Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-12324

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-12 Nov, 2020 | 18:24
Updated At-04 Aug, 2024 | 11:56
Rejected At-
Credits

Protection mechanism failure in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:12 Nov, 2020 | 18:24
Updated At:04 Aug, 2024 | 11:56
Rejected At:
▼CVE Numbering Authority (CNA)

Protection mechanism failure in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Products
Vendor
n/a
Product
Intel(R) Thunderbolt(TM) DCH drivers for Windows*
Versions
Affected
  • before version 72
Problem Types
TypeCWE IDDescription
textN/Aescalation of privilege
Type: text
CWE ID: N/A
Description: escalation of privilege
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00422
x_refsource_MISC
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00422
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00422
x_refsource_MISC
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00422
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:12 Nov, 2020 | 19:15
Updated At:21 Jul, 2021 | 11:39

Protection mechanism failure in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow an authenticated user to potentially enable escalation of privilege via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Intel Corporation
intel
>>thunderbolt_dch_driver>>Versions before 72(exclusive)
cpe:2.3:a:intel:thunderbolt_dch_driver:*:*:*:*:*:windows:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00422secure@intel.com
Vendor Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00422
Source: secure@intel.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

622Records found
CVE-2023-38541
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 9.89%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel HID Event Filter drivers for Windows 10 for some Intel NUC laptop software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hid_event_filter_driverIntel HID Event Filter drivers for Windows 10 for some Intel NUC laptop software installers
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-38561
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 11.18%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-25 Oct, 2024 | 19:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) XTU software before version 7.12.0.29 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-extreme_tuning_utilityIntel(R) XTU software
CWE ID-CWE-284
Improper Access Control
CVE-2023-38566
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 35.35%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-24 Oct, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) ISPC software before version 1.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-implicit_spmd_program_compilerIntel(R) ISPC softwareispc
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-0591
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.12% / 31.52%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 17:55
Updated-04 Aug, 2024 | 06:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationSiemens AG
Product-xeon_gold_6246rxeon_platinum_8276lxeon_w-2223core_i7-9800xxeon_platinum_9222xeon_w-3245mxeon_gold_5217xeon_gold_6230tcore_i7-6950xxeon_gold_6230ncore_i7-4960xxeon_w-3225xeon_w-3265xeon_gold_5218nxeon_w-3245xeon_d-1527xeon_w-2125core_i9-10940xxeon_d-1523nxeon_d-1540xeon_gold_5220xeon_gold_6246xeon_d-1653ncore_i7-7740xxeon_d-1528xeon_silver_4214rcore_i7-5820kxeon_d-1577xeon_gold_6254xeon_d-1637xeon_w-2295core_i7-3960xxeon_gold_6240yxeon_gold_6234xeon_d-2141ixeon_d-1541core_i7-3940xmxeon_gold_6238rxeon_w-1250xeon_d-1518xeon_w-1250texeon_w-2255xeon_gold_6208ucore_i7-4940mxxeon_platinum_8268xeon_gold_5215xeon_w-1290exeon_d-2143itxeon_gold_6262vcore_i7-4930kxeon_d-2163itcore_i9-7920xxeon_gold_5222xeon_w-3275xeon_gold_5218simatic_cpu_1518-4xeon_d-1553nxeon_w-1270xeon_silver_4209txeon_d-1567simatic_cpu_1518f-4_firmwarexeon_w-1270exeon_d-1633nxeon_gold_5215lxeon_silver_4215rxeon_gold_6252nxeon_d-1548core_i7-4820kxeon_d-1649nxeon_d-1529xeon_platinum_9221xeon_w-2245xeon_gold_6244xeon_silver_4210tcore_i9-7960xcore_i7-7820xxeon_gold_6248xeon_gold_6212uxeon_w-1270tecore_i9-7980xexeon_platinum_8280xeon_gold_6248rcore_i7-6900kcore_i9-9940xxeon_gold_6258rxeon_d-1520xeon_w-1290txeon_d-1571xeon_gold_6240xeon_gold_6238lxeon_gold_6240lxeon_gold_6250biosxeon_platinum_8256core_i9-9820xxeon_d-2173itxeon_w-2155core_i9-9900xxeon_d-2123itxeon_w-1290pxeon_w-3265mxeon_w-2135xeon_gold_6222vxeon_d-1627core_i7-3930kxeon_gold_6242xeon_w-2265xeon_d-1623nxeon_w-2145xeon_d-1531xeon_d-1602xeon_w-10855mxeon_platinum_8260yxeon_platinum_8270xeon_d-1539xeon_d-1533nxeon_gold_6242rxeon_gold_5218txeon_silver_4215core_i9-9980xexeon_d-2142itxeon_w-2235xeon_gold_5220rcore_i7-6800kxeon_d-2146ntcore_i9-10900xxeon_silver_4214xeon_platinum_8276xeon_gold_6238txeon_w-1270pxeon_silver_4210rxeon_gold_6250lxeon_d-2161ixeon_silver_4214yxeon_gold_6210ucore_i9-10920xcore_i9-10980xexeon_d-2187ntxeon_gold_5218bcore_i7-6850kcore_i7-3970xcore_i9-7940xcore_i9-9960xxeon_d-2166ntxeon_w-1250exeon_w-1290core_i7-3920xmxeon_silver_4216xeon_gold_6230xeon_platinum_8253xeon_gold_6240rxeon_w-10885mxeon_w-2195simatic_cpu_1518-4_firmwarexeon_d-2183itxeon_d-1513nxeon_d-1537xeon_w-2275xeon_d-1622xeon_w-1290tecore_i5-7640xcore_i9-7900xxeon_d-1543nxeon_gold_6209uxeon_w-3223xeon_gold_6226xeon_d-1559xeon_gold_6256xeon_d-1521core_i7-5960xxeon_d-2145ntxeon_gold_6230rxeon_w-3175xxeon_gold_6238xeon_gold_6252xeon_w-1250pcore_i7-7800xcore_i9-9920xcore_i7-4930mxxeon_w-3235xeon_silver_4208core_i7-5930kxeon_gold_5218rxeon_gold_6226rxeon_bronze_3206rxeon_w-2225xeon_w-2123xeon_gold_5220sxeon_w-2133xeon_w-3275mxeon_platinum_9242xeon_platinum_9282core_i7-3820xeon_d-1557xeon_platinum_8260lxeon_platinum_8280lxeon_bronze_3204simatic_cpu_1518f-4xeon_d-2177ntxeon_w-2175xeon_gold_5220txeon_silver_4210Intel(R) Processors
