xoptane_memory_h20_with_solid_state_storage_firmwareoptane_ssd_dc_p4801x_firmwareoptane_ssd_dc_p4800x_firmwareoptane_ssd_p5800x_firmwareoptane_memory_h10_with_solid_state_storageoptane_memory_h10_with_solid_state_storage_firmwareoptane_ssd_900p_firmwareIntel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products
CWE ID-CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
CVE-2021-33089
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 18:56
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the software installer for the Intel(R) NUC HDMI Firmware Update Tool for NUC8i3BE, NUC8i5BE, NUC8i7BE before version 1.78.4.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_hdmi_firmware_update_toolnuc_kit_nuc8i3benuc_kit_nuc8i7benuc_kit_nuc8i5beIntel(R) NUC HDMI Firmware Update Tool for NUC8i3BE, NUC8i5BE, NUC8i7BE
CVE-2021-33062
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:10
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the software installer for the Intel(R) VTune(TM) Profiler before version 2021.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-vtune_profilerIntel(R) VTune(TM) Profiler
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-33129
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the software installer for the Intel(R) Advisor before version 2021.4.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-advisorIntel(R) Advisor
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-24515
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.15% / 35.80%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 18:48
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Protection mechanism failure in some Intel(R) RealSense(TM) IDs may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-realsense_id_f450realsense_id_f455_firmwarerealsense_id_f450_firmwarerealsense_id_f455Intel(R) RealSense(TM) IDs
CVE-2020-24489
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.05% / 15.93%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:59
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationDebian GNU/Linux
Product-core_i5-11600kfceleron_j1750core_i7-11700kfcore_i7-10870hpentium_j2850core_i5-1035g1core_i7-1068ng7core_i5-1038ng7core_i7-11700fpentium_silver_n5030core_i7-1160g7core_i5-1035g7core_i5-11500bcore_i7-10850hcore_i7-1185grecore_i7-11375hceleron_n3350core_i7-1185g7core_i7-1195g7core_i5-11500tcore_i7-10700kcore_i7-1165g7celeron_n3050celeron_j1850celeron_n5095celeron_n6210core_i5-10400fcore_i5-11600kpentium_silver_j5005core_i7-11390hcore_i5-1030g4celeron_j4115core_i7-10700tecore_i3-10300celeron_n3000core_i7-10700tcore_i3-1110g4celeron_n2807core_i5-10500core_i5-10210ucore_i7-11700kceleron_n2815pentium_j3710pentium_j2900core_i5-10200hcore_i7-10710ucore_i7-10700kfdebian_linuxceleron_n2940core_i5-1035g4core_i5-10400hcore_i7-11700celeron_n5105core_i3-10100ypentium_n3530celeron_j3455core_i5-10400tpentium_silver_n6000core_i7-11370hcore_i5-10310ucore_i9-11900tcore_i5-11400hcore_i5-10505core_i7-11700bcore_i9-11900kbcore_i5-1030g7celeron_n4500core_i3-10305celeron_n2820core_i3-1000ng4core_i5-11600tpentium_n6415core_i7-11850hcore_i9-11900core_i3-1000g1core_i7-10510yceleron_j3160core_i9-11900fcore_i3-10110ucore_i7-11800hceleron_n3150celeron_n4100celeron_n2805celeron_n2806core_i9-11980hkcore_i5-10600kceleron_n3060atom_x5-e3940core_i5-10400core_i5-1155g7core_i3-10105fcore_i5-10500tecore_i9-10900kfcore_i3-10105core_i3-11100bpentium_n4200core_i9-11950hcore_i5-11600core_i5-10300hcore_i5-l16g7celeron_n4120core_i5-1130g7celeron_n3350ecore_i3-1120g4core_i9-10980hkcore_i7-1060ng7pentium_silver_a1030core_i7-11700tcore_i5-10310yceleron_n3010core_i7-10510uceleron_n2840pentium_j6426core_i5-10500hcore_i3-10100eceleron_n2808core_i5-1030ng7celeron_j4025celeron_n2910core_i7-1060g7core_i9-10900celeron_n2930core_i9-11900hpentium_j4205core_i5-11320hcore_i7-10810upentium_n3510core_i9-11900kceleron_j6413core_i3-10100tcore_i3-1115grecore_i5-11500hcore_i9-10900ecore_i9-10850kcore_i7-10610ucore_i3-10100fpentium_n3700core_i9-10900kceleron_n2920core_i5-10600core_i9-10900fpentium_n3520core_i5-11260hcore_i7-10700core_i3-1115g4eceleron_j3060pentium_silver_n6005celeron_n3160celeron_n6211core_i3-10100tecore_i9-10910core_i3-10105tcore_i9-10885hcore_i5-11400tcore_i7-10700fcore_i5-11300hpentium_silver_n5000core_i9-11900kfcore_i3-10325celeron_n4000ccore_i3-1125g4core_i5-1145g7pentium_n3540celeron_n4000celeron_j3455eceleron_n2830core_i5-1145g7ecore_i7-10750hpentium_n4200ecore_i3-10320core_i9-10900tcore_i3-1000g4core_i7-10875hcore_i3-10300tceleron_n3450celeron_n5100core_i5-11500core_i5-1135g7pentium_n3710celeron_n4020celeron_j4105celeron_j6412core_i3-l13g4core_i3-10100celeron_n2810celeron_j1800celeron_j1900core_i3-1115g4core_i5-10500tceleron_n4505core_i7-1185g7ecore_i5-10210ycore_i5-1140g7core_i3-1005g1celeron_j4005celeron_n4020ccore_i5-10500eatom_x5-e3930celeron_j3355atom_x7-e3950core_i3-10305tcore_i5-11400core_i5-10600tcore_i7-1065g7core_i3-10110ypentium_silver_j5040core_i5-10600kfcore_i5-11400fcore_i9-10900tecore_i7-10700eceleron_j3355ecore_i5-1145grecore_i7-1180g7celeron_j4125Intel(R) VT-d products
CWE ID-CWE-459
Incomplete Cleanup
CVE-2020-24450
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:47
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper conditions check in some Intel(R) Graphics Drivers before versions 26.20.100.8141, 15.45.32.5145 and 15.40.46.5144 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) Graphics Drivers
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 7
  • 8
  • Next
Details not found