Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-0171

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-17 May, 2019 | 15:41
Updated At-04 Aug, 2024 | 17:44
Rejected At-
Credits

Improper directory permissions in the installer for Intel(R) Quartus(R) software may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:17 May, 2019 | 15:41
Updated At:04 Aug, 2024 | 17:44
Rejected At:
▼CVE Numbering Authority (CNA)

Improper directory permissions in the installer for Intel(R) Quartus(R) software may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Products
Vendor
n/a
Product
Intel(R) Quartus(R)
Versions
Affected
  • Intel(R) Quartus(R) Prime all versions 15.1 to 18.1, and Intel(R) Quartus(R) II versions 9.1 to 15.0.
Problem Types
TypeCWE IDDescription
textN/AEscalation of Privilege
Type: text
CWE ID: N/A
Description: Escalation of Privilege
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00244.html
x_refsource_MISC
https://support.f5.com/csp/article/K33245306
x_refsource_CONFIRM
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00244.html
Resource:
x_refsource_MISC
Hyperlink: https://support.f5.com/csp/article/K33245306
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00244.html
x_refsource_MISC
x_transferred
https://support.f5.com/csp/article/K33245306
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00244.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://support.f5.com/csp/article/K33245306
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:17 May, 2019 | 16:29
Updated At:24 Aug, 2020 | 17:37

Improper directory permissions in the installer for Intel(R) Quartus(R) software may allow an authenticated user to potentially enable escalation of privilege via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Intel Corporation
intel
>>quartus_ii>>Versions from 9.1(inclusive) to 15.0(inclusive)
cpe:2.3:a:intel:quartus_ii:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>quartus_prime>>Versions from 15.1(inclusive) to 18.1(inclusive)
cpe:2.3:a:intel:quartus_prime:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-732Primarynvd@nist.gov
CWE ID: CWE-732
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://support.f5.com/csp/article/K33245306secure@intel.com
Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00244.htmlsecure@intel.com
Patch
Vendor Advisory
Hyperlink: https://support.f5.com/csp/article/K33245306
Source: secure@intel.com
Resource:
Third Party Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00244.html
Source: secure@intel.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

561Records found
CVE-2018-12148
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.52%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Privilege escalation in file permissions in Intel Driver and Support Assistant before 3.5.0.1 may allow an authenticated user to potentially execute code as administrator via local access.

Action-Not Available
Vendor-Intel Corporation
Product-driver_\&_support_assistantIntel(R) Driver & Support Assistant
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-12131
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-10 Oct, 2018 | 14:00
Updated-17 Sep, 2024 | 02:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-client_nvmedatacenter_nvmerapid_storage_technologyIntel NVMe and Intel RSTe
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-12200
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 29.91%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-17 Sep, 2024 | 03:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient access control in Intel(R) Capability Licensing Service before version 1.50.638.1 may allow an unprivileged user to potentially escalate privileges via local access.

Action-Not Available
Vendor-Intel Corporation
Product-capability_licensing_serviceIntel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-12162
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.97%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 22:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory permissions in the Intel OpenVINO Toolkit for Windows before version 2018.1.265 may allow an authenticated user to potentially execute code using default directory permissions via local access.

