Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-0131

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-18 Dec, 2019 | 21:08
Updated At-04 Aug, 2024 | 17:44
Rejected At-
Credits

Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:18 Dec, 2019 | 21:08
Updated At:04 Aug, 2024 | 17:44
Rejected At:
▼CVE Numbering Authority (CNA)

Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.

Affected Products
Vendor
n/a
Product
Intel(R) AMT
Versions
Affected
  • See provided reference
Problem Types
TypeCWE IDDescription
textN/ADenial of Service, Information Disclosure
Type: text
CWE ID: N/A
Description: Denial of Service, Information Disclosure
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html
x_refsource_MISC
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html
x_refsource_MISC
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:18 Dec, 2019 | 22:15
Updated At:02 Jan, 2020 | 18:33

Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.1HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Primary2.04.8MEDIUM
AV:A/AC:L/Au:N/C:P/I:N/A:P
Type: Primary
Version: 3.1
Base score: 8.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Type: Primary
Version: 2.0
Base score: 4.8
Base severity: MEDIUM
Vector:
AV:A/AC:L/Au:N/C:P/I:N/A:P
CPE Matches
Intel Corporation
intel
>>active_management_technology_firmware>>Versions from 11.0(inclusive) to 11.8.70(exclusive)
cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>active_management_technology_firmware>>Versions from 11.10(inclusive) to 11.11.70(exclusive)
cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>active_management_technology_firmware>>Versions from 11.20(inclusive) to 11.22.70(exclusive)
cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>active_management_technology_firmware>>Versions from 12.0(inclusive) to 12.0.45(exclusive)
cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.htmlsecure@intel.com
Vendor Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html
Source: secure@intel.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

265Records found
CVE-2019-11100
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.28% / 50.84%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:09
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11103
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.70%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwareIntel(R) CSME
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11114
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 15.00%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-driver_\&_support_assistantIntel(R) Driver & Support Assistant
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11123
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.84%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient session validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_stick_stk2mv64cccompute_stick_stck1a32wfccompute_stick_firmwarecompute_card_cd1iv128mkcompute_card_firmwarenuc_kit_nuc8i3bexnuc_kit_firmwarecompute_card_cd1c64gkcompute_stick_stck1a8lfccompute_card_cd1m3128mkcompute_stick_stk2m364cccompute_card_cd1p64gkcompute_stick_stk2m3w64ccIntel(R) NUC Firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11102
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.14% / 34.27%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:09
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) DAL software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-dynamic_application_loadertrusted_execution_engine_firmwareIntel(R) DAL software for Intel(R) CSME
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11107
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 63.64%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:09
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11180
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.90% / 75.50%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:38
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hpcr1304wftysrbbs2600bpbhns2600bpb24rhpcr2208wf0zsrr1304wftysrhpcr2208wftzsrr2208wftzsrr2208wf0zsrr1208wftysr1304wf0ysr2224wfqzshns2600bpqbbs2600stqhpcr2312wftzsrhns2600bpbrhpcr2224wftzsrhns2600bpblchpcr2208wftzsrxbbs2600stbr2208wf0zsr2208wftzshns2600bpsrr1208wftysrr2208wftzsrxbbs2600stbrhns2600bpbrxr2312wf0nphns2600bpblcrs2600stbr2224wftzsrr2208wfqzsrr2224wftzsbbs2600bpqrbbs2600stqrr2208wfqzsbbs2600bpshns2600bpshpcr2312wf0nprhns2600bpq24rhns2600bpb24hns2600bps24hns2600bpq24hns2600bpblc24r2312wfqzshpcr1208wftysrs9256wk1hlchpchns2600bpsrbbs2600bpsrr2312wf0nprs2600stbrs2600wftrhns2600bpbhpcr2208wfqzsrs9248wk2hlcr1304wftysbbs2600bpbrs9248wk2hachpcr1208wfqysrhns2600bpblc24rs2600wf0rs2600stqrs9232wk1hlcs2600stqs9232wk2hacr2308wftzss9248wk1hlcs2600wfqrhpcr2308wftzsrr1208wfqysrhpchns2600bpbrr2312wftzsrr2308wftzsrhpcr1304wf0ysrhpchns2600bpqrs2600wf0hns2600bps24rs9232wk2hlchns2600bpqrs2600wfqbbs2600bpqr1304wf0ysrbaseboard_management_controller_firmwares2600wfthns2600bpb24rxr2312wftzsIntel(R) BMC
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0165
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.13% / 33.19%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwareIntel(R) CSME
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0115
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 31.50%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driverIntel(R) Graphics Driver KMD module
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0092
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.06% / 17.69%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) Active Management Technology (AMT)
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0147
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 16.52%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:23
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_x710-at2_firmwareethernet_controller_x710-tm4_firmwareethernet_controller_x710-bm2_firmwareethernet_controller_710-bm1ethernet_controller_xxv710-am2ethernet_controller_xxv710-am1_firmwareethernet_controller_xxv710-am1ethernet_controller_x710-bm2ethernet_controller_xxv710-am2_firmwareethernet_700_series_softwareethernet_controller_x710-at2ethernet_controller_710-bm1_firmwareethernet_controller_x710-tm42019.2 IPU – Intel(R) Ethernet 700 Series Controllers
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0166
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.93% / 75.88%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0157
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 25.13%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the Intel(R) SGX driver for Linux may allow an authenticated user to potentially enable a denial of service via local access.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncIntel Corporation
Product-software_guard_extensions_data_center_attestation_primitiveslinux_kernelsoftware_guard_extensionsIntel(R) SGX for Linux
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0168
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.14% / 34.27%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) CSME, Intel(R) TXE
CWE ID-CWE-20
Improper Input Validation
CVE-2023-36860
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.6||HIGH
EPSS-0.22% / 44.56%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel CorporationApple Inc.Google LLCMicrosoft Corporation
Product-androidwindowsunison_softwareiphone_osIntel Unison software
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0097
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.30% / 52.85%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) Active Management Technology (AMT)
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0149
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.15% / 35.10%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:24
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_x710-at2_firmwareethernet_controller_x710-tm4_firmwareethernet_controller_x710-bm2_firmwareethernet_controller_710-bm1ethernet_controller_xxv710-am2ethernet_controller_xxv710-am1_firmwareethernet_controller_xxv710-am1ethernet_controller_x710-bm2ethernet_controller_xxv710-am2_firmwareethernet_700_series_softwareethernet_controller_x710-at2ethernet_controller_710-bm1_firmwareethernet_controller_x710-tm42019.2 IPU – Intel(R) Ethernet 700 Series Controllers
CWE ID-CWE-20
Improper Input Validation
CVE-2018-3634
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 16.19%
||
7 Day CHG~0.00%
Published-15 May, 2018 | 14:00
Updated-16 Sep, 2024 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Parameter corruption in NDIS filter driver in Intel Online Connect Access 1.9.22.0 allows an attacker to cause a denial of service via local access.

