Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-0121

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-17 Nov, 2021 | 19:00
Updated At-03 Aug, 2024 | 15:32
Rejected At-
Credits

Improper access control in the installer for some Intel(R) Iris(R) Xe MAX Dedicated Graphics Drivers for Windows 10 before version 27.20.100.9466 may allow authenticated user to potentially enable escalation of privilege via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:17 Nov, 2021 | 19:00
Updated At:03 Aug, 2024 | 15:32
Rejected At:
▼CVE Numbering Authority (CNA)

Improper access control in the installer for some Intel(R) Iris(R) Xe MAX Dedicated Graphics Drivers for Windows 10 before version 27.20.100.9466 may allow authenticated user to potentially enable escalation of privilege via local access.

Affected Products
Vendor
n/a
Product
Intel(R) Iris(R) Xe MAX Dedicated Graphics Drivers for Windows 10
Versions
Affected
  • before version 27.20.100.9466
Problem Types
TypeCWE IDDescription
textN/Aescalation of privilege
Type: text
CWE ID: N/A
Description: escalation of privilege
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00566.html
x_refsource_MISC
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00566.html
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00566.html
x_refsource_MISC
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00566.html
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:17 Nov, 2021 | 19:15
Updated At:01 Aug, 2022 | 16:14

Improper access control in the installer for some Intel(R) Iris(R) Xe MAX Dedicated Graphics Drivers for Windows 10 before version 27.20.100.9466 may allow authenticated user to potentially enable escalation of privilege via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Intel Corporation
intel
>>iris_xe_max_dedicated_graphics>>Versions before 27.20.100.9466(exclusive)
cpe:2.3:a:intel:iris_xe_max_dedicated_graphics:*:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows_10>>-
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00566.htmlsecure@intel.com
Vendor Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00566.html
Source: secure@intel.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

