Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-11137

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-14 Nov, 2019 | 16:56
Updated At-04 Aug, 2024 | 22:48
Rejected At-
Credits

Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:14 Nov, 2019 | 16:56
Updated At:04 Aug, 2024 | 22:48
Rejected At:
▼CVE Numbering Authority (CNA)

Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Affected Products
Vendor
n/a
Product
2019.2 IPU – UEFI
Versions
Affected
  • See provided reference
Problem Types
TypeCWE IDDescription
textN/AEscalation of Privilege, Denial of Service, Information Disclosure
Type: text
CWE ID: N/A
Description: Escalation of Privilege, Denial of Service, Information Disclosure
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html
x_refsource_MISC
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03967en_us
x_refsource_CONFIRM
https://support.f5.com/csp/article/K56215245?utm_source=f5support&amp%3Butm_medium=RSS
x_refsource_CONFIRM
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html
Resource:
x_refsource_MISC
Hyperlink: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03967en_us
Resource:
x_refsource_CONFIRM
Hyperlink: https://support.f5.com/csp/article/K56215245?utm_source=f5support&amp%3Butm_medium=RSS
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html
x_refsource_MISC
x_transferred
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03967en_us
x_refsource_CONFIRM
x_transferred
https://support.f5.com/csp/article/K56215245?utm_source=f5support&amp%3Butm_medium=RSS
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03967en_us
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://support.f5.com/csp/article/K56215245?utm_source=f5support&amp%3Butm_medium=RSS
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:14 Nov, 2019 | 17:15
Updated At:07 Nov, 2023 | 03:02

Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.2HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Intel Corporation
intel
>>xeon_platinum_8253_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8253_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8253>>-
cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8256_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8256_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8256>>-
cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8260_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8260_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8260>>-
cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8276_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8276_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8276>>-
cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8276m_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8276m_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8276m>>-
cpe:2.3:h:intel:xeon_platinum_8276m:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8276l_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8276l_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8276l>>-
cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8280l_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8280l_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8280l>>-
cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8260l_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8260l_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8260l>>-
cpe:2.3:h:intel:xeon_platinum_8260l:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8280m_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8280m_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8280m>>-
cpe:2.3:h:intel:xeon_platinum_8280m:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8260m_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8260m_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8260m>>-
cpe:2.3:h:intel:xeon_platinum_8260m:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8280_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8280_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8280>>-
cpe:2.3:h:intel:xeon_platinum_8280:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8260y_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8260y_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8260y>>-
cpe:2.3:h:intel:xeon_platinum_8260y:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8268_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8268_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8268>>-
cpe:2.3:h:intel:xeon_platinum_8268:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8270_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8270_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8270>>-
cpe:2.3:h:intel:xeon_platinum_8270:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8274_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8274_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8274>>-
cpe:2.3:h:intel:xeon_platinum_8274:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8284_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8284_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8284>>-
cpe:2.3:h:intel:xeon_platinum_8284:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_9242_firmware>>-
cpe:2.3:o:intel:xeon_platinum_9242_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_9242>>-
cpe:2.3:h:intel:xeon_platinum_9242:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_9282_firmware>>-
cpe:2.3:o:intel:xeon_platinum_9282_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_9282>>-
cpe:2.3:h:intel:xeon_platinum_9282:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8153_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8153_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8153>>-
cpe:2.3:h:intel:xeon_platinum_8153:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8156_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8156_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8156>>-
cpe:2.3:h:intel:xeon_platinum_8156:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8158_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8158_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8158>>-
cpe:2.3:h:intel:xeon_platinum_8158:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8176_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8176_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8176>>-
cpe:2.3:h:intel:xeon_platinum_8176:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8160_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8160_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8160>>-
cpe:2.3:h:intel:xeon_platinum_8160:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8164_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8164_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8164>>-
cpe:2.3:h:intel:xeon_platinum_8164:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8168_firmware>>-
cpe:2.3:o:intel:xeon_platinum_8168_firmware:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>xeon_platinum_8168>>-
cpe:2.3:h:intel:xeon_platinum_8168:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://support.f5.com/csp/article/K56215245?utm_source=f5support&amp%3Butm_medium=RSSsecure@intel.com
N/A
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03967en_ussecure@intel.com
Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.htmlsecure@intel.com
Vendor Advisory
Hyperlink: https://support.f5.com/csp/article/K56215245?utm_source=f5support&amp%3Butm_medium=RSS
Source: secure@intel.com
Resource: N/A
Hyperlink: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03967en_us
Source: secure@intel.com
Resource:
Third Party Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html
Source: secure@intel.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

781Records found
CVE-2019-14565
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.07%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:47
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access.