Action-Not Available
Vendor-Intel Corporation
Product-online_connect_accessOnline Connect Access
CWE ID-CWE-20
Improper Input Validation
CVE-2018-3611
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.38% / 58.87%
||
7 Day CHG~0.00%
Published-15 May, 2018 | 14:00
Updated-16 Sep, 2024 | 23:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Bounds check vulnerability in User Mode Driver in Intel Graphics Driver 15.40.x.4 and 21.20.x.x allows unprivileged user to cause a denial of service via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel Graphics Driver
CWE ID-CWE-20
Improper Input Validation
CVE-2018-3650
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.88%
||
7 Day CHG~0.00%
Published-01 Aug, 2018 | 15:00
Updated-17 Sep, 2024 | 02:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector.

Action-Not Available
Vendor-Intel Corporation
Product-distribution_for_pythonIntel Distribution for Python
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5695
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.05% / 14.51%
||
7 Day CHG~0.00%
Published-09 Aug, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Data corruption vulnerability in firmware in Intel Solid-State Drive Consumer, Professional, Embedded, Data Center affected firmware versions LSBG200, LSF031C, LSF036C, LBF010C, LSBG100, LSF031C, LSF036C, LBF010C, LSF031P, LSF036P, LBF010P, LSF031P, LSF036P, LBF010P, LSMG200, LSF031E, LSF036E, LSMG100, LSF031E, LSF036E, LSDG200, LSF031D, LSF036D allows local users to cause a denial of service via unspecified vectors.

Action-Not Available
Vendor-Intel Corporation
Product-ssd_540s_2.5\"_firmwaressd_540s_2.5\"ssd_pro_5400s_m.2_firmwaressd_e_5400s_2.5\"ssd_540s_series_m.2_firmwaressd_pro_5400s_2.5\"ssd_pro_5400s_2.5\"_firmwaressd_dc_s3100_firmwaressd_pro_5400s_m.2ssd_dc_s3100ssd_e_5400s_m.2_firmwaressd_e_5400s_m.2ssd_540s_m.2ssd_e_5400s_2.5\"_firmwareSolid-State Drive Consumer, Professional, Embedded, Data Center
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5699
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.74%
||
7 Day CHG~0.00%
Published-18 Jan, 2018 | 02:00
Updated-16 Sep, 2024 | 17:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Input validation error in Intel MinnowBoard 3 Firmware versions prior to 0.65 allow local attacker to cause denial of service via UEFI APIs.

Action-Not Available
Vendor-Intel Corporation
Product-minnowboard_3_firmwareminnowboard_3MinnowBoard 3
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5721
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-3.99% / 88.23%
||
7 Day CHG~0.00%
Published-11 Oct, 2017 | 00:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory.

Action-Not Available
Vendor-Intel Corporation
Product-nuc7i3bnhnuc7i3bnk_firmwarenuc7i3bnh_firmwarenuc7i3bnknuc7i7bnh_firmwarenuc7i7bnhnuc7i5bnknuc7i5bnh_firmwarenuc7i5bnhnuc7i5bnk_firmwareNUC Kits
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14566
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.41%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:46
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access.

Action-Not Available
Vendor-Linux Kernel Organization, IncIntel CorporationMicrosoft Corporation
Product-windowssoftware_guard_extensions_sdklinux_kernel2019.2 IPU – Intel(R) SGX
CWE ID-CWE-20
Improper Input Validation
CVE-2022-37336
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.9||HIGH
EPSS-0.03% / 6.73%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-02 Oct, 2024 | 13:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in BIOS firmware for some Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_10_performance_kit_nuc10i3fnhfnuc_10_performance_kit_nuc10i5fnhj_firmwarenuc_10_performance_kit_nuc10i3fnk_firmwarenuc_10_performance_kit_nuc10i7fnh_firmwarenuc_10_performance_kit_nuc10i7fnkn_firmwarenuc_10_performance_kit_nuc10i7fnhc_firmwarenuc_10_performance_mini_pc_nuc10i3fnhja_firmwarenuc_10_performance_kit_nuc10i7fnhnuc_10_performance_kit_nuc10i5fnhf_firmwarenuc_10_performance_mini_pc_nuc10i5fnhcanuc_10_performance_kit_nuc10i5fnhnuc_10_performance_kit_nuc10i7fnk_firmwarenuc_10_performance_kit_nuc10i5fnk_firmwarenuc_10_performance_kit_nuc10i3fnknuc_10_performance_kit_nuc10i7fnhnnuc_10_performance_mini_pc_nuc10i5fnkpanuc_10_performance_kit_nuc10i7fnknnuc_10_performance_kit_nuc10i5fnhjnuc_10_performance_mini_pc_nuc10i7fnhaanuc_10_performance_kit_nuc10i5fnh_firmwarenuc_10_performance_kit_nuc10i5fnhfnuc_10_performance_kit_nuc10i5fnkp_firmwarenuc_10_performance_kit_nuc10i5fnkpnuc_10