2736Records found
CVE-2020-8693
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 35.74%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:00
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in the firmware of the Intel(R) Ethernet 700 Series Controllers may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-x710-bm2_firmwarexl710-bm1xxv710-am2_firmwarev710-at2_firmwarexl710-bm1_firmwarexxv710-am1xl710-bm2x710-at2_firmwarexl710-bm2_firmwarexxv710-am2xxv710-am1_firmwarex710-tm4x710-at2x710-bm2v710-at2x710-tm4_firmwareIntel(R) Ethernet 700 Series Controllers
CVE-2020-8687
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.14%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 03:16
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-rste_software_raidIntel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB Advisory
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-8678
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.87%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:49
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control for Intel(R) Graphics Drivers before version 15.45.33.5164 and 27.20.100.8280 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) Graphics Drivers
CVE-2020-8760
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 32.28%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:08
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-cloud_backupactive_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-8729
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.85%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:56
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer copy without checking size of input for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8692
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 33.22%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:01
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient access control in the firmware of the Intel(R) Ethernet 700 Series Controllers before version 7.3 may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-x710-bm2_firmwarexl710-bm1xxv710-am2_firmwarev710-at2_firmwarexl710-bm1_firmwarexxv710-am1xl710-bm2x710-at2_firmwarexl710-bm2_firmwarexxv710-am2xxv710-am1_firmwarex710-tm4x710-at2x710-bm2v710-at2x710-tm4_firmwareIntel(R) Ethernet 700 Series Controllers
CVE-2020-8743
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.84%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:14
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Intel(R) Mailbox Interface driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-mailbox_interface_driverIntel(R) Mailbox Interface driver Advisory
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-8714
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.94%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 03:00
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-287
Improper Authentication
CVE-2020-8703
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.81%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 18:48
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aNetApp, Inc.Intel CorporationSiemens AG
Product-core_i7-7700kcore_i7-8705gcore_i7-8665uz270c627core_i3-8300tcore_i7-7660ucore_i7-8706gcore_i7-1068ng7core_i7-11700fcore_i7-1160g7core_i5-1035g7pentium_gold_g5420core_i7-10850hcore_i7-1185grecore_i7-11375hcore_i5-8400hcore_i7-8700core_i5-10400fc621acore_i5-8400core_i5-7y54core_i3-10300core_i3-7100tcore_i7-7700tcore_i7-10700tcore_i3-1110g4core_i7-8086kceleron_4305ucore_i5-10210usimatic_ipc547g_firmwarecore_i5-8257ucore_i7-8700kcore_i5-10200hpentium_gold_g5400tpentium_gold_g6405tq150core_i5-1035g4core_i3-8145ucore_i5-10400hceleron_4205ucore_i7-11700core_i5-7442eqcore_i3-10100ycore_i3-7020ucore_i5-10400tcore_i3-8109ucore_i7-11370hcore_i5-10310ucore_i7-7600ucore_i9-11900tcore_i9-11900kbcore_i5-10505c246core_i5-1030g7xeon_w-1270core_i3-1000ng4core_i3-7100ecore_i5-11600tcore_i3-7300pentium_gold_4417ucore_i7-11850hcore_i9-11900core_i3-1000g1core_i7-10510ycore_i3-10110ucore_i7-11800hcore_i5_l16g7simatic_field_pg_m6_firmwarec625simatic_ipc477ecore_i5-10400simatic_ipc427e_firmwarexeon_w-1270tecore_i5-8400bcore_i7-7700hqcore_i5-1155g7core_i5-10500tecore_i3-10105fcore_i7-7820hkcore_i3-8100hpentium_gold_4415ypentium_gold_g5620core_i9-11950hxeon_w-1290tcore_i5-11600h110core_i5-10300hpentium_gold_g6505tcore_i5-8350ucore_i9-10980hkcore_i5-7300uq270core_i7-11700tcore_i5-8600xeon_w-11855mcore_i5-8500tcore_i7-10510ucore_i5-7500core_i3-10100ecore_i5-1030ng7core_i3-8100core_i7-1060g7simatic_ipc527gcore_i9-11900hcore_i9-10900h410pentium_gold_g6500txeon_w-10855mcore_i5-7200ucore_i9-11900kcore_i3-10100tsimatic_ipc847e_firmwarecore_i9-8950hksimatic_ipc527g_firmwarecore_i9-10900ecore_i7-7700simatic_field_pg_m5core_i9-10850kcore_i9-10900kcore_i7-7920hqcore_i3-7102eh270core_i5-8600ksimatic_ipc477e_firmwareq470core_i9-10900fpentium_gold_g6400tcore_i5-8400tpentium_gold_g5600tsimatic_field_pg_m6xeon_w-1270pcore_i7-8750hcore_i7-10700simatic_ipc477e_procore_i5-8365ub150core_i3-10100tecore_i9-10910core_i5-7600simatic_ipc647ecore_i3-10105txeon_w-1250ecore_i7-10700fcore_i9-10885hcore_i5-11400tcore_i5-11300hcore_i9-11900kfcore_i3-10325core_i5-1145g7core_i3-1125g4core_i7-10750hq470ecore_i3-7100hcore_i3-8300core_i3-1000g4core_i5-7400tcore_i7-10875hq370core_i3-7100core_i7-8809gcore_i3-8145uecore_i5-7260ucore_i7-8700bcore_i7-8709gsimatic_ipc627ecore_i3-10100pentium_gold_g6505core_i5-7267uxeon_w-1250pcore_i3-1115g4celeron_6305core_i3-8100tcore_i3-8121uh170core_i5-10210yh310core_i5-1140g7core_i7-8557ucore_i5-10500esimatic_ipc547gcore_i7-8700tsimatic_ipc477e_pro_firmwarecore_i5-8300hcore_i5-10600tcore_m3-7y32core_i3-10110ycore_i5-7400core_i5-10600kfcore_i7-8650ucore_i5-11400fc629acore_i7-10700ecore_i5-1145grecore_i3-7320core_i7-1180g7c242pentium_gold_4410ycore_i5-11600kfz370pentium_gold_g5500tcore_i7-11700kfcloud_backupcore_i7-10870hpentium_gold_4415uw480core_i5-1035g1core_i5-1038ng7h420ecore_i5-11500bz170c624mobile_cm246simatic_ipc647e_firmwarex299pentium_gold_6405usimatic_ipc627e_firmwarecore_i5-8500bc627acore_i7-10700kcore_i5-11500tc622core_i7-1185g7core_i7-1165g7core_i7-1195g7core