Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-11155

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-14 Nov, 2019 | 16:54
Updated At-04 Aug, 2024 | 22:48
Rejected At-
Credits

Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:14 Nov, 2019 | 16:54
Updated At:04 Aug, 2024 | 22:48
Rejected At:
▼CVE Numbering Authority (CNA)

Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via local access.

Affected Products
Vendor
n/a
Product
Intel(R) PROSet/Wireless WiFi Software Security
Versions
Affected
  • See provided reference
Problem Types
TypeCWE IDDescription
textN/ADenial of Service, Information Disclosure
Type: text
CWE ID: N/A
Description: Denial of Service, Information Disclosure
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00288.html
x_refsource_MISC
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00288.html
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00288.html
x_refsource_MISC
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00288.html
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:14 Nov, 2019 | 17:15
Updated At:21 Jul, 2021 | 11:39

Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.1HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Primary2.03.6LOW
AV:L/AC:L/Au:N/C:P/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Type: Primary
Version: 2.0
Base score: 3.6
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:P
CPE Matches
Intel Corporation
intel
>>proset\/wireless_wifi>>Versions before 21.40(exclusive)
cpe:2.3:a:intel:proset\/wireless_wifi:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>dual_band_wireless-ac_3165>>-
cpe:2.3:h:intel:dual_band_wireless-ac_3165:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>dual_band_wireless-ac_3168>>-
cpe:2.3:h:intel:dual_band_wireless-ac_3168:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>dual_band_wireless-ac_7265_\(rev_d\)>>-
cpe:2.3:h:intel:dual_band_wireless-ac_7265_\(rev_d\):-:*:*:*:*:*:*:*
Intel Corporation
intel
>>dual_band_wireless-ac_8260>>-
cpe:2.3:h:intel:dual_band_wireless-ac_8260:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>dual_band_wireless-ac_8265>>-
cpe:2.3:h:intel:dual_band_wireless-ac_8265:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>dual_band_wireless-n_7265_\(rev_d\)>>-
cpe:2.3:h:intel:dual_band_wireless-n_7265_\(rev_d\):-:*:*:*:*:*:*:*
Intel Corporation
intel
>>wi-fi_6_ax200>>-
cpe:2.3:h:intel:wi-fi_6_ax200:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>wi-fi_6_ax201>>-
cpe:2.3:h:intel:wi-fi_6_ax201:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>wireless-ac_9260>>-
cpe:2.3:h:intel:wireless-ac_9260:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>wireless-ac_9461>>-
cpe:2.3:h:intel:wireless-ac_9461:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>wireless-ac_9462>>-
cpe:2.3:h:intel:wireless-ac_9462:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>wireless-ac_9560>>-
cpe:2.3:h:intel:wireless-ac_9560:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>wireless_7265_\(rev_d\)>>-
cpe:2.3:h:intel:wireless_7265_\(rev_d\):-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-732Primarynvd@nist.gov
CWE ID: CWE-732
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00288.htmlsecure@intel.com
Vendor Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00288.html
Source: secure@intel.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