Action-Not Available
Vendor-Linux Kernel Organization, IncIntel CorporationMicrosoft Corporation
Product-windowssoftware_guard_extensions_sdklinux_kernel2019.2 IPU – Intel(R) SGX
CWE ID-CWE-665
Improper Initialization
CVE-2019-0109
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.69%
||
7 Day CHG~0.00%
Published-18 Feb, 2019 | 17:00
Updated-16 Sep, 2024 | 16:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper folder permissions in Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managern/a
CVE-2019-14569
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.62%
||
7 Day CHG~0.00%
Published-11 Oct, 2019 | 17:57
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pointer corruption in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Action-Not Available
Vendor-Intel Corporation
Product-nuc_kit_dn2820fykhnuc_board_de3815tybe_firmwarenuc_8_mainstream_game_kitnuc_kit_de3815tykhe_firmwarenuc_8_mainstream_game_mini_computer_firmwarenuc_8_mainstream_game_kit_firmwarenuc_kit_de3815tykhenuc_kit_dn2820fykh_firmwarenuc_board_de3815tybenuc_8_mainstream_game_mini_computerNUC Advisory
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-0158
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.71%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 17:02
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient path checking in the installation package for Intel(R) Graphics Performance Analyzer for Linux version 18.4 and before may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzerIntel(R) Graphics Performance Analyzer for Linux Advisory
CVE-2019-0142
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.12% / 30.97%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:21
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient access control in ilp60x64.sys driver for Intel(R) Ethernet 700 Series Controllers before version 1.33.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_x710-at2_firmwareethernet_controller_x710-tm4_firmwareethernet_controller_x710-bm2_firmwareethernet_controller_710-bm1ethernet_controller_xxv710-am2ethernet_controller_xxv710-am1ethernet_controller_xxv710-am1_firmwareethernet_controller_x710-bm2ethernet_controller_xxv710-am2_firmwareethernet_700_series_softwareethernet_controller_x710-at2ethernet_controller_710-bm1_firmwareethernet_controller_x710-tm42019.2 IPU – Intel(R) Ethernet 700 Series Controllers
CVE-2019-0128
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.19%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for Intel(R) Chipset Device Software (INF Update Utility) before version 10.1.1.45 may allow an authenticated user to escalate privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-chipset_device_softwareIntel(R) Chipset Device Software (INF Update Utility) Advisory
CWE ID-CWE-264
Not Available
CVE-2019-14600
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.48%
||
7 Day CHG~0.00%
Published-17 Jan, 2020 | 17:33
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the installer for Intel(R) SNMP Subagent Stand-Alone for Windows* may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-snmp_subagent_stand-aloneIntel(R) SNMP Subagent Stand-Alone for Windows*
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-0134
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.79%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:13
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the Intel(R) Dynamic Platform and Thermal Framework v8.3.10208.5643 and before may allow an authenticated user to potentially execute code at an elevated level of privilege.

Action-Not Available
Vendor-n/aIntel Corporation
Product-dynamic_platform_and_thermal_frameworkIntel(R) Dynamic Platform and Thermal Framework
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-0170
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.16% / 37.86%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwareIntel(R) Dynamic Application Loader (DAL)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-14599
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.31%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted service path in Control Center-I version 2.1.0.0 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-control_center-iControl Center-I
CWE ID-CWE-426
Untrusted Search Path
CVE-2019-0089
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 33.63%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_platform_servicesIntel(R) Server Platform Services (SPS)
CWE ID-CWE-19
Not Available
CVE-2019-0121
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.26%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-16 Sep, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and before may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-matrix_storage_managerIntel(R) Matrix Storage Manager
CWE ID-CWE-264
Not Available
CVE-2019-0107