_i5-8269ucore_i5-11600kcore_i7-11390hcore_i5-1030g4core_i7-10700tecore_i5-10500core_i7-11700kcore_i7-10710ucore_i5-7287ucore_i7-10700kfcore_i5-7440eqh370xeon_w-1250texeon_w-1250core_i5-8279uw480exeon_w-1290ecore_i3-7100ucore_i7-8565ucore_i3-7101tecore_i3-7350kcore_i5-11400hcore_i7-11700bcore_i5-7600kcore_i5-8250ucore_i3-10305b365core_i5-7300hqcore_i7-7560uxeon_w-1270epentium_gold_g5420tcore_i7-7820eqcore_i9-11900fcore_i5-8259ucore_i5-7360ucore_i9-11980hkpentium_gold_g5500core_i5-10600kceleron_4305uesimatic_ipc847ecore_i3-8140usimatic_ipc427ecore_m3-8100ycore_i9-10900kfcore_i3-10105core_i3-11100bq170b460simatic_itp1000_firmwarecore_i5-1130g7core_i3-1120g4core_i5-7600tcore_i7-1060ng7core_i7-7500ucore_i7-8550ucore_i5-10310yxeon_w-1290pcore_i5-10500hcore_i5-8260ucore_i5-11320hpentium_gold_4425yb250core_i7-10810upentium_gold_g6500core_i3-1115grecore_i7-8850hcore_i5-11500hcore_i3-7130ucore_i7-10610usimatic_itp1000xeon_w-11955mcore_i3-10100fcore_i3-7167upentium_gold_g6400ecore_i7-8500ycore_i7-7567uc629pentium_gold_7505b360core_i5-10600c621core_i5-11260hsimatic_field_pg_m5_firmwarecore_i3-1115g4epentium_gold_g6400core_i7-7820hqcore_i5-8210ycore_m3-7y30core_i3-7300tcore_i5-8365uecore_i7-8665uexeon_w-1290celeron_6305ecore_i5-1145g7exeon_w-10885mcore_i3-10320core_i9-10900tcore_i5-8200ypentium_gold_g5400simatic_ipc677ecore_i3-10300tcore_i3-7101ecore_i5-8310yxeon_w-1290tecore_i5-1135g7core_i5-11500core_i5-8500c626core_i5-7440hqpentium_gold_g6600core_i7-8569uq250z490core_i5-8265ucore_i5-10500tpentium_gold_g6605core_i7-1185g7econverged_security_and_manageability_enginecore_i3_l13g4pentium_gold_5405ucore_i7-7y75core_i3-1005g1pentium_gold_g6405core_i3-8100bcore_i5-7y57simatic_ipc677e_firmwarecore_i3-10305tcore_i3-8350kcore_i5-11400core_i5-8600tcore_i5-7500tcore_i5-8305gcore_i7-1065g7core_i7-8559ucore_i9-10900tepentium_gold_g6400tez390core_i3-8130uc420h470pentium_gold_6500yc628pentium_gold_g5600Intel(R) CSME versions
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-8730
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.15% / 35.85%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:24
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based overflow for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-8763
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.84%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:14
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Intel(R) RealSense(TM) D400 Series UWP driver for Windows* 10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-realsense_d435_firmwarerealsense_d415_firmwarerealsense_d435i_firmwarewindows_10Intel(R) RealSense(TM) D400 Series Advisory
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-8756
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 17.25%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:07
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_and_manageability_engineIntel(R) CSME
CWE ID-CWE-20
Improper Input Validation
CVE-2020-8718
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.18% / 40.19%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:43
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8765
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 8.67%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:57
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the installer for the Intel(R) RealSense(TM) DCM may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-realsense_camera_f200realsense_camera_sr300realsense_camera_r200realsense_depth_camera_managerIntel(R) RealSense(TM) DCM
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2000-0933
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-2.47% / 84.65%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Input Method Editor (IME) in the Simplified Chinese version of Windows 2000 does not disable access to privileged functionality that should normally be restricted, which allows local users to gain privileges, aka the "Simplified Chinese IME State Recognition" vulnerability.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_2000n/a
CVE-2020-8737
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.25% / 47.71%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:02
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in the Intel(R) Stratix(R) 10 FPGA firmware provided with the Intel(R) Quartus(R) Prime Pro software before version 20.1 may allow an unauthenticated user to potentially enable escalation of privilege and/or information disclosure via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-stratix_10_fpgastratix_10_fpga_firmwarequartus_primeIntel(R) Stratix(R) 10 FPGA firmware provided with the Intel(R) Quartus(R) Prime Pro software
CVE-2020-8750
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.60%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:07
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Kernel Mode Driver for Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trusted_execution_engineIntel(R) TXE
CWE ID-CWE-416
Use After Free
CVE-2020-8676
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.72%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:00
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel(R) Visual Compute Accelerator 2, all versions, may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-visual_compute_accelerator_2_firmwarevisual_compute_accelerator_2versions
CVE-2024-21831
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.25% / 47.86%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-27 Aug, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) Processor Diagnostic Tool software before version 4.1.9.41 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-processor_diagnostic_toolIntel(R) Processor Diagnostic Tool softwareprocessor_diagnostic_tool
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-1149
Matching Score-8
Assigner-Snow Software
ShareView Details
Matching Score-8
Assigner-Snow Software
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.30%
||
7 Day CHG~0.00%
Published-08 Feb, 2024 | 13:01
Updated-15 May, 2025 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper validation of update packages

Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow Software Inventory Agent on Windows, Snow Software Inventory Agent on Linux allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 6.12.0; Inventory Agent: through 6.14.5; Inventory Agent: through 6.7.2.

Action-Not Available
Vendor-snowsoftwareSnow SoftwareMicrosoft CorporationLinux Kernel Organization, IncApple Inc.
Product-snow_inventory_agentmacoswindowslinux_kernelInventory Agent
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2023-28743
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.24%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel NUC BIOS firmware before version QN0073 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_9_pro_kit_nuc9v7qnbnuc_9_pro_compute_element_nuc9v7qnbnuc_9_pro_compute_element_nuc9v7qnxnuc_9_pro_compute_element_nuc9v7qnb_firmwarenuc_9_pro_kit_nuc9v7qnx_firmwarenuc_9_pro_kit_nuc9v7qnb_firmwarenuc_pro_compute_element_nuc9v7qnx_firmwarenuc_9_pro_kit_nuc9v7qnxIntel NUC BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-1999-0824
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.27% / 50.32%
||
7 Day CHG~0.00%
Published-25 Apr, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_ntn/a
CVE-1999-0376
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.31% / 53.29%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_ntn/a
CVE-2022-29104
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.90% / 82.48%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 20:34
Updated-02 Jan, 2025 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Print Spooler Elevation of Privilege Vulnerability

Windows Print Spooler Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_serverwindows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_11windows_10windows_server_2019windows_server_2008Windows Server 2022Windows 10 Version 1607Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows Server 2012 (Server Core installation)Windows Server version 20H2Windows 10 Version 1909Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows Server 2012 R2 (Server Core installation)
CVE-2018-12174
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 25.11%
||
7 Day CHG~0.00%
Published-14 Nov, 2018 | 14:00
Updated-05 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE 2018 Update 3 may allow an authenticated user to potentially escalate privileges via local access.

Action-Not Available
Vendor-Intel Corporation
Product-parallel_studio_xeIntel Parallel Studio XE 2018
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-12190
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 33.62%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-16 Sep, 2024 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-converged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology
CWE ID-CWE-20
Improper Input Validation
CVE-2019-1256
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.40% / 79.62%
||
7 Day CHG~0.00%
Published-11 Sep, 2019 | 21:24
Updated-04 Aug, 2024 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1285.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008WindowsWindows ServerWindows 10 Version 1903 for x64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows Server, version 1903 (Server Core installation)
CVE-2018-12162
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.00%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 22:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory permissions in the Intel OpenVINO Toolkit for Windows before version 2018.1.265 may allow an authenticated user to potentially execute code using default directory permissions via local access.

Action-Not Available
Vendor-Intel Corporation
Product-openvino_toolkitIntel(R) OpenVINO(TM) Toolkit for Windows
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-12196
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.16% / 37.34%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-16 Sep, 2024 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.