76Records found
CVE-2020-8731
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.12% / 31.29%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:26
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect execution-assigned permissions in the file system for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-33898
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.52%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 17:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before version 2.0.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_watchdog_timer_utilityIntel(R) NUC Watchdog Timer installation software
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-25992
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.07% / 21.24%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in the Intel(R) oneAPI Toolkits oneapi-cli before version 0.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi-cliIntel(R) oneAPI Toolkits oneapi-cli
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-39230
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.88%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-rapid_storage_technologyIntel Rapid Storage Technology software
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-24525
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.78%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:16
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_board_h27002-404nuc_8_mainstream-g_kit_nuc8i7inhnuc_8_pro_kit_nuc8i3pnknuc_8_pro_board_nuc8i3pnbnuc_8_pro_kit_nuc8i3pnhnuc_kit_h26998-402nuc_board_h27002-400nuc_8_mainstream-g_mini_pc_nuc8i7inhnuc_board_nuc8cchbnuc_8_pro_mini_pc_nuc8i3pnknuc_kit_h26998-405_firmwarenuc_8_mainstream-g_kit_nuc8i7inh_firmwarenuc_8_mainstream-g_mini_pc_nuc8i5inhnuc_kit_h26998-500_firmwarenuc_kit_h26998-402_firmwarenuc_8_pro_board_nuc8i3pnb_firmwarenuc_8_rugged_kit_nuc8cchkrnuc_board_h27002-404_firmwarenuc_8_mainstream-g_kit_nuc8i5inh_firmwarenuc_8_mainstream-g_kit_nuc8i5inhnuc_board_nuc8cchb_firmwarenuc_kit_h26998-500nuc_kit_h26998-404nuc_board_h27002-500_firmwarenuc_8_rugged_kit_nuc8cchkr_firmwarenuc_board_h27002-400_firmwarenuc_board_h27002-402_firmwarenuc_kit_h26998-403_firmwarenuc_kit_h26998-403nuc_board_h27002-402nuc_kit_h26998-401nuc_kit_h26998-405nuc_8_pro_mini_pc_nuc8i3pnk_firmwarenuc_8_mainstream-g_mini_pc_nuc8i5inh_firmwarenuc_board_h27002-401_firmwarenuc_8_pro_kit_nuc8i3pnh_firmwarenuc_board_h27002-401nuc_kit_h26998-401_firmwarenuc_board_h27002-500nuc_9_pro_kit_nuc9v7qnxnuc_9_pro_kit_nuc9vxqnx_firmwarenuc_9_pro_kit_nuc9vxqnxnuc_9_pro_kit_nuc9v7qnx_firmwarenuc_8_mainstream-g_mini_pc_nuc8i7inh_firmwarenuc_8_pro_kit_nuc8i3pnk_firmwarenuc_kit_h26998-404_firmwareIntel(R) NUCs
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-38541
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 9.75%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel HID Event Filter drivers for Windows 10 for some Intel NUC laptop software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hid_event_filter_driverIntel HID Event Filter drivers for Windows 10 for some Intel NUC laptop software installers
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-34314
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.98%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel(R) Simics Simulator software before version 1.7.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-simics_simulatorIntel(R) Simics Simulator software
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-0557
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.93%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 16:58
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in Intel(R) PROSet/Wireless WiFi products before version 21.70 on Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wireless-ac_9461wireless-ac_9560wi-fi_6_ax201dual_band_wireless-ac_3165dual_band_wireless-ac_7265_\(rev_d\)dual_band_wireless-ac_8260wireless-ac_9260dual_band_wireless-ac_3168wi-fi_6_ax200dual_band_wireless-ac_8265wireless-ac_9462proset\/wireless_wifiIntel(R) PROSet/Wireless WiFi Software
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-0563
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.25%
||
7 Day CHG~0.00%
Published-13 Feb, 2020 | 18:20
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for Intel(R) MPSS before version 3.8.6 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-manycore_platform_software_stackIntel(R) MPSS
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-28658
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.81%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-15 Oct, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_math_kernel_libraryIntel(R) oneMKL software
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-36276
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.02% / 3.35%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 21:11
Updated-04 Feb, 2025 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-computing_improvement_programIntel(R) CIP software*
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-14629
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 10.37%
||
7 Day CHG~0.00%
Published-17 Jan, 2020 | 17:38
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in Intel(R) DAAL before version 2020 Gold may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-Intel Corporation
Product-data_analytics_acceleration_libraryIntel(R) DAAL
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-11167
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.74%
||
7 Day CHG~0.00%
Published-11 Oct, 2019 | 17:57
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper file permission in software installer for Intel(R) Smart Connect Technology for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-smart_connect_technologySmart Connect Technology for Intel® NUC Advisory
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-11166
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 8.61%
||
7 Day CHG~0.00%
Published-16 Sep, 2019 | 15:58
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper file permissions in the installer for Intel(R) Easy Streaming Wizard before version 2.1.0731 may allow an authenticated user to potentially enable escalation of privilege via local attack.