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.25% / 47.94%
||
7 Day CHG~0.00%
Published-18 Feb, 2019 | 17:00
Updated-16 Sep, 2024 | 19:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient user prompt in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managern/a
CVE-2019-14568
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.30% / 52.82%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:12
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the executable for Intel(R) RST before version 17.7.0.1006 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-rapid_storage_technologyIntel(R) RST
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-14598
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.26% / 48.71%
||
7 Day CHG~0.00%
Published-13 Feb, 2020 | 18:21
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Authentication in subsystem in Intel(R) CSME versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-converged_security_management_engine_firmwaresteelstore_cloud_integrated_storageIntel(R) CSME
CWE ID-CWE-287
Improper Authentication
CVE-2019-0171
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in the installer for Intel(R) Quartus(R) software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_iiquartus_primeIntel(R) Quartus(R)
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-0159
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.38% / 58.47%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:13
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient memory protection in the Linux Administrative Tools for Intel(R) Network Adapters before version 24.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-administrative_tools_for_intel_network_adaptersLinux Administrative Tools for Intel(R) Network Adapters
CVE-2019-0088
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-10 Jan, 2019 | 20:00
Updated-17 Sep, 2024 | 02:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient path checking in Intel(R) System Support Utility for Windows before 2.5.0.15 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-system_support_utilityIntel(R) System Support Utility for Windows
CVE-2019-14607
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.15% / 36.74%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:10
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_e3-1501m_firmwarecore_i3-9100_firmwarexeon_w-3245mxeon_e3-1235lcore_i3-6300core_i5-1035g7core_i5-6585rcore_i3-6100e_firmwarecore_i3-8350k_firmwarecore_i3-9350k_firmwarexeon_d-1527core_i7-9700kfcore_i5-8305g_firmwarecore_i5-7500_firmwarexeon_w-2125core_i5-8400hxeon_gold_5217_firmwarecore_i5-7y54xeon_d-2163it_firmwarexeon_e3-1535m_firmwarecore_i7-1060g7_firmwarexeon_d-1521_firmwarecore_i7-9700xeon_gold_6240_firmwarexeon_gold_6234core_i9-9900kfcore_i7-6650u_firmwarexeon_d-1557_firmwarexeon_e3-1268lcore_i5-1035g4xeon_w-2255xeon_d-1518core_i3-8145ucore_i7-6822eqcore_i5-9600_firmwarecore_i5-9600t_firmwarecore_i7-6700tecore_i3-7020uxeon_platinum_8268_firmwarexeon_e3-1285_firmwarexeon_gold_6248_firmwarexeon_gold_6262vcore_i7-6567u_firmwarexeon_e3-1565l_firmwarecore_i3-8109ucore_i7-9700tecore_i7-7600ucore_i5-9400f_firmwarecore_i5-7y57_firmwarexeon_gold_5218core_i7-9700f_firmwarecore_i3-6100t_firmwarecore_i5-9500e_firmwarecore_i3-7100e_firmwarecore_i3-7100exeon_gold_6238m_firmwarexeon_d-1567_firmwarexeon_e3-1275_firmwarecore_i5-6442eq_firmwarexeon_d-1567core_i3-7300core_i5-8269u_firmwarecore_i3-6098pxeon_e3-1268l_firmwarecore_i5-6287u_firmwarexeon_d-2173it_firmwarexeon_e3-1578l_firmwarexeon_w-2245core_i3-9100hlxeon_silver_4210_firmwarecore_i5-6600kcore_i7-7600u_firmwarecore_i5-8400bcore_i3-9300t_firmwarexeon_e3-1285core_i7-10710u_firmwarecore_i5-6500te_firmwarecore_i7-7820hkcore_i5-9500_firmwarexeon_platinum_8276_firmwarecore_i5-8400h_firmwarexeon_gold_6240core_i7-6970hqcore_i3-9100tecore_i7-9700fxeon_e3-1225core_i5-8600core_i7-10510ucore_i7-9700kxeon_d-2177nt_firmwarecore_i5-9400_firmwarecore_i7-8500y_firmwarexeon_d-1533n_firmwarecore_i5-6402pxeon_gold_5220s_firmwarexeon_gold_5215_firmwarexeon_w-2265core_i3-8100xeon_e3-1545mcore_i7-1060g7xeon_w-2245_firmwarexeon_e3-1270_firmwarecore_i5-6600t_firmwarexeon_d-1539core_i3-7300_firmwarecore_i5-7287u_firmwarecore_i7-7700core_i7-7820hq_firmwarexeon_gold_6230_firmwarexeon_d-2146ntcore_i3-7102ecore_i7-7920hq_firmwarexeon_platinum_8280l_firmwarecore_i5-8600kxeon_d-1577_firmwarecore_i7-8700k_firmwarexeon_w-2223_firmwarecore_i7-8700_firmwarexeon_e3-1220core_i7-8750hcore_i5-8365uxeon_d-2187ntcore_i5-9600kfcore_i5-8500b_firmwarecore_i3-7100u_firmwarecore_i3-6100h_firmwarecore_i5-7600xeon_w-3265_firmwarexeon_d-2166ntcore_i5-1030g4_firmwarecore_i7-9850he_firmwarecore_i7-8557u_firmwarexeon_silver_4216xeon_platinum_8253xeon_gold_6230xeon_w-2195core_i7-7820eq_firmwarexeon_w-3235_firmwarecore_i3-8300core_i3-1000g4core_i5-7400tcore_i5-7267u_firmwarexeon_d-2183itxeon_e3-1535mxeon_e3-1505m_firmwarexeon_d-1622core_i3-7100core_i7-8809gcore_i3-8145uecore_i5-7260ucore_i7-8700bxeon_w-2145_firmwarexeon_d-2145ntxeon_gold_6238core_i7-7500u_firmwarecore_i5-7267uxeon_silver_4208core_i5-10210ycore_i7-7820hk_firmwarecore_i9-9900kf_firmwarecore_i7-6560uxeon_w-2123xeon_gold_5220sxeon_w-3275mxeon_platinum_8280m_firmwarexeon_e3-1505lcore_i5-9400tcore_i5-10210u_firmwarecore_i5-9500fxeon_platinum_9282core_i5-8600t_firmwarecore_i5-8300hxeon_d-1513n_firmwarecore_i7-9850hecore_i3-10110ycore_i3-7300t_firmwarexeon_platinum_9242_firmwarecore_i5-6600_firmwarecore_i3-6006u_firmwarexeon_silver_4210xeon_platinum_8256_firmwarecore_i9-9900kscore_i5-9600xeon_e3-1565lcore_i5-7300u_firmwarexeon_platinum_8276mcore_i5-8600_firmwarecore_i3-9100fxeon_e3-1260lcore_i5-9600kf_firmwarecore_i7-9750hfxeon_gold_6238mcore_i5-9300h_firmwarecore_i3-6167ucore_i3-9320_firmwarecore_i5-9500core_i3-8145ue_firmwarexeon_d-1540core_i5-8400b_firmwarecore_i7-6700t_firmwarecore_i3-8100_firmwarexeon_d-1528xeon_e3-1240_firmwarecore_i7-6500ucore_i7-6500u_firmwarecore_i9-9880hxeon_gold_6230t_firmwarexeon_d-2141icore_i5-7287uxeon_d-1541xeon_e3-1558lcore_i5-8500t_firmwarecore_i7-10710ucore_i3-7100h_firmwarexeon_silver_4208_firmwarecore_i5-8300h_firmwarexeon_d-1633n_firmwarexeon_platinum_8268core_i5-6300uxeon_gold_6230n_firmwarecore_i7-8565uxeon_gold_5222core_i5-7300hq_firmwarexeon_platinum_8276l_firmwarexeon_e3-1245core_i5-7300hqcore_i7-8706g_firmwarecore_i7-7560uxeon_w-2133_firmwarexeon_gold_6240mcore_i5-6600k_firmwarecore_i3-6100hcore_i5-7400t_firmwarexeon_d-1548core_i5-6200u_firmwarecore_i5-8259ucore_i3-8100t_firmwarexeon_d-1649nxeon_d-1529xeon_platinum_9221core_i9-9900core_i3-6098p_firmwarecore_i7-10510y_firmwarecore_i7-9850hl_firmwarexeon_w-3265m_firmwarecore_i7-8850h_firmwarecore_i7-6700hqcore_i7-9700kf_firmwarexeon_w-2225_firmwarecore_i7-9850h_firmwarecore_i5-6350hqxeon_gold_5218_firmwarexeon_gold_6238t_firmwarexeon_e3-1515m_firmwarecore_i7-6660u_firmwarecore_i3-7100_firmwarecore_i5-7600tcore_i3-6100te_firmwarexeon_w-2155core_i5-6350hq_firmwarecore_i7-7500ucore_i7-8550uxeon_w-2135xeon_e3-1505mcore_i3-9100txeon_d-1623nxeon_w-2145core_i5-8310y_firmwarecore_i5-6400_firmwarecore_i7-6650ucore_i5-9300hxeon_e3-1240core_i3-7167u_firmwarexeon_platinum_9222_firmwarexeon_gold_5220t_firmwarexeon_platinum_8253_firmwarecore_i7-8559u_firmwarecore_i7-8086k_firmwarexeon_gold_5220_firmwarecore_i5-6585r_firmwarexeon_d-1622_firmwarecore_i5-1035g1_firmwarecore_i7-8665u_firmwarecore_i3-7167ucore_i3-6100tcore_i7-8500ycore_i5-9400hcore_i7-7567ucore_i9-9900txeon_e3-1240l_firmwarexeon_gold_6240m_firmwarexeon_w-2295_firmwarecore_i3-8145u_firmwarexeon_silver_4214xeon_d-2161icore_i7-9700e_firmwarexeon_d-2141i_firmwarecore_i7-7660u_firmwarecore_i7-7820hqcore_i5-6260u_firmwarecore_i5-8210yxeon_gold_5218bcore_i7-8750h_firmwarecore_i3-7300tcore_i3-6100ecore_i3-8300t_firmwarexeon_silver_4216_firmwarexeon_e3-1280core_i3-8109u_firmwarexeon_e3-1260l_firmwarexeon_gold_6254_firmwarecore_i5-7400_firmwarecore_i7-9700k_firmwarecore_i5-7y54_firmwarecore_i3-9100f_firmwarecore_i7-6567ucore_i3-7101exeon_d-1513nxeon_d-1537core_i3-8100b_firmwarexeon_d-2187nt_firmwarecore_i9-8950hk_firmwarecore_i5-8500xeon_d-1539_firmwarecore_i7-6870hq_firmwarexeon_w-3223xeon_d-1559core_i5-7600_firmwarecore_i5-9500te_firmwarexeon_w-3275m_firmwarexeon_w-3175xxeon_w-2235_firmwarecore_i5-6267u_firmwarecore_i5-8265ucore_i5-6300hqxeon_gold_6222v_firmwarexeon_w-3235core_i7-9750hxeon_platinum_8260_firmwarecore_i5-6440hqcore_i7-7y75xeon_w-2225core_i7-7560u_firmwarexeon_w-2133xeon_d-2183it_firmwarecore_i7-6700core_i5-7y57xeon_d-1557core_i3-8350kcore_i5-7500tcore_i3-9100core_i9-9900t_firmwarecore_i5-9600k_firmwarexeon_platinum_9282_firmwarexeon_d-1553n_firmwarexeon_gold_5220tcore_i3-6102e_firmwarexeon_e3-1230_firmwarexeon_platinum_8276lxeon_w-2223core_i7-7700kxeon_platinum_9222core_i7-8705gcore_i7-8665ucore_i5-9500exeon_gold_6230tcore_i3-8300txeon_d-1627_firmwarecore_i7-7660ucore_i7-6600ucore_i3-6100u_firmwarecore_i7-8706gxeon_w-3225core_i9-9880h_firmwarecore_i7-8700t_firmwarecore_i3-6006uxeon_gold_6238_firmwarecore_i7-8700xeon_e3-1501lxeon_w-2155_firmwarecore_i3-6300tcore_i5-8259u_firmwarecore_i7-8665ue_firmwarecore_i3-7130u_firmwarecore_i5-8400core_i7-8705g_firmwarecore_i3-7100tcore_i7-7700txeon_gold_6246xeon_w-3225_firmwarecore_i7-8086kxeon_w-2295core_i5-7260u_firmwarecore_i5-10210ucore_i7-6600u_firmwarexeon_d-1527_firmwarecore_i5-7600k_firmwarecore_i7-6770hqcore_i5-8257ucore_i5-8365ue_firmwarexeon_w-3245m_firmwarecore_i7-8700kxeon_gold_5215mcore_i5-8600k_firmwarecore_i5-7200u_firmwarecore_i5-7442eqcore_i7-10510u_firmwarexeon_gold_5215xeon_e3-1545m_firmwarexeon_d-2143itxeon_d-2163itxeon_e3-1515mxeon_gold_6244_firmwarexeon_d-2161i_firmwarecore_i5-1030g7core_i5-7442eq_firmwarecore_i5-10310y_firmwarecore_i7-8569u_firmwarecore_i3-1000g1core_i7-10510yxeon_gold_5215lxeon_silver_4215_firmwarecore_i5-7360u_firmwarexeon_w-2275_firmwarecore_i5-8210y_firmwarecore_i3-10110ucore_i5-6442eqcore_i3-9100e_firmwarecore_i5-9600kcore_i3-6300_firmwarexeon_d-1531_firmwarecore_i7-7700hqxeon_platinum_8280mxeon_gold_6240l_firmwarexeon_d-2123it_firmwarecore_i3-9100hl_firmwarecore_i3-8100hcore_i3-9100t_firmwarexeon_e3-1225_firmwarecore_i7-6870hqxeon_d-1571xeon_gold_6240lxeon_gold_6238lcore_i5-8350ucore_i3-1005g1_firmwarexeon_w-3223_firmwarexeon_d-2173itcore_i5-6440hq_firmwarecore_i5-7300uxeon_d-2123itxeon_w-3265mcore_i5-8500txeon_d-1627core_i5-7500xeon_gold_5218n_firmwarexeon_w-2255_firmwarecore_i5-6400xeon_platinum_8260y_firmwarexeon_d-1602core_i5-7200ucore_i5-8350u_firmwarecore_i7-8700b_firmwarexeon_gold_5218tcore_i9-8950hkxeon_gold_6240y_firmwarexeon_gold_6242_firmwarexeon_d-1649n_firmwarecore_i3-6320_firmwarecore_i7-6820hq_firmwarecore_i7-7920hqxeon_e3-1575m_firmwarecore_i5-9300hf_firmwarecore_i9-9900ks_firmwarexeon_w-2123_firmwarecore_i5-8400tcore_i3-9300_firmwarexeon_d-2145nt_firmwarexeon_e3-1578lcore_i3-6100_firmwarecore_i3-9100te_firmwarecore_i7-6660uxeon_d-1537_firmwarexeon_d-1541_firmwarecore_i3-7350k_firmwarexeon_e3-1240lxeon_d-2166nt_firmwarexeon_d-1623n_firmwarecore_i5-6500_firmwarecore_i3-7100hcore_i3-7101te_firmwarexeon_d-1548_firmwarexeon_e3-1220_firmwarecore_i5-6500t_firmwarecore_i3-9300xeon_e3-1501l_firmwarexeon_d-1559_firmwarecore_i9-9900kcore_i3-9350kf_firmwarecore_i7-8709gcore_i5-6685r_firmwarecore_i7-7y75_firmwarecore_i5-8200y_firmwarecore_i7-8550u_firmwarecore_i5-6287ucore_i5-1035g7_firmwarexeon_d-1529_firmwarexeon_d-1540_firmwarexeon_platinum_8260mxeon_silver_4214y_firmwarexeon_d-1637_firmwarecore_i5-9400core_i3-8100txeon_platinum_8260core_i5-6500tcore_i5-6260uxeon_bronze_3204_firmwarecore_i7-6700k_firmwarecore_i7-8557uxeon_silver_4214_firmwarexeon_d-2142it_firmwarecore_i5-9500tcore_i5-7500t_firmwarexeon_d-2143it_firmwarecore_i7-6820hk_firmwarexeon_platinum_9242core_i7-8700tcore_i7-6820hqcore_i5-7400xeon_platinum_8280lxeon_e3-1501mxeon_bronze_3204xeon_d-1523n_firmwarecore_i7-8650uxeon_e3-1585_firmwarexeon_platinum_8280_firmwarecore_i3-7102e_firmwarexeon_e3-1245_firmwarecore_i5-6600core_i3-7320core_i7-6700tcore_i7-6920hqcore_i7-9750h_firmwarecore_i3-6167u_firmwarexeon_e3-1585core_i3-6100uxeon_gold_5217core_i7-6700_firmwarecore_i5-1035g1xeon_gold_6230nxeon_e3-1280_firmwarexeon_w-3265xeon_gold_6246_firmwarexeon_gold_5218nxeon_gold_5222_firmwarexeon_w-3245core_i7-6822eq_firmwarecore_i7-8565u_firmwarexeon_platinum_9221_firmwarecore_i5-1035g4_firmwarecore_i3-10110y_firmwarecore_i5-8500bcore_i5-7600t_firmwarexeon_d-1523ncore_i5-8269ucore_i5-6402p_firmwarecore_i3-6157ucore_i5-7440hq_firmwarecore_i5-1030g4core_i5-6300hq_firmwarexeon_gold_5220xeon_d-1653ncore_i3-9100ecore_i7-8709g_firmwarexeon_d-1637xeon_gold_6254xeon_silver_4209t_firmwarexeon_d-1577core_i3-6320xeon_gold_6240ycore_i7-6700kcore_i7-9850hcore_i7-9700t_firmwarecore_i5-9400fcore_i7-6820eq_firmwarecore_i5-7440eqxeon_gold_5215l_firmwarexeon_d-1543n_firmwarexeon_w-2195_firmwarecore_i5-8279ucore_i5-8279u_firmwarecore_i3-8130u_firmwarecore_i5-9500f_firmwarecore_i5-6400txeon_gold_6252n_firmwarecore_i5-9300hfcore_i3-7100ucore_i5-10210y_firmwarexeon_d-1653n_firmwarecore_i3-7101tecore_i3-7350kxeon_w-3275xeon_w-2265_firmwarexeon_platinum_8270_firmwarecore_i5-7600kxeon_d-1553ncore_i5-8250ucore_i3-1000g4_firmwarexeon_d-1571_firmwarexeon_silver_4209tcore_i7-6920hq_firmwarexeon_gold_6234_firmwarecore_i7-9700txeon_d-1633ncore_i3-7100t_firmwarecore_i7-7820eqxeon_e3-1275xeon_gold_6252ncore_i7-9850hlcore_i5-7360uxeon_gold_6244core_i5-6500xeon_gold_5218t_firmwarecore_i7-8650u_firmwarexeon_gold_6248xeon_w-3245_firmwarexeon_platinum_8260l_firmwarexeon_gold_6226_firmwarexeon_e3-1235l_firmwarecore_i3-6157u_firmwarexeon_d-1518_firmwarecore_i3-9350kfcore_i7-6785r_firmwarecore_i5-6200uxeon_platinum_8280core_i9-9900k_firmwarecore_i7-6700hq_firmwarecore_i7-7700k_firmwarexeon_w-2135_firmwarecore_i5-8250u_firmwarecore_i7-7567u_firmwarecore_i7-9700ecore_i3-7320_firmwarecore_i5-8400_firmwarexeon_d-1520core_i7-6970hq_firmwarecore_i7-6785rcore_i7-7700hq_firmwarecore_i7-6820hkxeon_platinum_8256xeon_d-2146nt_firmwarexeon_gold_6238l_firmwarecore_i5-7440eq_firmwarecore_i3-1000g1_firmwarecore_i7-9750hf_firmwarecore_i5-10310yxeon_gold_5218b_firmwarecore_i5-8400t_firmwarexeon_gold_6222vxeon_w-2125_firmwarexeon_d-1520_firmwarecore_i3-6102ecore_i5-6400t_firmwarecore_i5-8365u_firmwarexeon_w-2175_firmwarexeon_gold_6242core_i7-6700te_firmwarecore_i5-6600txeon_d-1531core_i3-9300tcore_i5-6360u_firmwarexeon_gold_6262v_firmwarecore_i3-8100h_firmwarexeon_platinum_8270xeon_platinum_8260yxeon_platinum_8260m_firmwarexeon_d-1533nxeon_w-2235xeon_silver_4215xeon_d-2142itxeon_w-3175x_firmwarecore_i7-8850hcore_i3-7130ucore_i5-8265u_firmwarecore_i7-6560u_firmwarecore_i3-8300_firmwarecore_i7-6820eqcore_i9-9900_firmwarecore_i7-1065g7_firmwarexeon