_performance_kit_nuc10i5fnhnnuc_10_performance_mini_pc_nuc10i7fnkpa_firmwarenuc_10_performance_kit_nuc10i3fnhnuc_10_performance_mini_pc_nuc10i7fnhja_firmwarenuc_10_performance_mini_pc_nuc10i7fnkpanuc_10_performance_kit_nuc10i3fnhn_firmwarenuc_10_performance_mini_pc_nuc10i5fnhca_firmwarenuc_10_performance_mini_pc_nuc10i3fnhjanuc_10_performance_kit_nuc10i5fnknuc_10_performance_kit_nuc10i7fnkpnuc_10_performance_kit_nuc10i3fnhnnuc_10_performance_mini_pc_nuc10i7fnhjanuc_10_performance_kit_nuc10i7fnkp_firmwarenuc_10_performance_kit_nuc10i3fnhf_firmwarenuc_10_performance_mini_pc_nuc10i3fnhfa_firmwarenuc_10_performance_kit_nuc10i7fnhcnuc_10_performance_mini_pc_nuc10i7fnhaa_firmwarenuc_10_performance_kit_nuc10i7fnhn_firmwarenuc_10_performance_kit_nuc10i3fnh_firmwarenuc_10_performance_kit_nuc10i7fnknuc_10_performance_mini_pc_nuc10i5fnhjanuc_10_performance_mini_pc_nuc10i5fnkpa_firmwarenuc_10_performance_kit_nuc10i5fnknnuc_10_performance_mini_pc_nuc10i3fnhfanuc_10_performance_kit_nuc10i3fnkn_firmwarenuc_10_performance_mini_pc_nuc10i5fnhja_firmwarenuc_10_performance_kit_nuc10i5fnkn_firmwarenuc_10_performance_kit_nuc10i5fnhn_firmwarenuc_10_performance_kit_nuc10i3fnknIntel(R) NUC
CWE ID-CWE-20
Improper Input Validation
CVE-2022-37327
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.05% / 16.62%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in BIOS firmware for Intel(R) NUC, Intel(R) NUC Performance Kit, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute Element, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element, Intel(R) NUC Extreme, Intel(R) NUC 12 Extreme Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Enthusiast, Intel(R) NUC Essential, Intel(R) NUC Laptop Kit, Intel(R) NUC Extreme Compute Element, Intel(R) NUC Boards, Intel(R) NUC Pro Compute Element, Intel(R) NUC Rugged may allow a privileged user to enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-laprc510_firmwarenuc10i7fnhaa_firmwarecm8i3cb4nnuc12wski7nuc10i7fnk_firmwarenuc12wshi5elm12hbcnuc11tnhi3elm12hbc_firmwarenuc8cchbnuc11tnbi3elm12hbi5nuc11tnhi50z_firmwarenuc10i3fnhfnuc10i5fnhnnuc11tnki3_firmwarelapkc71f_firmwarenuc9vxqnx_firmwarenuc12wshi50z_firmwarenuc10i7fnhcnuc11tnbi5_firmwarenuc10i5fnknuc8i3pnh_firmwarenuc10i3fnkn_firmwarenuc11tnhi70qnuc11tnhi50w_firmwarenuc8cchkrn_firmwarenuc10i3fnhnuc11tnbi50z_firmwarelaprc710nuc10i5fnhjnuc10i3fnklapac71gnuc11atkpenuc11tnki70z_firmwarenuc9v7qnx_firmwarenuc12wski7_firmwarenuc12wsbi50z_firmwarenuc9vxqnxnuc11atkc4nuc11tnhi70z_firmwarenuc11atkpe_firmwarenuc10i5fnkpanuc10i3fnk_firmwarenuc10i5fnh_firmwarenuc12wski70znuc11tnhi50znuc12wsbi70zcm8i3cb4n_firmwarenuc10i3fnhnnuc8cchb_firmwarenuc11tnhi50lcm8ccb4r_firmwarenuc11tnki7nuc12wshi3_firmwarenuc11tnki30z_firmwarecm11ebc4w_firmwarenuc9vxqnbnuc11atkc4_firmwarelapbc710cm11ebi58w_firmwarecm11ebc4wnuc11btmi9nuc11tnbi70znuc12edbi7_firmwarenuc11tnhi3_firmwarenuc12wshi70zelm12hbi3_firmwarenuc11tnki7_firmwarenuc11tnbi5laprc710_firmwarenuc12wshi50znuc11tnhi70l_firmwarenuc11tnbi30z_firmwarenuc12wshi3nuc10i3fnhfanuc10i5fnhj_firmwarenuc10i7fnkn_firmwarenuc12wsbi3_firmwarenuc12wshi30lnuc12wshi30z_firmwarenuc12snki72vanuc11tnhi5nuc8cchkrnnuc10i7fnknnuc12wsbi70z_firmwarenuc12wski70z_firmwarenuc11atbc4_firmwarenuc12wsbi30znuc8i3pnb_firmwarenuc8i3pnbnuc12wsbi3nuc8cchkrnuc10i3fnhfa_firmwarenuc12wshi7cm11ebi38w_firmwarenuc11tnhi70lnuc10i5fnhf_firmwarenuc8i3pnhnuc11tnbi3_firmwareelm12hbi5_firmwarenuc10i5fnk_firmwarenuc11tnki50znuc11tnki70znuc8cchbnnuc11tnbi50znuc10i7fnknuc12dcmi7nuc11tnhi30p_firmwarenuc10i7fnhn_firmwarenuc11tnhi30llapbc710_firmwarelapkc51enuc8cchkr_firmwarenuc10i3fnhn_firmwarecm8ccb4rnuc10i5fnkn_firmwarelapkc71e_firmwareelm12hbi7_firmwarenuc12wski30znuc10i3fnhjanuc10i5fnhjanuc10i7fnhja_firmwarenuc12wsbi30z_firmwarecm8i5cb8nnuc12wshi5_firmwarenuc12wski5_firmwarenuc11atbc4nuc11dbbi7_firmwarenuc9vxqnb_firmwarenuc9v7qnbcm8pcb4r_firmwarenuc10i7fnhc_firmwarenuc8i3pnk_firmwarenuc12snki72va_firmwarelapbc510nuc10i3fnhja_firmwarenuc12edbi7lapac71h_firmwarenuc12wsbi50znuc11tnki50z_firmwarenuc11dbbi7cm8i5cb8n_firmwarenuc12dcmi9_firmwarenuc12wski5elm12hbi7lapac71hnuc10i5fnhja_firmwarenuc10i7fnkpanuc10i7fnh_firmwarenuc12wski50z_firmwarenuc11tnbi7nuc10i5fnkpnuc10i7fnhnnuc12wski3_firmwarecm8pcb4rnuc10i5fnkpa_firmwarenuc11dbbi9nuc11phki7caa_firmwarenuc8i3pnknuc11tnki5_firmwarenuc11tnbi30znuc12snki72_firmwareelm12hbi3nuc11tnki30zcm8i7cb8n_firmwarelaprc510cm11ebi38wnuc12wshi70z_firmwarenuc10i7fnhjacm8i7cb8nnuc12wsbi5_firmwarenuc10i7fnkpa_firmwarenuc12wski3nuc11tnbi7_firmwarenuc11tnhi70znuc12wshi30l_firmwarenuc12dcmi9nuc11tnhi5_firmwarenuc11tnbi70z_firmwarelapkc71flapkc51e_firmwarenuc11tnhi30pnuc11tnhi70q_firmwarecm11ebi716wnuc11tnki5nuc9v7qnb_firmwarenuc10i5fnhfnuc8cchbn_firmwarenuc11atkc2_firmwarelapbc510_firmwarenuc12snki72nuc12edbi9_firmwarenuc11phki7c_firmwarenuc11tnhi50wnuc11tnhi7cm11ebi716w_firmwarenuc10i5fnhnuc12edbi9nuc12wsbi5nuc10i5fnhca_firmwarenuc10i5fnkncm11ebi58wnuc11dbbi9_firmwarenuc11atkc2nuc11tnhi30znuc10i5fnkp_firmwarenuc10i7fnhnuc11tnhi50l_firmwarenuc9v7qnxlapac71g_firmwarenuc12dcmi7_firmwarenuc10i3fnknnuc10i7fnhaalapkc71enuc10i5fnhn_firmwarenuc11phki7cnuc12wski30z_firmwarenuc11tnhi30l_firmwarenuc10i7fnkpnuc12wski50znuc11tnhi7_firmwarenuc12wshi30znuc11tnki3nuc10i3fnhf_firmwarenuc10i7fnkp_firmwarenuc11btmi7_firmwarenuc11phki7caanuc10i5fnhcanuc10i3fnh_firmwarenuc11btmi9_firmwarenuc11tnhi30z_firmwarenuc12wshi7_firmwarenuc11btmi7Intel(R) NUC, Intel(R) NUC Performance Kit, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute Element, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element, Intel(R) NUC Extreme, Intel(R) NUC 12 Extreme Compute Element, Intel(R) NUC Laptop Kit, Intel(R) NUC Enthusiast, Intel(R) NUC Essential, Intel(R) NUC Laptop Kit, Intel(R) NUC Extreme Compute Element, Intel(R) NUC Boards, Intel(R) NUC Pro Compute Element, Intel(R) NUC Rugged
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11128
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 23.07%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_stick_stk2mv64cccompute_stick_stck1a32wfccompute_stick_firmwarecompute_card_cd1iv128mkcompute_card_firmwarenuc_kit_nuc8i3bexnuc_kit_firmwarecompute_card_cd1c64gkcompute_stick_stck1a8lfccompute_card_cd1m3128mkcompute_stick_stk2m364cccompute_card_cd1p64gkcompute_stick_stk2m3w64ccIntel(R) NUC Firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11108
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 35.65%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:10
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwareIntel(R) CSME
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11094
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.41%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_dn2820fykhnuc_kit_d54250wybnuc_kit_nuc7cjyhnuc_kit_nuc5i7ryhnuc_kit_nuc6i7kyknuc_kit_de3815tybenuc_kit_nuc8i7hnknuc_kit_nuc5cpyhnuc_kit_nuc7i7bnhnuc_kit_d33217gkenuc_kit_nuc6caysnuc_kit_nuc5pgyhnuc_kit_nuc5i5myhenuc_kit_d53427rkenuc_kit_nuc7i3dnhenuc_kit_nuc6i5syhnuc_kit_nuc7i5dnkenuc_kit_firmwarenuc_kit_nuc5i3myhenuc_kit_nuc7i7dnkeIntel (R) NUC
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11175
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.88% / 75.11%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:37
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hpcr1304wftysrbbs2600bpbhns2600bpb24rhpcr2208wf0zsrr1304wftysrhpcr2208wftzsrr2208wftzsrr2208wf0zsrr1208wftysr1304wf0ysr2224wfqzshns2600bpqbbs2600stqhpcr2312wftzsrhns2600bpbrhpcr2224wftzsrhns2600bpblchpcr2208wftzsrxbbs2600stbr2208wf0zsr2208wftzshns2600bpsrr1208wftysrr2208wftzsrxbbs2600stbrhns2600bpbrxr2312wf0nphns2600bpblcrs2600stbr2224wftzsrr2208wfqzsrr2224wftzsbbs2600bpqrbbs2600stqrr2208wfqzsbbs2600bpshns2600bpshpcr2312wf0nprhns2600bpq24rhns2600bpb24hns2600bps24hns2600bpq24hns2600bpblc24r2312wfqzshpcr1208wftysrs9256wk1hlchpchns2600bpsrbbs2600bpsrr2312wf0nprs2600stbrs2600wftrhns2600bpbhpcr2208wfqzsrs9248wk2hlcr1304wftysbbs2600bpbrs9248wk2hachpcr1208wfqysrhns2600bpblc24rs2600wf0rs2600stqrs9232wk1hlcs2600stqs9232wk2hacr2308wftzss9248wk1hlcs2600wfqrhpcr2308wftzsrr1208wfqysrhpchns2600bpbrr2312wftzsrr2308wftzsrhpcr1304wf0ysrhpchns2600bpqrs2600wf0hns2600bps24rs9232wk2hlchns2600bpqrs2600wfqbbs2600bpqr1304wf0ysrbaseboard_management_controller_firmwares2600wfthns2600bpb24rxr2312wftzsIntel(R) BMC
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11179
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.39% / 59.42%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:38
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hpcr1304wftysrbbs2600bpbhns2600bpb24rhpcr2208wf0zsrr1304wftysrhpcr2208wftzsrr2208wftzsrr2208wf0zsrr1208wftysr1304wf0ysr2224wfqzshns2600bpqbbs2600stqhpcr2312wftzsrhns2600bpbrhpcr2224wftzsrhns2600bpblchpcr2208wftzsrxbbs2600stbr2208wf0zsr2208wftzshns2600bpsrr1208wftysrr2208wftzsrxbbs2600stbrhns2600bpbrxr2312wf0nphns2600bpblcrs2600stbr2224wftzsrr2208wfqzsrr2224wftzsbbs2600bpqrbbs2600stqrr2208wfqzsbbs2600bpshns2600bpshpcr2312wf0nprhns2600bpq24rhns2600bpb24hns2600bps24hns2600bpq24hns2600bpblc24r2312wfqzshpcr1208wftysrs9256wk1hlchpchns2600bpsrbbs2600bpsrr2312wf0nprs2600stbrs2600wftrhns2600bpbhpcr2208wfqzsrs9248wk2hlcr1304wftysbbs2600bpbrs9248wk2hachpcr1208wfqysrhns2600bpblc24rs2600wf0rs2600stqrs9232wk1hlcs2600stqs9232wk2hacr2308wftzss9248wk1hlcs2600wfqrhpcr2308wftzsrr1208wfqysrhpchns2600bpbrr2312wftzsrr2308wftzsrhpcr1304wf0ysrhpchns2600bpqrs2600wf0hns2600bps24rs9232wk2hlchns2600bpqrs2600wfqbbs2600bpqr1304wf0ysrbaseboard_management_controller_firmwares2600wfthns2600bpb24rxr2312wftzsIntel(R) BMC