Action-Not Available
Vendor-Intel Corporation
Product-openvino_toolkitIntel(R) OpenVINO(TM) Toolkit for Windows
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-24525
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:16
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_board_h27002-404nuc_8_mainstream-g_kit_nuc8i7inhnuc_8_pro_kit_nuc8i3pnknuc_8_pro_board_nuc8i3pnbnuc_8_pro_kit_nuc8i3pnhnuc_kit_h26998-402nuc_board_h27002-400nuc_8_mainstream-g_mini_pc_nuc8i7inhnuc_board_nuc8cchbnuc_8_pro_mini_pc_nuc8i3pnknuc_kit_h26998-405_firmwarenuc_8_mainstream-g_kit_nuc8i7inh_firmwarenuc_8_mainstream-g_mini_pc_nuc8i5inhnuc_kit_h26998-500_firmwarenuc_kit_h26998-402_firmwarenuc_8_pro_board_nuc8i3pnb_firmwarenuc_8_rugged_kit_nuc8cchkrnuc_board_h27002-404_firmwarenuc_8_mainstream-g_kit_nuc8i5inh_firmwarenuc_8_mainstream-g_kit_nuc8i5inhnuc_board_nuc8cchb_firmwarenuc_kit_h26998-500nuc_kit_h26998-404nuc_board_h27002-500_firmwarenuc_8_rugged_kit_nuc8cchkr_firmwarenuc_board_h27002-400_firmwarenuc_board_h27002-402_firmwarenuc_kit_h26998-403_firmwarenuc_kit_h26998-403nuc_board_h27002-402nuc_kit_h26998-401nuc_kit_h26998-405nuc_8_pro_mini_pc_nuc8i3pnk_firmwarenuc_8_mainstream-g_mini_pc_nuc8i5inh_firmwarenuc_board_h27002-401_firmwarenuc_8_pro_kit_nuc8i3pnh_firmwarenuc_board_h27002-401nuc_kit_h26998-401_firmwarenuc_board_h27002-500nuc_9_pro_kit_nuc9v7qnxnuc_9_pro_kit_nuc9vxqnx_firmwarenuc_9_pro_kit_nuc9vxqnxnuc_9_pro_kit_nuc9v7qnx_firmwarenuc_8_mainstream-g_mini_pc_nuc8i7inh_firmwarenuc_8_pro_kit_nuc8i3pnk_firmwarenuc_kit_h26998-404_firmwareIntel(R) NUCs
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-0102
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:05
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-uniteIntel Unite(R) Client for Windows
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-0077
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:09
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before version 2021.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-vtune_profilerIntel(R) VTune(TM) Profiler
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-0109
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:36
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions for the Intel(R) SOC driver package for STK1A32SC before version 604 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_stick_stk1a32sccompute_stick_stk1a32sc_firmwareIntel(R) SOC driver package for STK1A32SC
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-0056
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:05
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions for the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-lapbc510_firmwarelapbc510lapbc710lapbc710_firmwareIntel(R) NUC M15 Laptop Kit Driver Pack software
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-0064
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:18
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in the Intel(R) PROSet/Wireless WiFi software installer for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ac_8265ac_9462ac_3165_firmwareac_9560_firmwareac_8265_firmwareax200ac_3165ac_9461ac_8260ac_9260ac_9461_firmwareac_9462_firmwareac_3168ac_9560ax200_firmware7265_firmwareac_3168_firmwareax201ax210_firmwareax201_firmwareac_9260_firmwareac_8260_firmwareax2107265Intel(R) PROSet/Wireless WiFi software installer for Windows 10
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-0055
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:02
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions for some Intel(R) NUC 9 Extreme Laptop Kit LAN Drivers before version 10.42 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-lapqc71alapqc71dlapqc71c_firmwarelapqc71clapqc71d_firmwarelapqc71blapqc71a_firmwarelapqc71b_firmwareIntel(R) NUC 9 Extreme Laptop Kit LAN Drivers
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-8731
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.04% / 11.97%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:26
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect execution-assigned permissions in the file system for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-12302
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-05 Oct, 2020 | 13:46
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the Intel(R) Driver & Support Assistant before version 20.7.26.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-driver_\&_support_assistantIntel(R) Driver & Support Assistant
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-11166
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 10.23%
||
7 Day CHG~0.00%
Published-16 Sep, 2019 | 15:58
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper file permissions in the installer for Intel(R) Easy Streaming Wizard before version 2.1.0731 may allow an authenticated user to potentially enable escalation of privilege via local attack.

Action-Not Available
Vendor-n/aIntel Corporation
Product-easy_streaming_wizardIntel(R) Easy Streaming Wizard Advisory
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-12168
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.52%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 19:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Privilege escalation in file permissions in Intel Computing Improvement Program before version 2.2.0.03942 may allow an authenticated user to potentially execute code as administrator via local access.