_gold_5215m_firmwarexeon_e3-1558l_firmwarexeon_platinum_8276xeon_gold_6238tcore_i5-6500texeon_silver_4214ycore_i5-8257u_firmwarecore_i3-9350kcore_i5-8500_firmwarecore_i5-8365uecore_i7-8665uexeon_platinum_8276m_firmwarecore_i5-6300u_firmwarecore_i7-8809g_firmwarexeon_e3-1575mxeon_e3-1230core_i5-6685rcore_i7-7700t_firmwarecore_i9-9980hk_firmwarexeon_w-3275_firmwarecore_i5-1030g7_firmwarecore_i5-9400h_firmwarecore_i5-8200ycore_i3-6100core_i5-8310yxeon_w-2275core_i3-10110u_firmwarexeon_d-1543nxeon_d-1528_firmwarecore_i5-9500tecore_i5-7440hqxeon_gold_6226core_i5-6360uxeon_d-1521xeon_e3-1505l_firmwarecore_i5-9500t_firmwarecore_i3-6300t_firmwarecore_i7-8569uxeon_gold_6252core_i7-9700te_firmwarecore_i7-7700_firmwarecore_i7-6770hq_firmwarecore_i5-6267ucore_i3-1005g1core_i3-8100bcore_i5-9600txeon_gold_6252_firmwarecore_i3-7101e_firmwarecore_i3-7020u_firmwarecore_i3-9320core_i5-6440eqcore_i5-6440eq_firmwarecore_i5-8600txeon_platinum_8260lcore_i5-8305gcore_i9-9980hkcore_i7-1065g7core_i7-8559uxeon_d-1602_firmwarecore_i5-9400t_firmwarecore_i7-9700_firmwarecore_i3-6100texeon_d-2177ntcore_i3-8130uxeon_e3-1270xeon_e3-1585l_firmwarexeon_w-2175xeon_e3-1585lIntel® Processors
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2019-0139
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.12% / 32.34%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:21
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient access control in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow a privileged user to potentially enable an escalation of privilege, denial of service, or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_x710-at2_firmwareethernet_controller_x710-tm4_firmwareethernet_controller_x710-bm2_firmwareethernet_controller_710-bm1ethernet_controller_xxv710-am2ethernet_controller_xxv710-am1_firmwareethernet_controller_xxv710-am1ethernet_controller_x710-bm2ethernet_controller_xxv710-am2_firmwareethernet_700_series_softwareethernet_controller_x710-at2ethernet_controller_710-bm1_firmwareethernet_controller_x710-tm42019.2 IPU – Intel(R) Ethernet 700 Series Controllers
CVE-2019-0105
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.92%
||
7 Day CHG~0.00%
Published-18 Feb, 2019 | 17:00
Updated-16 Sep, 2024 | 23:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient file permissions checking in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managern/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2019-0106
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.25% / 47.94%
||
7 Day CHG~0.00%
Published-18 Feb, 2019 | 17:00
Updated-16 Sep, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient run protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managern/a
CVE-2023-28714
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.04% / 10.45%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-17 Oct, 2024 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in firmware for some Intel(R) PROSet/Wireless WiFi software for Windows before version 22.220 HF (Hot Fix) may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-windowsproset\/wireless_wifiIntel(R) PROSet/Wireless WiFi software for Windowsintel_proset_wireless_wifi_software_for_windows
CWE ID-CWE-863
Incorrect Authorization
CWE ID-CWE-284
Improper Access Control
CVE-2019-0138
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in Intel(R) ACU Wizard version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-acu_wizardIntel(R) ACU Wizard
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-0086
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.07%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) Converged Security & Management Engine (CSME) Dynamic Application Loader, Intel (R) Trusted Execution Engine Interface (TXE)
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-28385
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.04% / 11.10%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-10 Oct, 2024 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authorization in the Intel(R) NUC Pro Software Suite for Windows before version 2.0.0.9 may allow a privileged user to potentially enable escalation of privilage via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-windowsnext_unit_of_computing_firmwareIntel(R) NUC Pro Software Suite for Windowsnuc_pro_software_suite
CWE ID-CWE-285
Improper Authorization
CVE-2019-14608
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.19% / 40.69%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:10