Action-Not Available
Vendor-n/aIntel Corporation
Product-easy_streaming_wizardIntel(R) Easy Streaming Wizard Advisory
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-11121
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.78%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 17:53
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper file permissions in the installer for the Intel(R) Media SDK for Windows before version 2019 R1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-windowsmedia_sdkIntel(R) Media SDK for Windows
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-41699
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.09% / 27.11%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT drivers for Windows
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-41771
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 21.52%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT drivers for Windows
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-41700
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.52%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-14 Aug, 2024 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software before version 2.0.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_pro_software_suiteIntel(R) NUC Pro Software Suite installation softwarenuc_pro_software_suite
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-41658
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 15.81%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in the Intel(R) VTune(TM) Profiler software before version 2023.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-vtune_profilerIntel(R) VTune(TM) Profiler software
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-12168
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.01%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 19:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Privilege escalation in file permissions in Intel Computing Improvement Program before version 2.2.0.03942 may allow an authenticated user to potentially execute code as administrator via local access.

Action-Not Available
Vendor-Intel Corporation
Product-computing_improvement_programIntel(R) Computing Improvement Program
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-36294
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.02% / 3.35%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 21:11
Updated-04 Feb, 2025 | 18:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions for some Intel(R) DSA software before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-driver_\&_support_assistantIntel(R) DSA softwaredsa_software
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-12302
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.78%
||
7 Day CHG~0.00%
Published-05 Oct, 2020 | 13:46
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the Intel(R) Driver & Support Assistant before version 20.7.26.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-driver_\&_support_assistantIntel(R) Driver & Support Assistant
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-0559
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.49%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 03:27
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 8.1 before version 21.40.5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-celeron_n3010celeron_j1750windows_8.1celeron_n2840ac_3165_firmwareac_9560_firmwarepentium_j6426ac_8265_firmwareceleron_n2808pentium_j2850celeron_j4025celeron_n2910pentium_j4205celeron_n2930pentium_n3510celeron_j6413celeron_n3350ac_3168_firmwareceleron_n3050ac_9260_firmwareceleron_j1850celeron_n6210ac_8260_firmwarepentium_n3700celeron_n2920celeron_n3000celeron_n2807ac_7265_firmwarepentium_n3520celeron_n2815pentium_j3710pentium_j2900celeron_j3060celeron_n3160ac_9461_firmwareac_9462_firmwareceleron_n2940celeron_n6211celeron_n5105pentium_n3530celeron_j3455pentium_n3540celeron_n4000celeron_j3455eceleron_n2830pentium_n4200eceleron_n4500celeron_n2820pentium_n6415celeron_n3450celeron_n5100pentium_n3710celeron_n4020celeron_j4105celeron_j3160celeron_j6412celeron_n3150celeron_n2810celeron_n4100celeron_j1800celeron_n2805celeron_n2806celeron_j1900celeron_n3060atom_x5-e3940celeron_n4505celeron_j4005atom_x5-e3930celeron_j3355pentium_n4200atom_x7-e3950ax200_firmwareceleron_n4120celeron_n3350ewindows_7ax201_firmwareceleron_j3355eceleron_j4125Intel(R) PROSet/Wireless WiFi Advisory
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2014-10402
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.05% / 13.38%
||
7 Day CHG~0.00%
Published-16 Sep, 2020 | 15:55
Updated-06 Aug, 2024 | 14:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401.

Action-Not Available
Vendor-perln/a
Product-dbin/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2014-10401
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.03% / 7.52%
||
7 Day CHG~0.00%
Published-11 Sep, 2020 | 18:37
Updated-06 Aug, 2024 | 14:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the DBI module before 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute.

Action-Not Available
Vendor-perln/a
Product-dbin/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2005-4868
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-0.14% / 34.02%
||
7 Day CHG~0.00%
Published-06 Oct, 2007 | 21:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service.

Action-Not Available
Vendor-n/aIBM CorporationMicrosoft Corporation
Product-db2_universal_databasewindowsn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
  • Previous
  • 1
  • 2
  • Next
Details not found