Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentially enable information disclosure via local access.
Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable information disclosure via local access.
Improper initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow an authenticated user to potentially enable information disclosure via local access.
Insufficiently protected credentials in the Intel(R) EMA before version 1.3.3 may allow an authorized user to potentially enable information disclosure via local access.
The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version SY0059 may allow may allow an attacker with physical access to the system to gain access to personal information.
Protection mechanism failure in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow a privileged user to potentially enable information disclosure via local access.
Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable information disclosure via local access.
The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information.
Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access.
Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access.
Insufficiently protected credentialsin subsystem in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access.
The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information.
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Insufficient control flow management in firmware for some Intel(R) Data Center SSDs may allow a privileged user to potentially enable information disclosure via local access.
Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Improper conditions check in some Intel(R) Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure via local access.
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Intel Integrated Performance Primitives (aka IPP) Cryptography before 9.0.4 makes it easier for local users to discover RSA private keys via a side-channel attack.
Logic error in the installer for Intel(R) OpenVINO(TM) 2018 R3 and before for Linux may allow a privileged user to potentially enable information disclosure via local access.
Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow a privileged user to potentially enable information disclosure via local access.
Intel firmware PE94510M.86A.0050.2007.0710.1559 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.
Improper access control in Intel(R) Graphics Drivers before version 26.20.100.7212 may allow an authenticated user to potentially enable information disclosure via local access.
Out-of-bounds read in kernel mode driver for some Intel(R) Wireless Bluetooth(R) products on Windows* 10, may allow a privileged user to potentially enable information disclosure via local access.
Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access.
Reliance on untrusted inputs in a security decision in some Intel(R) Thunderbolt(TM) controllers may allow unauthenticated user to potentially enable information disclosure via physical access.
Improper permissions in Intel(R) DAAL before version 2020 Gold may allow an authenticated user to potentially enable information disclosure via local access.
Xircom REX 6000 allows local users to obtain the 10 digit PIN by starting a serial monitor, connecting to the personal digital assistant (PDA) via Rextools, and capturing the cleartext PIN.
Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the WEP key from the registry key.
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Uncaught exception in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Improper access control in the Intel(R) Smart Campus Android application before version 6.1 may allow authenticated user to potentially enable information disclosure via local access.
Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.
Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access.
Improper access control in the Intel(R) Capital Global Summit Android application may allow an authenticated user to potentially enable information disclosure via local access.
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Use of hard-coded key in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow authenticated user to potentially enable information disclosure via local access.
Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local access.
Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.
Insufficient memory protection for Intel(R) Ethernet I218 Adapter driver for Windows* 10 before version 24.1 may allow an authenticated user to potentially enable information disclosure via local access.
Insufficient input validation in Intel(R) DAL software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.