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc7i7dnke_firmwarenuc8i3cysmnuc7i5dnke_firmwarenuc6i5syh_firmwarestk2mv64cc_firmwarestk2m3w64ccd34010wybnuc7cjyhnuc_8_mainstream_game_kitstk2m3w64cc_firmwarenuc8i7hnknuc_8_mainstream_game_mini_computer_firmwarenuc6i5syhcd1iv128mknuc8i7bek_firmwarenuc7i3dnhenuc8i7hnk_firmwarecd1iv128mk_firmwarenuc6i7kykcd1m3128mk_firmwared34010wyb_firmwarecd1m3128mknuc7cjyh_firmwarecd1p64gknuc7i3dnhe_firmwarenuc_8_mainstream_game_mini_computerde3815tybe_firmwarenuc7i5dnkenuc6cayscd1p64gk_firmwarenuc_8_mainstream_game_kit_firmwarede3815tybenuc7i7dnkestk2mv64ccnuc6i7kyk_firmwarenuc6cays_firmwarenuc8i7beknuc8i3cysm_firmwareIntel(R) NUC(R)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-14613
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-17 Jan, 2020 | 17:37
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in driver for Intel(R) VTune(TM) Amplifier for Windows* before update 8 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-vtune_profilerIntel(R) VTune(TM) Amplifier for Windows*
CVE-2023-25545
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.09% / 26.20%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_system_d50tnp1mhcpacserver_system_d50tnp2mhsvac_firmwareserver_system_m50cyp2ur312_firmwareserver_system_d50tnp2mhsvacserver_system_d50tnp1mhcrac_firmwareserver_system_d50tnp2mhstacserver_system_m50cyp2ur208server_system_d50tnp2mfalacserver_system_d50tnp1mhcrlc_firmwareserver_system_m50cyp1ur212_firmwareserver_system_m50cyp2ur208_firmwareserver_system_m50cyp2ur312server_system_m50cyp1ur204_firmwareserver_system_d50tnp1mhcracserver_system_d50tnp1mhcrlcserver_system_d50tnp2mhstac_firmwareserver_system_m50cyp1ur204server_system_d50tnp1mhcpac_firmwareserver_system_d50tnp2mfalac_firmwareserver_system_m50cyp1ur212Intel(R) Server Board BMC firmware
CWE ID-CWE-92
DEPRECATED: Improper Sanitization of Custom Special Characters
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-3627
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.26% / 49.07%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.

Action-Not Available
Vendor-Intel CorporationNetApp, Inc.
Product-xeon_e3_1270_v6xeon_e3_1275_v6xeon_e3_1240_v6element_software_management_nodexeon_e3_1225_v6xeon_e3_1240_v5xeon_e3_1270_v5xeon_e3_1240l_v5xeon_e3_1280_v5xeon_e3_1245_v6xeon_wcore_i7xeon_e3_1220_v6core_i3xeon_e3_1225_v5xeon_e3_1230_v5converged_security_management_engine_firmwarexeon_e3_1220_v5xeon_e3_1230_v6core_i5xeon_e3_1235l_v5core_i9xeon_e3_1245_v5xeon_e3_1280_v6xeon_e3_1285_v6xeon_e3_1260l_v5Intel Converged Security Management Engine (Intel CSME)
CVE-2018-3702
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.98%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the ITE Tech* Consumer Infrared Driver for Windows 10 versions before 5.4.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-ite_tech_consumer_infrared_driverwindows_10ITE Tech Consumer Infrared Driver for Windows 10 Advisory
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-3682
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.05% / 13.83%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS.

Action-Not Available
Vendor-Intel Corporation
Product-hns2600tp24strbbs2600bpbr1208wftysr1304wf0yshns2600tprhns7200apr2224wfqzshns2600bpqbbs2600stqs2600tpnrs2600kptrhns2600bpblcr2208wttyc1rr2208wt2ysrbbs2600stbr2208wf0zsr2208wftzsdbs2600cw2rdbs2600cwtrr2312wf0npr2312wttysrs2600stbs2600wtts1rr2224wftzsr1208wt2gsrs2600wt2rhns2600kpfrhns2600kprr1304wttgsrbbs7200apbbs2600bpshns2600bpsr2208wfqzshns2600bpb24bbs7200aplhns2600bps24hns2600tpfrs2600wfohns2600bpq24hns2600bpblc24r2312wfqzss2600wttrr2224wttysrr1208wttgsrhns2600tpnrr1304wt2gsrhns2600bpbs2600tprr1304wftyshns7200aprls2600tptrr2208wttysrs2600stqr2308wftzsdbs2600cwtsrhns7200aprs7200aprhns2600tp24srdbs2600cw2srhns7200aplhns2600tp24rs2600kprbmc_firmwares2600wfqr2308wttysrbbs2600bpqs2600kpfrs2600tpfrs2600wftr2312wftzsIntel Server Boards, Compute Modules and Systems
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-3668
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.54%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted service paths in Intel Processor Diagnostic Tool (IPDT) before version 4.1.0.27 allows a local attacker to potentially execute arbitrary code.

Action-Not Available
Vendor-Intel Corporation
Product-processor_diagnostic_toolIntel Processor Diagnostic Tool
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2018-3698
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.97%
||
7 Day CHG~0.00%
Published-14 Nov, 2018 | 14:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper file permissions in the installer for the Intel Ready Mode Technology may allow an unprivileged user to potentially gain privileged access via local access.

Action-Not Available
Vendor-Intel Corporation
Product-ready_mode_technologyIntel Ready Mode Technology
CVE-2018-3645
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.49%
||
7 Day CHG~0.00%
Published-03 Apr, 2018 | 21:00
Updated-16 Sep, 2024 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Escalation of privilege in all versions of the Intel Remote Keyboard allows a local attacker to inject keystrokes into another remote keyboard session.