Action-Not Available
Vendor-Intel Corporation
Product-computing_improvement_programIntel(R) Computing Improvement Program
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-0559
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.69%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 03:27
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 8.1 before version 21.40.5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-celeron_n3010celeron_j1750windows_8.1celeron_n2840ac_3165_firmwareac_9560_firmwarepentium_j6426ac_8265_firmwareceleron_n2808pentium_j2850celeron_j4025celeron_n2910pentium_j4205celeron_n2930pentium_n3510celeron_j6413celeron_n3350ac_3168_firmwareceleron_n3050ac_9260_firmwareceleron_j1850celeron_n6210ac_8260_firmwarepentium_n3700celeron_n2920celeron_n3000celeron_n2807ac_7265_firmwarepentium_n3520celeron_n2815pentium_j3710pentium_j2900celeron_j3060celeron_n3160ac_9461_firmwareac_9462_firmwareceleron_n2940celeron_n6211celeron_n5105pentium_n3530celeron_j3455pentium_n3540celeron_n4000celeron_j3455eceleron_n2830pentium_n4200eceleron_n4500celeron_n2820pentium_n6415celeron_n3450celeron_n5100pentium_n3710celeron_n4020celeron_j4105celeron_j3160celeron_j6412celeron_n3150celeron_n2810celeron_n4100celeron_j1800celeron_n2805celeron_n2806celeron_j1900celeron_n3060atom_x5-e3940celeron_n4505celeron_j4005atom_x5-e3930celeron_j3355pentium_n4200atom_x7-e3950ax200_firmwareceleron_n4120celeron_n3350ewindows_7ax201_firmwareceleron_j3355eceleron_j4125Intel(R) PROSet/Wireless WiFi Advisory
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-0557
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.29%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 16:58
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in Intel(R) PROSet/Wireless WiFi products before version 21.70 on Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wireless-ac_9461wireless-ac_9560wi-fi_6_ax201dual_band_wireless-ac_3165dual_band_wireless-ac_7265_\(rev_d\)dual_band_wireless-ac_8260wireless-ac_9260dual_band_wireless-ac_3168wi-fi_6_ax200dual_band_wireless-ac_8265wireless-ac_9462proset\/wireless_wifiIntel(R) PROSet/Wireless WiFi Software
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-0563
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.30%
||
7 Day CHG~0.00%
Published-13 Feb, 2020 | 18:20
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for Intel(R) MPSS before version 3.8.6 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-manycore_platform_software_stackIntel(R) MPSS
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-11121
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 17:53
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper file permissions in the installer for the Intel(R) Media SDK for Windows before version 2019 R1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-windowsmedia_sdkIntel(R) Media SDK for Windows
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-11167
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.16%
||
7 Day CHG~0.00%
Published-11 Oct, 2019 | 17:57
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper file permission in software installer for Intel(R) Smart Connect Technology for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-smart_connect_technologySmart Connect Technology for Intel® NUC Advisory
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-0086
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.06%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) Converged Security & Management Engine (CSME) Dynamic Application Loader, Intel (R) Trusted Execution Engine Interface (TXE)
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-0138
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in Intel(R) ACU Wizard version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-acu_wizardIntel(R) ACU Wizard
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-3704
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-13 Dec, 2018 | 23:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in the installer for the Intel Parallel Studio before 2019 Gold may allow authenticated users to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-parallel_studioparallel_studio_xeIntel Parallel Studio
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-3702
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.85%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the ITE Tech* Consumer Infrared Driver for Windows 10 versions before 5.4.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-ite_tech_consumer_infrared_driverwindows_10ITE Tech Consumer Infrared Driver for Windows 10 Advisory
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-3701
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.82%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in the installer for Intel(R) PROSet/Wireless WiFi Software version 20.100 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-proset\/wireless_wifiIntel(R) PROSet/Wireless WiFi Software Advisory
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-3697
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.86%
||
7 Day CHG~0.00%
Published-14 Nov, 2018 | 14:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in the installer for the Intel Media Server Studio may allow unprivileged users to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-media_server_studioIntel Media Server Studio
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-18097
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-13 Dec, 2018 | 23:00
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-solid_state_drive_toolboxIntel Solid State Drive Toolbox
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-18093
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-13 Dec, 2018 | 23:00
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access.

Action-Not Available
Vendor-Intel Corporation
Product-vtune_amplifierIntel VTune Amplifier
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-18094
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.85%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 17:01
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in installer for Intel(R) Media SDK before 2018 R2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-media_sdkIntel(R) Media SDK Advisory
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-12223
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-6.3||MEDIUM
EPSS-0.05% / 13.89%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-16 Sep, 2024 | 17:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient access control in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to escape from a virtual machine guest-to-host via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel(R) Graphics Driver for Windows
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-12177
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-10 Jan, 2019 | 20:00
Updated-16 Sep, 2024 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in the ZeroConfig service in Intel(R) PROSet/Wireless WiFi Software before version 20.90.0.7 may allow an authorized user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-wireless-ac_9560dual_band_wireless-ac_8265_desktop_kitwireless-n_7265_\(rev_c\)dual_band_wireless-n_7260dual_band_wireless-ac_7265_\(rev_d\)dual_band_wireless-ac_8265dual_band_wireless-ac_7260wireless-ac_9462tri-band_wireless-ac_18260dual_band_wireless-ac_7265\(rev_c\)wireless-ac_9461dual_band_wireless-ac_3160tri-band_wireless-ac_17265proset\/wireless_softwarewireless-n_7260dual_band_wireless-ac_3165dual_band_wireless-ac_8260wireless-ac_9260dual_band_wireless-ac_3168wireless-n_7265_\(rev_d\)dual_band_wireless-ac_7260_for_desktopdual_band_wireless-n_7265_\(rev_c\)tri-band_wireless-ac_18265dual_band_wireless-n_7265_\(rev_d\)Intel(R) PROSet/Wireless WiFi Software
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-3703
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-10 Jan, 2019 | 20:00
Updated-16 Sep, 2024 | 16:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in the installer for the Intel(R) SSD Data Center Tool for Windows before v3.0.17 may allow authenticated users to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-Microsoft CorporationIntel Corporation
Product-windowsssd_data_center_toolIntel(R) SSD Data Center Tool for Windows
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-44454
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.81%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus(R) Prime Pro Edition
CWE ID-CWE-20
Improper Input Validation
CVE-2020-8705
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.72% / 72.11%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:06
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30, Intel(R) SPS versions before E5_04.01.04.400, E3_04.01.04.200, SoC-X_04.00.04.200 and SoC-A_04.00.04.300 may allow an unauthenticated user to potentially enable escalation of privileges via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_platform_servicesconverged_security_and_manageability_enginetrusted_execution_technologyIntel(R) Boot Guard, Intel(R) CSME, Intel(R) TXE, Intel(R) SPS
CWE ID-CWE-1188
Initialization of a Resource with an Insecure Default
CVE-2018-12150
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.07%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-17 Sep, 2024 | 02:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially execute code or disclose information as administrator via local access.