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0094
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.08% / 23.36%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) Active Management Technology (AMT)
CWE ID-CWE-20
Improper Input Validation
CVE-2023-34983
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.05% / 14.57%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:37
Updated-29 Oct, 2024 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-killer_wi-fi_6e_ax1690proset\/wirelesskillerwi-fi_6_ax201wi-fi_6e_ax211killer_wi-fi_6e_ax1675wi-fi_6e_ax210wi-fi_6_ax200wi-fi_6e_ax411killer_wi-fi_6_ax1650Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software
CWE ID-CWE-20
Improper Input Validation
CVE-2023-34431
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.06% / 17.75%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:05
Updated-30 Aug, 2024 | 17:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) Server Board BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bps24compute_module_hns2600bpblc24rserver_board_s2600bpsserver_board_s2600bpqrcompute_module_hns2600bps_firmwarecompute_module_hns2600bpq24_firmwarecompute_module_hns2600bpq_firmwarecompute_module_hns2600bpblc24_firmwareserver_board_s2600bpqr_firmwareserver_system_vrn2224bphy6compute_module_hns2600bpq24r_firmwarecompute_module_hns2600bps24rcompute_module_hns2600bpbserver_board_s2600bpb_firmwarecompute_module_hns2600bpsrcompute_module_liquid-cooled_hns2600bpbrctserver_system_m70klp4s2uhhserver_system_vrn2224bphy6_firmwarecompute_module_hns2600bpblc_firmwarecompute_module_hns2600bpblcrcompute_module_hns2600bpbr_firmwareserver_system_m20ntp1ur304server_system_vrn2224bpaf6compute_module_hns2600bpqrcompute_module_hns2600bpbrserver_system_vrn2224bpaf6_firmwarecompute_module_hns2600bpb_firmwareserver_board_m20ntp2sbserver_board_m10jnp2sb_firmwareserver_board_s2600bpbrserver_system_m70klp4s2uhh_firmwareserver_board_m70klp2sbcompute_module_hns2600bps24_firmwarecompute_module_hns2600bps24r_firmwareserver_system_zsb2224bpaf2compute_module_hns2600bpsr_firmwarecompute_module_hns2600bpb24_firmwareserver_system_mcb2208wfaf5_firmwarecompute_module_liquid-cooled_hns2600bpbrct_firmwareserver_board_s2600bpbr_firmwarecompute_module_hns2600bpqcompute_module_hns2600bpblcr_firmwareserver_board_s2600bpbcompute_module_hns2600bpblc24server_system_zsb2224bphy1_firmwareserver_system_m20ntp1ur304_firmwareserver_board_m70klp2sb_firmwarecompute_module_hns2600bpblc24r_firmwareserver_board_s2600bpqserver_board_m10jnp2sbserver_system_zsb2224bpaf1server_board_s2600bpq_firmwarecompute_module_hns2600bpblcserver_system_zsb2224bpaf1_firmwareserver_board_s2600bpsrcompute_module_hns2600bpqr_firmwareserver_board_s2600bps_firmwarecompute_module_hns2600bpsserver_board_s2600bpsr_firmwarecompute_module_hns2600bpb24server_system_zsb2224bphy1server_system_zsb2224bpaf2_firmwarecompute_module_hns2600bpq24rcompute_module_hns2600bpq24server_board_m20ntp2sb_firmwareserver_system_mcb2208wfaf5Intel(R) Server Board BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2022-36392
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.6||HIGH
EPSS-0.11% / 30.08%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:36
Updated-13 Feb, 2025 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-z370core_i7-8705gcore_i7-8665uz270core_i3-8300tw480core_i7-8706gh420ehm170z170cm246x299core_i5-8500bhm570core_i5-8400hcore_i5-8269ucore_i7-8700core_i5-8400wm490core_i7-8086kceleron_4305ucore_i5-8257ucore_i7-8700kq570q670eh370converged_security_management_engine_firmwareq150h670core_i3-8145uceleron_4205ucore_i5-8279uw480ecore_i3-8109ucore_i7-8565uc246core_i5-8250ucm236b365hm370hm175core_i5-8259uqm170hm470r680eceleron_4305uecore_i5-8400bcore_i3-8140ucore_m3-8100ycore_i3-8100hhm670q170b460h110core_i5-8350uw580q270c236core_i5-8600hm570ecore_i7-8550ucore_i5-8500tcore_i5-8260ucore_i3-8100c422qm175h410h570b250core_i9-8950hkcore_i7-8850hqm480w680core_i7-8500yh270core_i5-8600kq470b360core_i5-8400tcore_i7-8750hqm580core_i5-8365ucore_i7\+8700b150h510core_i5-8210yrm590ecore_i5-8365uecore_i7-8665uez690q470ecore_i3-8300core_i5-8200ywm690core_i5-8310yqm580eq370core_i7-8809gh610core_i3-8145uecore_i5-8500qm370core_i7-8700bcore_i7-8709gb560core_i7-8569uq250z490core_i5-8265ucore_i3-8100tz590q670h610eh170pentium_gold_5405uh310wm590core_i7-8557ub660core_i3-8100bcore_i7-8700tcore_i3-8350kcore_i5-8300hc232core_i5-8600tcore_i5-8305gcm238core_i7-8559ucore_i7-8650uz390c420core_i3-8130uh470c242Intel(R) AMT and Intel(R) Standard Manageability in Intel (R) CSMEintel_and_intel_standard_manageability_in_intel_csme