Action-Not Available
Vendor-Intel Corporation
Product-remote_keyboard_mobile_appremote_keyboardIntel Remote Keyboard
CVE-2018-3686
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.16% / 37.70%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Code injection vulnerability in INTEL-SA-00086 Detection Tool before version 1.2.7.0 may allow a privileged user to potentially execute arbitrary code via local access.

Action-Not Available
Vendor-Intel Corporation
Product-sa-00086_detection_toolINTEL-SA-00086 Detection Tool
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2018-3704
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-13 Dec, 2018 | 23:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in the installer for the Intel Parallel Studio before 2019 Gold may allow authenticated users to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-parallel_studioparallel_studio_xeIntel Parallel Studio
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-22297
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.08% / 23.85%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Access of memory location after end of buffer in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_system_d50tnp1mhcpacserver_system_d50tnp2mhsvac_firmwareserver_system_m50cyp2ur312_firmwareserver_system_d50tnp2mhsvacserver_system_d50tnp1mhcrac_firmwareserver_system_d50tnp2mhstacserver_system_d50tnp2mfalacserver_system_m50cyp2ur208server_system_d50tnp1mhcrlc_firmwareserver_system_m50cyp1ur212_firmwareserver_system_m50cyp2ur208_firmwareserver_system_m50cyp2ur312server_system_m50cyp1ur204_firmwareserver_system_d50tnp1mhcracserver_system_d50tnp1mhcrlcserver_system_d50tnp2mhstac_firmwareserver_system_m50cyp1ur204server_system_d50tnp1mhcpac_firmwareserver_system_d50tnp2mfalac_firmwareserver_system_m50cyp1ur212Intel(R) Server Board BMC firmware
CWE ID-CWE-788
Access of Memory Location After End of Buffer
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-22661
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.09% / 26.86%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_system_d50tnp1mhcpacserver_system_d50tnp2mhsvac_firmwareserver_system_m50cyp2ur312_firmwareserver_system_d50tnp2mhsvacserver_system_d50tnp1mhcrac_firmwareserver_system_d50tnp2mhstacserver_system_d50tnp2mfalacserver_system_m50cyp2ur208server_system_d50tnp1mhcrlc_firmwareserver_system_m50cyp1ur212_firmwareserver_system_m50cyp2ur208_firmwareserver_system_m50cyp2ur312server_system_m50cyp1ur204_firmwareserver_system_d50tnp1mhcracserver_system_d50tnp1mhcrlcserver_system_d50tnp2mhstac_firmwareserver_system_m50cyp1ur204server_system_d50tnp1mhcpac_firmwareserver_system_d50tnp2mfalac_firmwareserver_system_m50cyp1ur212Intel(R) Server Board BMC firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-18093
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-13 Dec, 2018 | 23:00
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access.

Action-Not Available
Vendor-Intel Corporation
Product-vtune_amplifierIntel VTune Amplifier
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-18094
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.98%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 17:01
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in installer for Intel(R) Media SDK before 2018 R2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-media_sdkIntel(R) Media SDK Advisory
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-18097
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-13 Dec, 2018 | 23:00
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-solid_state_drive_toolboxIntel Solid State Drive Toolbox
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-11987
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 17:52
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A security vulnerability in HPE Smart Update Manager (SUM) prior to v8.4 could allow local unauthorized elevation of privilege.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-smart_update_managerHPE Smart Update Manager
CVE-2021-0200
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 26.58%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:14
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in the firmware for Intel(R) Ethernet 700 Series Controllers before version 8.2 may allow a privileged user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_v710-at2_firmwareethernet_controller_x710-tm4_firmwareethernet_controller_x710-am2ethernet_controller_xl710-am2_firmwareethernet_controller_x710-bm2_firmwareethernet_controller_x710-am2_firmwareethernet_controller_v710-at2ethernet_controller_xxv710-am1ethernet_controller_xl710-am1ethernet_controller_xl710-bm2ethernet_controller_xxv710-am2_firmwareethernet_controller_xl710-am1_firmwareethernet_controller_x710-bm2ethernet_controller_x710-tm4ethernet_controller_xl710-bm1ethernet_controller_x710-at2_firmwareethernet_controller_xl710-bm1_firmwareethernet_controller_xxv710-am2ethernet_controller_xxv710-am1_firmwareethernet_controller_xl710-am2ethernet_controller_xl710-bm2_firmwareethernet_controller_x710-at2Intel(R) Ethernet 700 Series Controllers
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0056
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:05
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions for the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-lapbc510_firmwarelapbc510lapbc710lapbc710_firmwareIntel(R) NUC M15 Laptop Kit Driver Pack software
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-8743
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:14
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Intel(R) Mailbox Interface driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-mailbox_interface_driverIntel(R) Mailbox Interface driver Advisory
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-8722
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.19% / 41.55%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:51
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8731
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.12% / 31.30%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:26
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect execution-assigned permissions in the file system for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-8676
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.69%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:00
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel(R) Visual Compute Accelerator 2, all versions, may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-visual_compute_accelerator_2_firmwarevisual_compute_accelerator_2versions
CVE-2020-8684
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 17.23%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 03:16
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in firmware for Intel(R) PAC with Arria(R) 10 GX FPGA before Intel Acceleration Stack version 1.2.1 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-programmable_acceleration_card_with_arria_10_gx_fpgaacceleration_stackIntel(R) PAC with Arria(R) 10 GX FPGA Advisory
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 15
  • 16
  • Next
Details not found