CVE-2023-36493
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 32.74%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-29 Oct, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) SDK for OpenCL(TM) Applications software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-software_development_kit_for_openclIntel(R) SDK for OpenCL(TM) Applications softwarefield_programmable_gate_array_software_development_kit_for_opencl
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-35192
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.12% / 32.25%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) GPA Framework software before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzers_frameworkIntel(R) GPA Framework softwaregraphics_performance_analyzer
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-35003
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 26.59%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-28 Oct, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path transversal in some Intel(R) VROC software before version 8.0.8.1001 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-virtual_raid_on_cpuIntel(R) VROC softwarevroc_software
CWE ID-CWE-249
DEPRECATED: Often Misused: Path Manipulation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-35769
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 35.35%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-29 Oct, 2024 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) CIP software before version 2.4.10577 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-computing_improvement_programIntel(R) CIP softwarecomputing_improvement_program
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-34350
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 23.09%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in some Intel(R) XTU software before version 7.12.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-extreme_tuning_utilityIntel(R) XTU software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-34427
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 18.26%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-04 Oct, 2024 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Protection mechanism failure in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-realsense_450_fa_firmwarerealsense_450_faIntel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2023-33870
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 15.32%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-25 Oct, 2024 | 13:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel(R) Ethernet tools and driver install software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-administrative_tools_for_intel_network_adaptersethernet_connections_boot_utility\,_preboot_images\,_and_efi_driversIntel(R) Ethernet tools and driver install software
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-32663
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.95%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-15 Oct, 2024 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in some Intel(R) RealSense(TM) SDKs in version 2.53.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-realsense_software_development_kitIntel(R) RealSense(TM) SDKs in version 2.53.1
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-32661
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 30.61%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication in some Intel(R) NUC Kits NUC7PJYH and NUC7CJYH Realtek* SD Card Reader Driver installation software before version 10.0.19041.29098 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc7cjyhnuc_kit_nuc7pjyhrealtek_sd_card_reader_driverIntel(R) NUC Kits NUC7PJYH and NUC7CJYH Realtek* SD Card Reader Driver installation softwareintel_nuc_kits_nuc7pjyh_and_nuc7cjyh_realtek_sd_card_reader_driver_installation_software
CWE ID-CWE-287
Improper Authentication
CVE-2023-32638
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 20.02%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-arc_rgb_controllerIntel Arc RGB Controller software
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-0146
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.27% / 50.13%
||
7 Day CHG-0.11%
Published-17 Nov, 2021 | 19:25
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-celeron_j1750celeron_j4125_firmwarepentium_silver_n5000_firmwareceleron_n2940_firmwareceleron_j1850_firmwarepentium_j2850pentium_silver_n5030celeron_j1900_firmwareceleron_n2920_firmwareceleron_n3350celeron_n3050celeron_j1850celeron_n6210pentium_j3710_firmwarepentium_n6415_firmwarepentium_silver_j5005celeron_n3000celeron_n2930_firmwareceleron_n2807celeron_n2815pentium_j3710pentium_j2900atom_x5-e3940_firmwareceleron_n4100_firmwareatom_c3000_firmwareceleron_n2940celeron_n2830_firmwarepentium_silver_j5005_firmwareatom_x5-e3930_firmwareceleron_n5105celeron_n3000_firmwarepentium_j2850_firmwarepentium_n3530celeron_j3455pentium_silver_n6000celeron_n3350_firmwareceleron_n2807_firmwareceleron_n4500celeron_n2820pentium_n6415celeron_n4500_firmwareceleron_j3160celeron_j3355e_firmwareceleron_n3150_firmwareceleron_n3450_firmwareceleron_n3150celeron_n4100celeron_n5100_firmwareceleron_n2805celeron_n2806celeron_n3060celeron_j1750_firmwareatom_x5-e3940pentium_n3530_firmwarepentium_silver_n6000_firmwareceleron_n5105_firmwarepentium_n3710_firmwareceleron_n4120_firmwarepentium_n4200celeron_n4120celeron_n3350eceleron_n3050_firmwareceleron_n4000_firmwareceleron_j3455_firmwareceleron_n3010celeron_n2840celeron_n2806_firmwarepentium_j6426celeron_n2808pentium_n4200e_firmwareceleron_j4025celeron_n2910pentium_j4205celeron_n2930celeron_j1800_firmwareceleron_n2840_firmwarepentium_silver_n6005_firmwarepentium_n3540_firmwarepentium_n3510pentium_silver_n5030_firmwareceleron_j6413celeron_j3160_firmwareceleron_j3455e_firmwareceleron_j4005_firmwarepentium_j2900_firmwareceleron_j3060_firmwarepentium_n3700celeron_n2920pentium_n3520_firmwareceleron_n3160_firmwarepentium_n3520celeron_n2815_firmwarepentium_n3700_firmwareceleron_j3060pentium_silver_n6005pentium_j4205_firmwareceleron_n2820_firmwareceleron_j4105_firmwareceleron_n3160celeron_n6211atom_x7-e3950_firmwareceleron_n4020_firmwarepentium_n4200_firmwareceleron_n6210_firmwareceleron_n4505_firmwareceleron_n6211_firmwareceleron_n3060_firmwareceleron_n3010_firmwarepentium_silver_n5000pentium_n3540celeron_n4000celeron_j3455eceleron_n2830pentium_n4200eceleron_n3350e_firmwareceleron_n3450celeron_n5100celeron_j6413_firmwareceleron_n2805_firmwarepentium_n3710celeron_n4020celeron_j4105celeron_j6412celeron_n2810celeron_j4025_firmwarepentium_n3510_firmwarepentium_silver_j5040_firmwareceleron_j1800celeron_j6412_firmwareceleron_j1900celeron_n2808_firmwareatom_c3000celeron_n4505celeron_j3355_firmwareceleron_j4005atom_x5-e3930celeron_j3355atom_x7-e3950celeron_n2910_firmwarepentium_silver_j5040celeron_n2810_firmwarepentium_j6426_firmwareceleron_j3355eceleron_j4125Intel(R) processors which
CVE-2023-31271
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.37%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-28 Oct, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) VROC software before version 8.0.8.1001 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-virtual_raid_on_cpuIntel(R) VROC softwarevroc_software
CWE ID-CWE-284
Improper Access Control
CVE-2023-32204
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.11% / 30.81%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:05
Updated-14 Aug, 2024 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-one_boot_flash_updateIntel(R) OFU softwareone_boot_flash_update
CWE ID-CWE-284
Improper Access Control
CVE-2023-29495
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.06% / 17.86%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-09 May, 2025 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel NUC BIOS firmware before version IN0048 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_8_mainstream-g_kit_nuc8i5inhnuc_8_mainstream-g_kit_nuc8i5inh_firmwarenuc_8_mainstream-g_kit_nuc8i7inhnuc_8_mainstream-g_kit_nuc8i7inh_firmwareIntel NUC BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-29161
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.20% / 41.82%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:05
Updated-30 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-one_boot_flash_updateIntel(R) OFU software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-28401
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.2||MEDIUM
EPSS-0.07% / 21.10%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-02 Aug, 2024 | 12:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-windowsarc_a_graphicsiris_xe_graphicsIntel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-28397
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 20.01%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated to potentially enable escalation of privileges via local access.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncIntel CorporationMicrosoft Corporation
Product-windowslinux_kernelaptio_v_uefi_firmware_integrator_toolsIntel(R) Aptio* V UEFI Firmware Integrator Toolsaptio_v_uefi_firmware_integrator_tools
CWE ID-CWE-284
Improper Access Control
CVE-2023-28737
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.06% / 20.01%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-14 Aug, 2024 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper initialization in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncIntel CorporationMicrosoft Corporation
Product-windowslinux_kernelaptio_v_uefi_firmware_integrator_toolsIntel(R) Aptio* V UEFI Firmware Integrator Toolsaptio_v_uefi_firmware_integrator_tools
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-665
Improper Initialization
CVE-2023-28658
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.95%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-15 Oct, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_math_kernel_libraryIntel(R) oneMKL software
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-28378
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.80%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:05
Updated-02 Aug, 2024 | 12:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authorization in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-windowsquickassist_technology_libraryquickassist_technology_firmwarequickassist_technologyIntel(R) QAT drivers for Windows - HW Version 2.0
CWE ID-CWE-285
Improper Authorization
CVE-2023-28410