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CWE ID-CWE-20
Improper Input Validation
CVE-2022-36339
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.06% / 18.69%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for Intel(R) NUC 8 Compute Element, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element may allow a privileged user to enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-cm11ebi58w_firmwarecm8i3cb4ncm11ebc4wcm11ebi38w_firmwarecm8pcb4r_firmwareelm12hbccm8pcb4relm12hbc_firmwareelm12hbi5_firmwareelm12hbi3_firmwarecm11ebi716welm12hbi5elm12hbi3cm8i3cb4n_firmwarecm11ebi716w_firmwarecm8i7cb8n_firmwarecm8i5cb8n_firmwarecm11ebi38wcm8ccb4r_firmwarecm8ccb4rcm8i7cb8nelm12hbi7_firmwareelm12hbi7cm11ebi58wcm11ebc4w_firmwarecm8i5cb8nIntel(R) NUC 8 Compute Element, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element
CWE ID-CWE-20
Improper Input Validation
CVE-2018-3612
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.78%
||
7 Day CHG~0.00%
Published-10 May, 2018 | 22:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Intel NUC kits with insufficient input validation in system firmware, potentially allows a local attacker to elevate privileges to System Management Mode (SMM).

Action-Not Available
Vendor-n/aIntel Corporation
Product-dnkbli30.86agkaplcpx.86arybdwi35.86aayaplcel.86akyskli70.86abnkbl357.86afybyt10h.86asyskli35.86amybdwi30.86accsklm30.86amkkbly35.86adnkbli5v.86amkkbli5v.86abiosccsklm5v.86amybdwi5v.86atybyt10h.86adnkbli7v.86an/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-3268
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-8.75% / 92.38%
||
7 Day CHG~0.00%
Published-22 Dec, 2010 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request.

Action-Not Available
Vendor-n/aIntel CorporationMicrosoft CorporationSymantec Corporation
Product-windows_2000intel_alert_management_systemendpoint_protectionantivirusn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-36351
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.09% / 24.77%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:36
Updated-13 Feb, 2025 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel CorporationDebian GNU/LinuxFedora Project
Product-killer_wi-fi_6e_ax1690wi-fi_6_ax203debian_linuxfedorakillerwi-fi_6_ax201wi-fi_6e_ax211killer_wi-fi_6e_ax1675wi-fi_6e_ax210wi-fi_6_ax200wi-fi_6e_ax411killer_wi-fi_6_ax1650wi-fi_6_ax101uefi_firmwareproset\/wireless_wifiIntel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software
CWE ID-CWE-20
Improper Input Validation
CVE-2024-41167
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.7||HIGH
EPSS-0.08% / 23.33%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 21:10
Updated-19 Nov, 2024 | 19:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in UEFI firmware in some Intel(R) Server Board M10JNP2SB Family may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-m10jnp2sb_firmwarem10jnp2sbIntel(R) Server Board M10JNP2SB Familym10jnp2sb_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2024-39811
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 18.19%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 21:10
Updated-15 Nov, 2024 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) Server M20NTP Family UEFI may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) Server M20NTP Family UEFIm20ntp_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-34086