Action-Not Available
Vendor-Intel Corporation
Product-converged_security_management_engine_firmwareIntel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology
CWE ID-CWE-20
Improper Input Validation
CVE-2018-12221
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.87%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-16 Sep, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause an integer overflow via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel(R) Graphics Driver for Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2024-21446
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.05%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 16:57
Updated-03 May, 2025 | 00:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NTFS Elevation of Privilege Vulnerability

NTFS Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 11 version 22H3Windows Server 2012 (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2016Windows 10 Version 1507Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows 10 Version 21H2Windows 10 Version 1607Windows 11 version 22H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2Windows Server 2022Windows 11 version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-591
Sensitive Data Storage in Improperly Locked Memory
CVE-2019-11157
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.33% / 55.28%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:12
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_e3-1501m_firmwarecore_i3-9100_firmwarexeon_e3-1235lcore_i3-6300core_i5-1035g7core_i5-6585rcore_i3-6100e_firmwarecore_i3-8350k_firmwarecore_i3-9350k_firmwarexeon_e-2124g_firmwarecore_i7-9700kfcore_i5-8305g_firmwarecore_i5-7500_firmwarecore_i5-8400hcore_i5-7y54xeon_e3-1535m_firmwarecore_i7-1060g7_firmwarecore_i7-9700core_i7-6650u_firmwarexeon_e-2226gxeon_e3-1268lcore_i5-1035g4core_i3-8145ucore_i7-6822eqcore_i5-9600_firmwarecore_i5-9600t_firmwarecore_i7-6700tecore_i3-7020uxeon_e3-1285_firmwarecore_i7-6567u_firmwarecore_i7-9700tecore_i3-8109uxeon_e3-1565l_firmwarecore_i7-7600ucore_i5-9400f_firmwarexeon_e-2224core_i5-7y57_firmwarecore_i7-9700f_firmwarecore_i3-6100t_firmwarecore_i5-9500e_firmwarecore_i3-7100e_firmwarecore_i3-7100ecore_i3-7300xeon_e3-1275_firmwarecore_i5-6442eq_firmwarecore_i5-8269u_firmwarecore_i3-6098pxeon_e3-1268l_firmwarecore_i5-6287u_firmwarexeon_e-2134_firmwarexeon_e3-1578l_firmwarecore_i3-9100hlcore_i5-6600kcore_i7-7600u_firmwarecore_i5-8400bcore_i3-9300t_firmwarexeon_e3-1285core_i7-10710u_firmwarecore_i5-6500te_firmwarecore_i7-7820hkcore_i5-9500_firmwarecore_i5-8400h_firmwarecore_i7-6970hqcore_i3-9100tecore_i7-9700fxeon_e3-1225core_i5-8600xeon_e-2136core_i7-10510ucore_i7-9700kcore_i5-9400_firmwarecore_i7-8500y_firmwarecore_i5-6402pcore_i3-8100core_i7-1060g7xeon_e3-1545mxeon_e3-1270_firmwarecore_i5-6600t_firmwarecore_i3-7300_firmwarecore_i5-7287u_firmwarecore_i7-7700core_i7-7820hq_firmwarecore_i3-7102ecore_i7-7920hq_firmwarecore_i5-8600kcore_i7-8700k_firmwarexeon_e-2124_firmwarecore_i7-8700_firmwarexeon_e3-1220core_i7-8750hcore_i5-8365ucore_i5-9600kfcore_i5-8500b_firmwarecore_i3-7100u_firmwarecore_i3-6100h_firmwarecore_i5-7600core_i5-1030g4_firmwarecore_i7-9850he_firmwarecore_i7-8557u_firmwarecore_i7-7820eq_firmwarexeon_e-2276gcore_i3-8300core_i3-1000g4xeon_e-2186gcore_i5-7400tcore_i5-7267u_firmwarexeon_e3-1535mxeon_e3-1505m_firmwarexeon_e-2174gcore_i3-7100core_i7-8809gcore_i3-8145uecore_i5-7260ucore_i7-8700bcore_i7-7500u_firmwarecore_i5-7267ucore_i5-10210ycore_i7-7820hk_firmwarecore_i7-6560ucore_i5-9400txeon_e3-1505lcore_i5-10210u_firmwarecore_i5-9500fcore_i5-8600t_firmwarecore_i5-8300hcore_i7-9850hecore_i3-10110ycore_i3-7300t_firmwarecore_i5-6600_firmwarecore_i3-6006u_firmwarecore_i5-9600xeon_e3-1565lcore_i5-7300u_firmwarecore_i5-8600_firmwarecore_i3-9100fxeon_e3-1260lcore_i5-9600kf_firmwarexeon_e-2224_firmwarecore_i7-9750hfcore_i5-9300h_firmwarecore_i3-6167uxeon_e-2274gcore_i3-9320_firmwarecore_i5-9500core_i3-8145ue_firmwarecore_i5-8400b_firmwarecore_i7-6700t_firmwarecore_i3-8100_firmwarexeon_e3-1240_firmwarecore_i7-6500ucore_i7-6500u_firmwarexeon_e-2124core_i5-7287ucore_i7-10710ucore_i5-8500t_firmwarexeon_e3-1558lcore_i3-7100h_firmwarecore_i5-8300h_firmwarexeon_e-2136_firmwarexeon_e-2276g_firmwarecore_i5-6300ucore_i7-8565ucore_i5-7300hq_firmwarexeon_e-2274g_firmwarexeon_e3-1245core_i5-7300hqcore_i7-8706g_firmwarecore_i7-7560ucore_i5-6600k_firmwarecore_i3-6100hcore_i5-7400t_firmwarecore_i5-6200u_firmwarecore_i3-8100t_firmwarecore_i5-8259ucore_i3-6098p_firmwarecore_i7-10510y_firmwarecore_i7-9850hl_firmwarexeon_e-2146g_firmwarecore_i7-8850h_firmwarecore_i7-6700hqcore_i7-9700kf_firmwarecore_i7-9850h_firmwarecore_i5-6350hqxeon_e3-1515m_firmwarecore_i7-6660u_firmwarecore_i3-7100_firmwarecore_i5-7600tcore_i3-6100te_firmwarecore_i5-6350hq_firmwarexeon_e-2278g_firmwarecore_i7-7500ucore_i7-8550uxeon_e-2224gxeon_e3-1505mcore_i3-9100tcore_i5-8310y_firmwarecore_i5-6400_firmwarecore_i7-6650ucore_i5-9300hxeon_e3-1240core_i3-7167u_firmwarecore_i7-8559u_firmwarecore_i7-8086k_firmwarecore_i5-6585r_firmwarecore_i5-1035g1_firmwarecore_i7-8665u_firmwarecore_i3-7167ucore_i3-6100txeon_e-2176g_firmwarecore_i7-8500ycore_i5-9400hcore_i7-7567uxeon_e3-1240l_firmwarecore_i3-8145u_firmwarecore_i7-9700e_firmwarecore_i7-7660u_firmwarecore_i7-7820hqcore_i5-6260u_firmwarecore_i5-8210ycore_i7-8750h_firmwarecore_i3-7300tcore_i3-6100ecore_i3-8300t_firmwarecore_i3-8109u_firmwarexeon_e3-1280core_i5-7400_firmwarexeon_e3-1260l