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.06% / 17.95%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-18 Mar, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-i915_graphicsIntel(R) i915 Graphics drivers for linux
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-28739
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 15.32%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:37
Updated-07 Jan, 2025 | 14:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in some Intel(R) Chipset Driver Software before version 10.1.19444.8378 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-chipset_device_softwareIntel(R) Chipset Driver Softwarechipset_driver_software
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-29151
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 24.83%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-10 Oct, 2024 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in some Intel(R) PSR SDK before version 1.0.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-platform_service_record_software_development_kitIntel(R) PSR SDK
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-28740
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.07%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:05
Updated-15 Oct, 2024 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-windowsquickassist_technology_libraryquickassist_technologyquickassist_technology_firmwareIntel(R) QAT drivers for Windows - HW Version 2.0qat_drivers
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-29242
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.64%
||
7 Day CHG~0.00%
Published-12 May, 2023 | 14:01
Updated-24 Jan, 2025 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control for Intel(R) oneAPI Toolkits before version 2021.1 Beta 10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_rendering_toolkitoneapi_base_toolkitoneapi_ai_analytics_toolkitoneapi_dl_framework_developer_toolkitoneapi_hpc_toolkitoneapi_iot_toolkitIntel(R) oneAPI Toolkits
CWE ID-CWE-284
Improper Access Control
CVE-2023-27513
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.20% / 41.82%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:05
Updated-11 Jun, 2025 | 14:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in some Intel(R) Server Information Retrieval Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_information_retrieval_utilityIntel(R) Server Information Retrieval Utility software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-27506
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 18.26%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-02 Oct, 2024 | 13:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in the Intel(R) Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-optimization_for_tensorflowIntel(R) Optimization for Tensorflow software
CWE ID-CWE-92
DEPRECATED: Improper Sanitization of Custom Special Characters
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-27509
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.6||MEDIUM
EPSS-0.04% / 12.63%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-02 Oct, 2024 | 13:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ispc_software_installerIntel(R) ISPC software installers
CWE ID-CWE-284
Improper Access Control
CVE-2023-27519
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.05% / 13.98%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-11 Jun, 2025 | 14:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) Optane(TM) SSD products may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-optane_memory_h20_with_solid_state_storageoptane_ssd_dc_p4800x_firmwareoptane_ssd_dc_p4801x_firmwareoptane_ssd_905poptane_ssd_900poptane_ssd_dc_p4801xoptane_memory_h20_with_solid_state_storage_firmwareoptane_ssd_dc_p4800xoptane_ssd_905p_firmwareoptane_ssd_900p_firmwareIntel(R) Optane(TM) SSD products
CWE ID-CWE-20
Improper Input Validation
CVE-2023-27517
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.6||MEDIUM
EPSS-0.08% / 24.70%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-20 Feb, 2025 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) Optane(TM) PMem software before versions 01.00.00.3547, 02.00.00.3915, 03.00.00.0483 may allow an athenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nmc2xxd128gpsu4nma1xxd128gpsu4optane_persistent_memory_firmwarenmc2xxd512gpsu4nmb1xxd128gpsufnmb1xxd256gpsu4nmb1xxd128gpsu4nma1xxd512gpsufnma1xxd128gpsufnmc2xxd256gpsu4nmb1xxd512gpsu4nma1xxd256gpsufnmb1xxd256gpsufnmb1xxd512gpsufnma1xxd512gpsu4nma1xxd256gpsu4Intel(R) Optane(TM) PMem softwareoptane_persistent_memory_firmware
CWE ID-CWE-284
Improper Access Control
CVE-2022-46656
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.43%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_pro_software_suiteIntel(R) NUC Pro Software Suite
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-45469
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-2.2||LOW
EPSS-0.06% / 17.39%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationApple Inc.Google LLCMicrosoft Corporation
Product-androidwindowsunison_softwareiphone_osIntel Unison software
CWE ID-CWE-20
Improper Input Validation
CVE-2002-2059
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.10% / 28.34%
||
7 Day CHG~0.00%
Published-14 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BIOS D845BG, D845HV, D845PT and D845WN on Intel motherboards does not properly restrict access to configuration information when BIOS passwords are enabled, which could allow local users to change the default boot device via the F8 key.