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.03% / 10.20%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-09 Oct, 2024 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc7i5bnknuc_board_nuc7i3bnhx1nuc_kit_nuc7i5bnkp_firmwarenuc_kit_nuc7i3bnhx1_firmwarenuc_rugged_kit_nuc8cchbnnuc_board_nuc7i5bnk_firmwarenuc_mini_pc_nuc7i5bnkpnuc_rugged_kit_nuc8cchkrnuc_mini_pc_nuc7i5bnh_firmwarenuc_enthusiast_nuc7i3bnhx1nuc_kit_nuc7i5bnbnuc_kit_nuc7i3bnhxfnuc_kit_nuc7i5bnhnuc_board_nuc7i3bnk_firmwarenuc_mini_pc_nuc7i7bnh_firmwarenuc_enthusiast_nuc7i5bnhxf_firmwarenuc_board_nuc7i5bnbnuc_kit_nuc7i3bnknuc_board_nuc7i3bnb_firmwarenuc_enthusiast_nuc7i5bnkpnuc_board_nuc7i5bnhnuc_enthusiast_nuc7i5bnkp_firmwarenuc_board_nuc7i7bnkq_firmwarenuc_enthusiast_nuc7i7bnh_firmwarenuc_kit_nuc7i7bnhnuc_board_nuc7i5bnh_firmwarenuc_kit_nuc7i3bnh_firmwarenuc_kit_nuc7i3bnhx1nuc_board_nuc7i5bnhx1_firmwarenuc_board_nuc7i7bnhx1nuc_rugged_kit_nuc8cchbn_firmwarenuc_board_nuc7i7bnb_firmwarenuc_board_nuc7i7bnhxg_firmwarenuc_mini_pc_nuc7i7bnkq_firmwarenuc_kit_nuc7i5bnh_firmwarenuc_enthusiast_nuc7i5bnh_firmwarenuc_board_nuc7i7bnhx1_firmwarenuc_mini_pc_nuc7i5bnbnuc_mini_pc_nuc7i7bnbnuc_enthusiast_nuc7i3bnhxf_firmwarenuc_kit_nuc7i5bnhxfnuc_rugged_kit_nuc8cchkr_firmwarenuc_enthusiast_nuc7i3bnh_firmwarenuc_mini_pc_nuc7i5bnhcompute_element_stk2mv64ccnuc_kit_nuc6cayh_firmwarenuc_kit_nuc7i7bnhxgnuc_board_nuc7i3bnhxfnuc_kit_nuc7i5bnhx1_firmwarenuc_board_nuc7i5bnhxfnuc_kit_nuc7i3bnk_firmwarenuc_kit_nuc7i7bnhx1nuc_enthusiast_nuc7i3bnhnuc_mini_pc_nuc7i3bnhnuc_enthusiast_nuc7i7bnbnuc_board_nuc7i5bnkp_firmwarenuc_enthusiast_nuc7i7bnhx1nuc_kit_nuc6cays_firmwarenuc_kit_nuc7i7bnkqnuc_mini_pc_nuc7i3bnk_firmwarenuc_kit_nuc7i7bnbnuc_kit_nuc7i5bnkpnuc_board_nuc7i7bnhnuc_kit_nuc7i3bnbnuc_mini_pc_nuc7i3bnbnuc_enthusiast_nuc7i3bnb_firmwarenuc_mini_pc_nuc7i7bnkqnuc_enthusiast_nuc7i7bnb_firmwarenuc_enthusiast_nuc7i7bnkqnuc_mini_pc_nuc7i5bnhxfnuc_kit_nuc7i3bnhxf_firmwarenuc_rugged_kit_nuc8cchkrnnuc_enthusiast_nuc7i5bnk_firmwarenuc_board_nuc7i3bnhnuc_enthusiast_nuc7i3bnbnuc_enthusiast_nuc7i7bnhxgnuc_enthusiast_nuc7i5bnhxfnuc_board_nuc7i3bnhx1_firmwarenuc_enthusiast_nuc7i7bnhxg_firmwarenuc_mini_pc_nuc7i3bnhxf_firmwarenuc_enthusiast_nuc7i5bnhx1nuc_mini_pc_nuc7i7bnhxgnuc_kit_nuc7i5bnhx1nuc_mini_pc_nuc7i3bnh_firmwarenuc_enthusiast_nuc7i5bnbnuc_board_nuc7i5bnkpnuc_enthusiast_nuc7i5bnb_firmwarecompute_element_stk2mv64cc_firmwarenuc_mini_pc_nuc7i3bnhx1nuc_board_nuc7i3bnh_firmwarenuc_kit_nuc7i3bnb_firmwarenuc_kit_nuc7i7bnb_firmwarenuc_board_nuc7i3bnhxf_firmwarenuc_mini_pc_nuc7i7bnhxg_firmwarenuc_mini_pc_nuc7i3bnhx1_firmwarenuc_enthusiast_nuc7i3bnk_firmwarenuc_mini_pc_nuc7i5bnhxf_firmwarenuc_enthusiast_nuc7i5bnhx1_firmwarenuc_kit_nuc6caysnuc_mini_pc_nuc7i5bnknuc_enthusiast_nuc7i5bnknuc_kit_nuc7i7bnh_firmwarenuc_mini_pc_nuc7i5bnhx1_firmwarenuc_mini_pc_nuc7i7bnb_firmwarenuc_mini_pc_nuc7i5bnkp_firmwarenuc_rugged_kit_nuc8cchbnuc_kit_nuc6cayhnuc_enthusiast_nuc7i3bnknuc_board_nuc7i3bnbnuc_board_nuc7i7bnhxgnuc_kit_nuc7i7bnhxg_firmwarenuc_board_nuc7i3bnknuc_kit_nuc7i5bnhxf_firmwarenuc_mini_pc_nuc7i7bnhx1nuc_kit_nuc7i5bnk_firmwarenuc_mini_pc_nuc7i5bnhx1nuc_mini_pc_nuc7i7bnhnuc_enthusiast_nuc7i5bnhnuc_enthusiast_nuc7i3bnhxfnuc_enthusiast_nuc7i7bnhx1_firmwarenuc_kit_nuc7i7bnhx1_firmwarenuc_enthusiast_nuc7i7bnkq_firmwarenuc_enthusiast_nuc7i3bnhx1_firmwarenuc_rugged_kit_nuc8cchb_firmwarenuc_board_nuc7i7bnkqnuc_board_nuc7i7bnh_firmwarenuc_mini_pc_nuc7i3bnb_firmwarenuc_board_nuc7i5bnhx1nuc_kit_nuc7i7bnkq_firmwarenuc_mini_pc_nuc7i7bnhx1_firmwarenuc_board_nuc7i5bnhxf_firmwarenuc_board_nuc7i5bnb_firmwarenuc_mini_pc_nuc7i3bnhxfnuc_enthusiast_nuc7i7bnhnuc_rugged_kit_nuc8cchkrn_firmwarenuc_mini_pc_nuc7i5bnb_firmwarenuc_mini_pc_nuc7i5bnk_firmwarenuc_mini_pc_nuc7i3bnknuc_board_nuc7i5bnknuc_kit_nuc7i5bnb_firmwarenuc_kit_nuc7i3bnhnuc_board_nuc7i7bnbIntel(R) NUC BIOS firmwarebios
CWE ID-CWE-20
Improper Input Validation
CVE-2024-36482
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.1||HIGH
EPSS-0.11% / 29.04%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 21:11
Updated-04 Feb, 2025 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) CIP software before version 2.4.10852 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-computing_improvement_programIntel(R) CIP softwarecip_software
CWE ID-CWE-20
Improper Input Validation
CVE-2024-36282
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.1||HIGH
EPSS-0.08% / 24.04%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 21:11
Updated-15 Nov, 2024 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) Server Board S2600ST Family BIOS and Firmware Update software all versions may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) Server Board S2600ST Family BIOS and Firmware Update softwareserver_board_s2600st_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-32641
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.09% / 26.00%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT
CWE ID-CWE-20
Improper Input Validation
CVE-2023-32617