_firmwarecore_i7-9700k_firmwarexeon_e-2288g_firmwarecore_i5-7y54_firmwarecore_i3-9100f_firmwarexeon_e-2246g_firmwarecore_i7-6567uxeon_e-2174g_firmwarecore_i3-7101ecore_i3-8100b_firmwarecore_i5-8500core_i7-6870hq_firmwarecore_i5-7600_firmwarecore_i5-9500te_firmwarecore_i5-6267u_firmwarecore_i5-8265ucore_i5-6300hqcore_i7-9750hcore_i5-6440hqcore_i7-7y75core_i7-7560u_firmwarexeon_e-2286g_firmwarecore_i7-6700core_i5-7y57core_i3-8350kcore_i5-7500tcore_i3-9100core_i5-9600k_firmwarexeon_e-2224g_firmwarecore_i3-6102e_firmwarexeon_e3-1230_firmwarecore_i7-7700kcore_i7-8705gcore_i7-8665ucore_i5-9500ecore_i3-8300tcore_i7-7660ucore_i7-6600ucore_i3-6100u_firmwarecore_i7-8706gxeon_e-2236core_i7-8700t_firmwarecore_i3-6006uxeon_e-2236_firmwarexeon_e-2126g_firmwarecore_i7-8700xeon_e3-1501lcore_i5-8259u_firmwarecore_i3-6300tcore_i7-8665ue_firmwarecore_i3-7130u_firmwarecore_i5-8400core_i7-8705g_firmwarecore_i3-7100tcore_i7-7700tcore_i7-8086kcore_i5-7260u_firmwarecore_i5-10210ucore_i7-6600u_firmwarecore_i5-7600k_firmwarecore_i7-6770hqcore_i5-8257ucore_i5-8365ue_firmwarecore_i7-8700kcore_i5-8600k_firmwarecore_i5-7200u_firmwarecore_i5-7442eqcore_i7-10510u_firmwarexeon_e-2134xeon_e3-1545m_firmwarexeon_e-2226g_firmwarexeon_e3-1515mcore_i5-1030g7core_i5-7442eq_firmwarecore_i5-10310y_firmwarecore_i7-8569u_firmwarexeon_e-2144g_firmwarecore_i3-1000g1core_i7-10510ycore_i5-7360u_firmwarecore_i3-10110ucore_i5-8210y_firmwarecore_i5-6442eqcore_i3-9100e_firmwarecore_i5-9600kcore_i3-6300_firmwarecore_i7-7700hqcore_i3-9100hl_firmwarecore_i3-8100hcore_i3-9100t_firmwarexeon_e3-1225_firmwarecore_i7-6870hqcore_i5-8350ucore_i3-1005g1_firmwarecore_i5-7300ucore_i5-6440hq_firmwarexeon_e-2246gcore_i5-8500tcore_i5-7500core_i5-6400core_i5-7200ucore_i5-8350u_firmwarecore_i7-8700b_firmwarexeon_e-2104g_firmwarecore_i3-6320_firmwarecore_i7-6820hq_firmwarecore_i7-7920hqxeon_e3-1575m_firmwarecore_i5-9300hf_firmwarecore_i5-8400tcore_i3-9300_firmwarexeon_e3-1578lcore_i3-6100_firmwarecore_i3-9100te_firmwarecore_i7-6660ucore_i3-7350k_firmwarexeon_e3-1240lcore_i5-6500_firmwarecore_i3-7100hcore_i3-7101te_firmwarexeon_e3-1220_firmwarecore_i5-6500t_firmwarecore_i3-9300xeon_e3-1501l_firmwarexeon_e-2244gcore_i3-9350kf_firmwarexeon_e-2176gcore_i7-8709gcore_i5-6685r_firmwarecore_i7-7y75_firmwarecore_i5-8200y_firmwarecore_i7-8550u_firmwarecore_i5-6287ucore_i5-1035g7_firmwarecore_i5-9400core_i3-8100txeon_e-2104gcore_i5-6500tcore_i5-6260ucore_i7-6700k_firmwarecore_i7-8557ucore_i5-9500tcore_i5-7500t_firmwarecore_i7-6820hk_firmwarecore_i7-8700tcore_i7-6820hqcore_i5-7400xeon_e3-1501mcore_i7-8650uxeon_e3-1585_firmwarecore_i3-7102e_firmwarexeon_e3-1245_firmwarecore_i5-6600core_i3-7320core_i7-6700tcore_i7-6920hqcore_i7-9750h_firmwarecore_i3-6167u_firmwarexeon_e3-1585core_i3-6100ucore_i7-6700_firmwarexeon_e-2234_firmwarecore_i5-1035g1xeon_e3-1280_firmwarecore_i7-8565u_firmwarecore_i7-6822eq_firmwarexeon_e-2186g_firmwarecore_i5-1035g4_firmwarecore_i3-10110y_firmwarecore_i5-8500bcore_i5-7600t_firmwarexeon_e-2124gcore_i5-8269ucore_i5-6402p_firmwarecore_i3-6157ucore_i5-7440hq_firmwarecore_i5-1030g4core_i5-6300hq_firmwarexeon_e-2288gcore_i3-9100exeon_e-2234core_i7-8709g_firmwarecore_i3-6320core_i7-6700kcore_i7-9850hcore_i7-9700t_firmwarecore_i5-9400fcore_i7-6820eq_firmwarecore_i5-7440eqcore_i5-8279ucore_i5-8279u_firmwarecore_i3-8130u_firmwarecore_i5-9500f_firmwarecore_i5-6400tcore_i5-9300hfcore_i3-7100ucore_i5-10210y_firmwarecore_i3-7101tecore_i3-7350kcore_i5-7600kcore_i5-8250ucore_i3-1000g4_firmwarexeon_e-2126gcore_i7-6920hq_firmwarecore_i7-9700tcore_i3-7100t_firmwarecore_i7-7820eqxeon_e3-1275core_i7-9850hlcore_i5-7360ucore_i5-6500core_i7-8650u_firmwarexeon_e3-1235l_firmwarecore_i3-6157u_firmwarecore_i3-9350kfcore_i7-6785r_firmwarecore_i5-6200ucore_i7-6700hq_firmwarecore_i7-7700k_firmwarecore_i5-8250u_firmwarecore_i7-7567u_firmwarecore_i7-9700ecore_i3-7320_firmwarecore_i5-8400_firmwarecore_i7-6970hq_firmwarecore_i7-6785rcore_i7-7700hq_firmwarecore_i7-6820hkcore_i5-7440eq_firmwarecore_i3-1000g1_firmwarecore_i7-9750hf_firmwarecore_i5-10310ycore_i5-8400t_firmwarexeon_e-2286gcore_i3-6102ecore_i5-6400t_firmwarecore_i5-8365u_firmwarecore_i7-6700te_firmwarecore_i5-6600tcore_i3-9300txeon_e-2244g_firmwarecore_i5-6360u_firmwarecore_i3-8100h_firmwarexeon_e-2278gcore_i7-8850hcore_i3-7130ucore_i5-8265u_firmwarecore_i7-6560u_firmwarecore_i3-8300_firmwarecore_i7-6820eqcore_i7-1065g7_firmwarexeon_e3-1558l_firmwarecore_i5-6500tecore_i5-8257u_firmwarecore_i3-9350kcore_i5-8500_firmwarecore_i5-8365uecore_i7-8665uecore_i5-6300u_firmwarecore_i7-8809g_firmwarexeon_e3-1575mxeon_e3-1230core_i5-6685rcore_i7-7700t_firmwarecore_i5-1030g7_firmwarecore_i5-9400h_firmwarecore_i5-8200ycore_i3-6100core_i5-8310ycore_i3-10110u_firmwarecore_i5-9500tecore_i5-7440hqcore_i5-6360uxeon_e-2144gxeon_e3-1505l_firmwarecore_i5-9500t_firmwarecore_i3-6300t_firmwarecore_i7-8569ucore_i7-9700te_firmwarecore_i7-7700_firmwarecore_i7-6770hq_firmwarecore_i5-6267ucore_i3-1005g1core_i3-8100bcore_i5-9600tcore_i3-7101e_firmwarecore_i3-7020u_firmwarecore_i3-9320core_i5-6440eqcore_i5-6440eq_firmwarecore_i5-8600tcore_i5-8305gcore_i7-1065g7core_i5-9400t_firmwarecore_i7-8559ucore_i7-9700_firmwarecore_i3-6100texeon_e-2146gcore_i3-8130uxeon_e3-1270xeon_e3-1585l_firmwarexeon_e3-1585lIntel(R) Processors
CVE-2018-12175
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.84%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-17 Sep, 2024 | 03:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access.