Action-Not Available
Vendor-n/aIntel Corporation
Product-d845pt_motherboardd845bg_motherboardd845wn_motherboardd845hv_motherboardn/a
CVE-2022-45112
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.05% / 15.10%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-10 Oct, 2024 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) VROC software before version 8.0.0.4035 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-virtual_raid_on_cpuIntel(R) VROC software
CWE ID-CWE-284
Improper Access Control
CVE-2022-43475
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6||MEDIUM
EPSS-0.10% / 28.88%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managerIntel(R) DCM software
CWE ID-CWE-922
Insecure Storage of Sensitive Information
CVE-2022-44619
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.14% / 34.35%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managerIntel(R) DCM software
CWE ID-CWE-922
Insecure Storage of Sensitive Information
CVE-2022-43456
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 15.57%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:36
Updated-10 Oct, 2024 | 15:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) RST software before versions 16.8.5.1014.5, 17.11.3.1010.2, 18.7.6.1011.2 and 19.5.2.1049.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-rapid_storage_technologyIntel(R) RST softwareintel_rst_software
CWE ID-CWE-427
Uncontrolled Search Path Element
CWE ID-CWE-426
Untrusted Search Path
CVE-2022-43474
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.07%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for the DSP Builder software installer before version 22.4 for Intel(R) FPGAs Pro Edition may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-dsp_builderquartus_primeDSP Builder software installer for Intel(R) FPGAs Pro Edition
CWE ID-CWE-427
Uncontrolled Search Path Element
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-12350
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.33%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:54
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel(R) XTU before version 6.5.1.360 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-extreme_tuning_utilityIntel(R) XTU
CVE-2022-41982
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 22.07%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) VTune(TM) Profiler software before version 2023.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-vtune_profilerIntel(R) VTune(TM) Profiler software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-41998
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 27.50%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managerIntel(R) DCM software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-40972
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 27.11%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT drivers for Windows
CWE ID-CWE-284
Improper Access Control
CVE-2024-38383
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 6.28%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 21:11
Updated-04 Feb, 2025 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition software for Windows before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationMicrosoft Corporation
Product-quartus_primewindowsIntel(R) Quartus(R) Prime Pro Edition software for Windowsquartus_prime_pro
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-41314
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.13%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) Network Adapter installer software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_controller_e810-cam1ethernet_network_adapter_e810-cqda1_for_ocp_3.0ethernet_network_adapter_e810-xxvda2_for_ocpethernet_network_adapter_e810-cqda1ethernet_network_controller_e810administrative_tools_for_intel_network_adaptersethernet_network_adapter_e810-cqda1_for_ocpethernet_controller_e810ethernet_network_adapter_e810-cqda2non-volatile_memory_update_utilityethernet_network_controller_e810-xxvam2ethernet_network_adapter_e810-xxvda2ethernet_network_adapter_e810-xxvda4ethernet_network_controller_e810-cam2ethernet_network_adapter_e810-xxvda2_for_ocp_3.0ethernet_network_adapter_e810-cqda2_for_ocp_3.0Intel(R) Network Adapter installer software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-41342
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6||MEDIUM
EPSS-0.05% / 16.33%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 18:58
Updated-27 Jan, 2025 | 18:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in the Intel(R) C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-c\+\+_compilerIntel(R) C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-41769
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.8||MEDIUM
EPSS-0.05% / 13.71%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel(R) Connect M Android application before version 1.82 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-connect_mIntel(R) Connect M Android application
CWE ID-CWE-284
Improper Access Control
  • Previous
  • 1
  • 2
  • ...
  • 6
  • 7
  • 8
  • ...
  • 12
  • 13
  • Next
Details not found