Action-Not Available
Vendor-Intel Corporation
Product-extreme_tuning_utilityIntel(R) Extreme Tuning Utility
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-12175
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-17 Sep, 2024 | 03:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access.

Action-Not Available
Vendor-Intel Corporation
Product-distribution_for_pythonIntel(R) Distribution for Python 2018
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2018-12196
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.16% / 36.84%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-16 Sep, 2024 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.

Action-Not Available
Vendor-Intel Corporation
Product-converged_security_management_engine_firmwareIntel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology
CWE ID-CWE-20
Improper Input Validation
CVE-2018-12169
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.6||HIGH
EPSS-0.06% / 17.17%
||
7 Day CHG~0.00%
Published-21 Sep, 2018 | 20:00
Updated-05 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation Intel Core Processor contains a logic error which may allow physical attacker to potentially bypass firmware authentication.

Action-Not Available
Vendor-n/aLenovo Group LimitedIntel Corporation
Product-thinkpad_x380_yogathinkpad_t470thinkpad_t25thinkpad_t480sthinkpad_t570thinkpad_l380thinkpad_t580core_i3thinkpad_p51sthinkpad_x1_yogathinkpad_x1_carbonthinkpad_x1_tabletcore_i5thinkpad_e480thinkpad_l380_yogathinkpad_p51thinkpad_p52thinkpad_l480thinkpad_l580thinkpad_11ethinkpad_p72thinkpad_t470sthinkpad_x270thinkpad_t470pthinkpad_e580core_i7thinkpad_x280thinkpad_p71core_i9thinkpad_t480thinkpad_yoga_370thinkpad_p52sn/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-12190
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 32.97%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-16 Sep, 2024 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-converged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology
CWE ID-CWE-20
Improper Input Validation
CVE-2018-12208
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.6||HIGH
EPSS-0.29% / 52.20%
||
7 Day CHG-0.04%
Published-14 Mar, 2019 | 20:00
Updated-17 Sep, 2024 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access.

Action-Not Available
Vendor-Intel Corporation
Product-server_platform_services_firmwareconverged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-12185
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.15% / 35.85%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-16 Sep, 2024 | 22:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physical access.

Action-Not Available
Vendor-Intel Corporation
Product-converged_security_management_engine_firmwareIntel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology
CWE ID-CWE-20
Improper Input Validation
CVE-2018-12160
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 11.20%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access.

Action-Not Available
Vendor-Intel Corporation
Product-data_migration_softwareIntel(R) Data Migration Software
CWE ID-CWE-276
Incorrect Default Permissions
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2017-5707
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.01%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-trusted_execution_engine_firmwareTrusted Execution Engine
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5706
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.89%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-server_platform_services_firmwareServer Platform Services
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5709
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.74%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unauthorized process to access privileged content via unspecified vector.

Action-Not Available
Vendor-Intel Corporation
Product-server_platform_services_firmwareServer Platform Services
CVE-2017-5708
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.92%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow unauthorized process to access privileged content via unspecified vector.

Action-Not Available
Vendor-Intel Corporation
Product-manageability_engine_firmwareManageability Engine
CVE-2017-5727
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.82%
||
7 Day CHG~0.00%
Published-02 Feb, 2018 | 15:00
Updated-17 Sep, 2024 | 02:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pointer dereference in subsystem in Intel Graphics Driver 15.40.x.x, 15.45.x.x, 15.46.x.x allows unprivileged user to elevate privileges via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel Graphics Driver
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-5717
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.69% / 71.43%
||
7 Day CHG~0.00%
Published-12 Dec, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel Graphics Driver
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2017-5683
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.37%
||
7 Day CHG~0.00%
Published-04 Apr, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Privilege escalation in IntelHAXM.sys driver in the Intel Hardware Accelerated Execution Manager before version 6.0.6 allows a local user to gain system level access.

Action-Not Available
Vendor-Intel Corporation
Product-hardware_accelerated_execution_managerIntel Hardware Accelerated Execution Manager
CVE-2017-5705
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 30.70%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-manageability_engine_firmwareManageability Engine
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 11
  • 12
  • Next
Details not found