Action-Not Available
Vendor-Intel Corporation
Product-distribution_for_pythonIntel(R) Distribution for Python 2018
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2018-12208
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.6||HIGH
EPSS-0.40% / 59.96%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-17 Sep, 2024 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access.

Action-Not Available
Vendor-Intel Corporation
Product-server_platform_services_firmwareconverged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-12223
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.3||MEDIUM
EPSS-0.05% / 13.37%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-16 Sep, 2024 | 17:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient access control in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to escape from a virtual machine guest-to-host via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel(R) Graphics Driver for Windows
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-12169
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.6||HIGH
EPSS-0.06% / 17.19%
||
7 Day CHG-0.00%
Published-21 Sep, 2018 | 20:00
Updated-05 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation Intel Core Processor contains a logic error which may allow physical attacker to potentially bypass firmware authentication.

Action-Not Available
Vendor-n/aLenovo Group LimitedIntel Corporation
Product-thinkpad_x380_yogathinkpad_t470thinkpad_t25thinkpad_t480sthinkpad_t570thinkpad_l380thinkpad_t580core_i3thinkpad_p51sthinkpad_x1_yogathinkpad_x1_carbonthinkpad_x1_tabletcore_i5thinkpad_e480thinkpad_l380_yogathinkpad_p51thinkpad_p52thinkpad_l480thinkpad_l580thinkpad_11ethinkpad_p72thinkpad_t470sthinkpad_x270thinkpad_t470pthinkpad_e580core_i7thinkpad_x280thinkpad_p71core_i9thinkpad_t480thinkpad_yoga_370thinkpad_p52sn/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-12152
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-1.83% / 82.16%
||
7 Day CHG~0.00%
Published-10 Oct, 2018 | 18:00
Updated-16 Sep, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unauthenticated remote user to potentially execute arbitrary WebGL code via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel Graphics Driver
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-12185
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.16% / 37.00%
||
7 Day CHG~0.00%
Published-14 Mar, 2019 | 20:00
Updated-16 Sep, 2024 | 22:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physical access.

Action-Not Available
Vendor-Intel Corporation
Product-converged_security_management_engine_firmwareIntel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology
CWE ID-CWE-20
Improper Input Validation
CVE-2013-6773
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.78%
||
7 Day CHG~0.00%
Published-23 Jan, 2020 | 14:37
Updated-06 Aug, 2024 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Splunk 5.0.3 has an Unquoted Service Path in Windows for Universal Forwarder which can allow an attacker to escalate privileges

Action-Not Available
Vendor-n/aMicrosoft CorporationSplunk LLC (Cisco Systems, Inc.)
Product-windowssplunkn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-12160
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 10.13%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access.

Action-Not Available
Vendor-Intel Corporation
Product-data_migration_softwareIntel(R) Data Migration Software
CWE ID-CWE-276
Incorrect Default Permissions
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-11087
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 35.74%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:09
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) CSME, Intel(R) TXE
CWE ID-CWE-20
Improper Input Validation
CVE-2018-12177
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.84%
||
7 Day CHG~0.00%
Published-10 Jan, 2019 | 20:00
Updated-16 Sep, 2024 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in the ZeroConfig service in Intel(R) PROSet/Wireless WiFi Software before version 20.90.0.7 may allow an authorized user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-wireless-ac_9560dual_band_wireless-ac_8265_desktop_kitwireless-n_7265_\(rev_c\)dual_band_wireless-n_7260dual_band_wireless-ac_7265_\(rev_d\)dual_band_wireless-ac_8265dual_band_wireless-ac_7260wireless-ac_9462tri-band_wireless-ac_18260dual_band_wireless-ac_7265\(rev_c\)wireless-ac_9461dual_band_wireless-ac_3160tri-band_wireless-ac_17265proset\/wireless_softwarewireless-n_7260dual_band_wireless-ac_3165dual_band_wireless-ac_8260wireless-ac_9260dual_band_wireless-ac_3168wireless-n_7265_\(rev_d\)dual_band_wireless-ac_7260_for_desktopdual_band_wireless-n_7265_\(rev_c\)tri-band_wireless-ac_18265dual_band_wireless-n_7265_\(rev_d\)Intel(R) PROSet/Wireless WiFi Software
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-25145
Matching Score-8
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-8
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.23%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 22:19
Updated-05 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A link following vulnerability in the scanning function of Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Action-Not Available
Vendor-Trend Micro IncorporatedMicrosoft Corporation
Product-apex_onewindowsTrend Micro Apex One
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-24297
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.72%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:35
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_11_pro_kit_nuc11tnhi30l_firmwarenuc11dbbi7_firmwarenuc_9_pro_compute_element_nuc9vxqnb_firmwarenuc_11_pro_kit_nuc11tnki7nuc11pa_firmwarenuc8i3cysnnuc_9_pro_kit_nuc9vxqnx_firmwarenuc_11_compute_element_cm11ebi58w_firmwarenuc_11_pro_board_nuc11tnbi50znuc_11_pro_kit_nuc11tnki30z_firmwarenuc_8_compute_element_cm8pcbnuc_8_compute_element_cm8pcb_firmwarelapkc71fnuc_11_pro_board_nuc11tnbi70z_firmwarenuc_11_pro_board_nuc11tnbi7nuc_11_compute_element_cm11ebc4w_firmwarenuc_11_pro_kit_nuc11tnki50znuc_11_pro_kit_nuc11tnki5nuc_kit_nuc8i5benuc8i3cysmlapbc710nuc_11_pro_kit_nuc11tnhi50znuc_8_compute_element_cm8i3cbnuc8i3cysn_firmwarenuc_kit_nuc8i5be_firmwarenuc11pahnuc_11_pro_board_nuc11tnbi30z_firmwarenuc_9_pro_kit_nuc9v7qnx_firmwarenuc_8_compute_element_cm8ccbnuc11dbbi9_firmwarenuc_11_pro_board_nuc11tnbi5nuc_9_pro_compute_element_nuc9v7qnblapbc710_firmwarelapkc51enuc_11_pro_kit_nuc11tnki3nuc_11_pro_kit_nuc11tnki70znuc_8_compute_element_cm8i7cblapkc71f_firmwarenuc_11_enthusiast_kit_nuc11phki7cnuc11panuc_11_pro_kit_nuc11tnhi70lnuc_11_pro_kit_nuc11tnhi50lnuc_8_compute_element_cm8i7cb_firmwarenuc9i9qnnuc_11_pro_board_nuc11tnbi70znuc_11_pro_kit_nuc11tnhi30znuc_11_pro_kit_nuc11tnhi50w_firmwarelapbc510_firmwarenuc_11_compute_element_cm11ebi716wnuc_11_pro_kit_nuc11tnki30znuc_kit_nuc8i3b_firmwarenuc11btmi9nuc11btmi7nuc9i7qnnuc9i7qn_firmwarenuc_8_compute_element_cm8i5cb_firmwarenuc_11_compute_element_cm11ebi38w_firmwarenuc_11_pro_kit_nuc11tnhi70l_firmwarenuc_11_pro_kit_nuc11tnhi70qnuc_11_pro_kit_nuc11tnhi70znuc9i5qn_firmwarenuc_kit_nuc8i7be_firmwarenuc_11_pro_kit_nuc11tnhi30lnuc8i3cysm_firmwarelapkc71e_firmwarenuc_11_pro_kit_nuc11tnhi30z_firmwarenuc_11_pro_board_nuc11tnbi5_firmwarenuc_11_pro_kit_nuc11tnki50z_firmwarenuc11paq_firmwarenuc_11_pro_board_nuc11tnbi3_firmwarenuc_11_pro_kit_nuc11tnhi5_firmwarenuc_11_pro_kit_nuc11tnhi7_firmwarenuc_kit_nuc8i3bnuc_11_pro_kit_nuc11tnhi50l_firmwarenuc_11_enthusiast_mini_pc_nuc11phki7caanuc11btmi9_firmwarenuc_9_pro_kit_nuc9vxqnxnuc_11_pro_board_nuc11tnbi30znuc_11_pro_kit_nuc11tnhi3nuc_11_enthusiast_kit_nuc11phki7c_firmwarenuc_11_pro_board_nuc11tnbi3nuc_11_pro_kit_nuc11tnhi7nuc_11_pro_board_nuc11tnbi7_firmwarenuc_11_pro_kit_nuc11tnki5_firmwarelapbc510nuc_11_pro_kit_nuc11tnki3_firmwarenuc_8_compute_element_cm8i5cbnuc_11_pro_kit_nuc11tnhi70q_firmwarenuc11pah_firmwarenuc_8_compute_element_cm8i3cb_firmwarelapkc51e_firmwarenuc_11_compute_element_cm11ebi716w_firmwarenuc11paqnuc_9_pro_compute_element_nuc9v7qnb_firmwarenuc_11_pro_kit_nuc11tnki70z_firmwarenuc_9_pro_kit_nuc9v7qnxnuc_11_compute_element_cm11ebi58wnuc_11_pro_kit_nuc11tnhi5nuc_11_pro_kit_nuc11tnhi3_firmwarenuc_11_pro_board_nuc11tnbi50z_firmwarenuc_11_compute_element_cm11ebc4wnuc11dbbi9nuc11btmi7_firmwarenuc_11_pro_kit_nuc11tnhi50wnuc_kit_nuc8i7benuc_11_pro_kit_nuc11tnki7_firmwarenuc_11_pro_kit_nuc11tnhi30p_firmwarenuc_11_pro_kit_nuc11tnhi30pnuc_11_pro_kit_nuc11tnhi70z_firmwarenuc_8_compute_element_cm8ccb_firmwarenuc_11_enthusiast_mini_pc_nuc11phki7caa_firmwarenuc9i5qnnuc11dbbi7nuc9i9qn_firmwarenuc_11_pro_kit_nuc11tnhi50z_firmwarenuc_9_pro_compute_element_nuc9vxqnblapkc71enuc_11_compute_element_cm11ebi38wIntel(R) NUCs
CVE-2023-23417
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.48% / 63.96%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 16:55
Updated-01 Jan, 2025 | 00:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Partition Management Driver Elevation of Privilege Vulnerability