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.03% / 10.18%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-02 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc7i5bnknuc_7_home_nuc7i3bnhxfnuc_board_nuc7i3bnbnuc_7_home_nuc7i3bnhxf_firmwarenuc_kit_nuc7i3bnhx1_firmwarenuc_kit_nuc7i5bnh_firmwarenuc_board_nuc8cchbnuc_kit_nuc7i5bnk_firmwarenuc_kit_nuc7i7bnhx1_firmwarecompute_stick_stk2mv64cc_firmwarenuc_7_enthusiast_nuc7i7bnkq_firmwarenuc_8_rugged_kit_nuc8cchkrn_firmwarenuc_8_rugged_kit_nuc8cchkrnuc_kit_nuc7i5bnhx1nuc_kit_nuc6cayh_firmwarenuc_7_home_nuc7i5bnkpnuc_7_enthusiast_nuc7i7bnhxg_firmwarenuc_kit_nuc7i5bnhx1_firmwarenuc_kit_nuc7i3bnk_firmwarenuc_kit_nuc7i7bnhx1nuc_board_nuc8cchb_firmwarenuc_7_home_nuc7i5bnhxfnuc_8_rugged_board_nuc8cchbn_firmwarenuc_kit_nuc7i5bnhnuc_8_rugged_kit_nuc8cchkr_firmwarenuc_board_nuc7i5bnbnuc_kit_nuc7i3bnknuc_kit_nuc6cays_firmwarenuc_board_nuc7i5bnb_firmwarenuc_board_nuc7i3bnb_firmwarenuc_7_home_nuc7i5bnkp_firmwarenuc_7_enthusiast_nuc7i7bnhxgnuc_kit_nuc7i7bnhnuc_kit_nuc7i3bnh_firmwarenuc_kit_nuc7i3bnhx1nuc_7_home_nuc7i5bnhxf_firmwarecompute_stick_stk2mv64ccnuc_kit_nuc6caysnuc_kit_nuc7i7bnh_firmwarenuc_8_rugged_board_nuc8cchbnnuc_board_nuc7i7bnb_firmwarenuc_8_rugged_kit_nuc8cchkrnnuc_7_enthusiast_nuc7i7bnkqnuc_kit_nuc7i3bnhnuc_board_nuc7i7bnbnuc_kit_nuc6cayhIntel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-29494
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.03% / 10.20%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-18 Oct, 2024 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/abios_firmwareIntel Corporation
Product-nuc_11_pro_kit_nuc11tnhi3_firmwarenuc_11_pro_kit_nuc11tnki70znuc_11_pro_kit_nuc11tnki3_firmwarenuc_11_pro_kit_nuc11tnhi3nuc_11_pro_board_nuc11tnbi7_firmwarenuc_11_pro_board_nuc11tnbi30z_firmwarenuc_11_pro_board_nuc11tnbi5nuc_11_pro_kit_nuc11tnhi70l_firmwarenuc_11_pro_kit_nuc11tnhi5_firmwarenuc_11_pro_board_nuc11tnbi3nuc_11_pro_board_nuc11tnbi70z_firmwarenuc_11_pro_kit_nuc11tnhi30znuc_11_pro_kit_nuc11tnhi30p_firmwarenuc_11_pro_kit_nuc11tnhi30lnuc_11_pro_board_nuc11tnbi70znuc_11_pro_kit_nuc11tnhi70qnuc_11_pro_kit_nuc11tnhi30pnuc_11_pro_board_nuc11tnbi50z_firmwarenuc_11_pro_kit_nuc11tnhi7_firmwarenuc_11_pro_kit_nuc11tnhi70z_firmwarenuc_11_pro_kit_nuc11tnki30znuc_11_pro_kit_nuc11tnhi30z_firmwarenuc_11_pro_kit_nuc11tnhi50l_firmwarenuc_11_pro_kit_nuc11tnhi5nuc_11_pro_kit_nuc11tnki5_firmwarenuc_11_pro_kit_nuc11tnhi70znuc_11_pro_kit_nuc11tnhi50wnuc_11_pro_kit_nuc11tnki50z_firmwarenuc_11_pro_kit_nuc11tnki50znuc_11_pro_kit_nuc11tnhi70q_firmwarenuc_11_pro_kit_nuc11tnki5nuc_11_pro_board_nuc11tnbi30znuc_11_pro_kit_nuc11tnki30z_firmwarenuc_11_pro_kit_nuc11tnhi7nuc_11_pro_kit_nuc11tnki7_firmwarenuc_11_pro_kit_nuc11tnhi50z_firmwarenuc_11_pro_board_nuc11tnbi5_firmwarenuc_11_pro_kit_nuc11tnhi50lnuc_11_pro_kit_nuc11tnki7nuc_11_pro_board_nuc11tnbi7nuc_11_pro_kit_nuc11tnhi50w_firmwarenuc_11_pro_kit_nuc11tnhi30l_firmwarenuc_11_pro_kit_nuc11tnki3nuc_11_pro_board_nuc11tnbi50znuc_11_pro_kit_nuc11tnhi70lnuc_11_pro_kit_nuc11tnhi50znuc_11_pro_kit_nuc11tnki70z_firmwarenuc_11_pro_board_nuc11tnbi3_firmwareIntel(R) NUCsintel_r_nucs
CWE ID-CWE-20
Improper Input Validation
CVE-2023-28738
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.07% / 20.67%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-21 Oct, 2024 | 12:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel NUC BIOS firmware before version JY0070 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc7cjyhn_firmwarenuc_kit_nuc7cjysalnuc_kit_nuc7cjyhnuc_kit_nuc7cjyh_firmwarenuc_kit_nuc7cjyhnnuc_kit_nuc7pjyh_firmwarenuc_kit_nuc7cjysal_firmwarenuc_kit_nuc7pjyhn_firmwarenuc_kit_nuc7pjyhnnuc_7_essential_nuc7cjysamnnuc_kit_nuc7pjyhnuc_7_essential_nuc7cjysamn_firmwareIntel NUC BIOS firmwareintel_nuc_bios_firmware
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CWE ID-CWE-20
Improper Input Validation
CVE-2023-29495
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.06% / 17.21%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-09 May, 2025 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel NUC BIOS firmware before version IN0048 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_8_mainstream-g_kit_nuc8i5inhnuc_8_mainstream-g_kit_nuc8i5inh_firmwarenuc_8_mainstream-g_kit_nuc8i7inhnuc_8_mainstream-g_kit_nuc8i7inh_firmwareIntel NUC BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-28402
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 19.20%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-21 Aug, 2024 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) BIOS Guard firmwarecomet_lake
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found