Windows Partition Management Driver Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_11_21h2windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2016Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2019Windows 10 Version 22H2Windows 10 Version 20H2
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-28421
Matching Score-8
Assigner-CA Technologies - A Broadcom Company
ShareView Details
Matching Score-8
Assigner-CA Technologies - A Broadcom Company
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.50%
||
7 Day CHG~0.00%
Published-23 Nov, 2020 | 15:43
Updated-04 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CA Unified Infrastructure Management 20.1 and earlier contains a vulnerability in the robot (controller) component that allows local attackers to elevate privileges.

Action-Not Available
Vendor-n/aMicrosoft CorporationBroadcom Inc.
Product-windowsunified_infrastructure_managementCA Unified Infrastructure Management
CVE-2023-21768
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-71.81% / 98.67%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022windows_11Windows Server 2022Windows 11 version 22H2Windows 11 version 21H2
CWE ID-CWE-822
Untrusted Pointer Dereference
CVE-2018-0846
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.33% / 54.87%
||
7 Day CHG-0.51%
Published-15 Feb, 2018 | 02:00
Updated-16 Sep, 2024 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Windows Common Log File System (CLFS) driver in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects in memory are handled, aka "Windows Common Log File System Driver Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0844.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_server_1709windows_8.1windows_rt_8.1windows_7windows_10windows_server_2008Windows Common Log File System
CVE-2018-0828
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.95% / 75.35%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 02:00
Updated-17 Sep, 2024 | 03:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to how the MultiPoint management account password is stored, aka "Windows Elevation of Privilege Vulnerability".

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_10Windows
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2018-0958
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.42% / 61.16%
||
7 Day CHG~0.00%
Published-09 May, 2018 | 19:00
Updated-05 Aug, 2024 | 03:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0854, CVE-2018-8129, CVE-2018-8132.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_10Windows 10 ServersWindows 10Windows Server 2016
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 54
  • 55
  • Next
Details not found