Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-26024

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-11 Nov, 2022 | 15:49
Updated At-29 Jan, 2025 | 20:45
Rejected At-
Credits

Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:11 Nov, 2022 | 15:49
Updated At:29 Jan, 2025 | 20:45
Rejected At:
▼CVE Numbering Authority (CNA)

Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Products
Vendor
n/a
Product
Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN
Default Status
unaffected
Versions
Affected
  • before version 1.78.2.0.7
Problem Types
TypeCWE IDDescription
N/AN/Aescalation of privilege
Type: N/A
CWE ID: N/A
Description: escalation of privilege
Metrics
VersionBase scoreBase severityVector
3.16.7MEDIUM
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.html
N/A
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.html
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.html
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-281CWE-281 Improper Preservation of Permissions
Type: CWE
CWE ID: CWE-281
Description: CWE-281 Improper Preservation of Permissions
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:11 Nov, 2022 | 16:15
Updated At:29 Jan, 2025 | 21:15

Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Intel Corporation
intel
>>nuc7i3dnbe_firmware>>Versions before 1.78.2.0.7(exclusive)
cpe:2.3:o:intel:nuc7i3dnbe_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3dnbe>>-
cpe:2.3:h:intel:nuc7i3dnbe:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3dnhe_firmware>>Versions before 1.78.2.0.7(exclusive)
cpe:2.3:o:intel:nuc7i3dnhe_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3dnhe>>-
cpe:2.3:h:intel:nuc7i3dnhe:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3dnhnc_firmware>>Versions before 1.78.2.0.7(exclusive)
cpe:2.3:o:intel:nuc7i3dnhnc_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3dnhnc>>-
cpe:2.3:h:intel:nuc7i3dnhnc:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3dnke_firmware>>Versions before 1.78.2.0.7(exclusive)
cpe:2.3:o:intel:nuc7i3dnke_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3dnke>>-
cpe:2.3:h:intel:nuc7i3dnke:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3dnktc_firmware>>Versions before 1.78.2.0.7(exclusive)
cpe:2.3:o:intel:nuc7i3dnktc_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i3dnktc>>-
cpe:2.3:h:intel:nuc7i3dnktc:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5dnbe_firmware>>Versions before 1.78.2.0.7(exclusive)
cpe:2.3:o:intel:nuc7i5dnbe_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5dnbe>>-
cpe:2.3:h:intel:nuc7i5dnbe:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5dnhe_firmware>>Versions before 1.78.2.0.7(exclusive)
cpe:2.3:o:intel:nuc7i5dnhe_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5dnhe>>-
cpe:2.3:h:intel:nuc7i5dnhe:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5dnke_firmware>>Versions before 1.78.2.0.7(exclusive)
cpe:2.3:o:intel:nuc7i5dnke_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i5dnke>>-
cpe:2.3:h:intel:nuc7i5dnke:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i7dnbe_firmware>>Versions before 1.78.2.0.7(exclusive)
cpe:2.3:o:intel:nuc7i7dnbe_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i7dnbe>>-
cpe:2.3:h:intel:nuc7i7dnbe:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i7dnhe_firmware>>Versions before 1.78.2.0.7(exclusive)
cpe:2.3:o:intel:nuc7i7dnhe_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i7dnhe>>-
cpe:2.3:h:intel:nuc7i7dnhe:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i7dnke_firmware>>Versions before 1.78.2.0.7(exclusive)
cpe:2.3:o:intel:nuc7i7dnke_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc7i7dnke>>-
cpe:2.3:h:intel:nuc7i7dnke:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE-281Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-281
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.htmlsecure@intel.com
Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.html
Source: secure@intel.com
Resource:
Vendor Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

568Records found
CVE-2022-27229
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 26.32%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path transversal in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_7_business_nuc7i3dnktcnuc_7_business_nuc7i3dnhncnuc_7_business_nuc7i5dnkpunuc_kit_nuc7i5dnhenuc_kit_nuc7i3dnhenuc_kit_nuc7i5dnkenuc_kit_nuc7i7dnhehdmi_firmwarenuc_7_business_nuc7i5dnkpcnuc_kit_nuc7i3dnkenuc_kit_nuc7i7dnkeIntel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool softwarenuc_kit_nuc7i5dnhenuc_kit_nuc7i3dnhenuc_hdmi_firmware_update_toolnuc_kit_nuc7i7dnhenuc_kit_nuc7i5dnkenuc_kit_nuc7i3dnkenuc_kit_nuc7i7dnke
CWE ID-CWE-249
DEPRECATED: Often Misused: Path Manipulation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-27170
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.05% / 16.82%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Protection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-media_software_development_kitIntel(R) Media SDK software
CVE-2022-26425
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.44%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) oneAPI Collective Communications Library (oneCCL) before version 2021.6 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_collective_communications_libraryIntel(R) oneAPI Collective Communications Library (oneCCL) for Intel(R) oneAPI Base Toolkit
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26512
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.44%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) FPGA Add-on for Intel(R) oneAPI Base Toolkit before version 2022.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-fpga_add-onIntel(R) FPGA Add-on for Intel(R) oneAPI Base Toolkit
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-27493
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 28.89%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 20:04
Updated-18 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-lapbc510lapbc710_firmwarelapbc510_firmwarelapbc710Intel(R) NUC Laptop Kits
CWE ID-CWE-665
Improper Initialization
CVE-2022-25905
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.44%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_data_analytics_libraryIntel(R) oneAPI Data Analytics Library (oneDAL) for Intel(R) oneAPI Base Toolkit
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-25992
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.08% / 23.88%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in the Intel(R) oneAPI Toolkits oneapi-cli before version 0.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi-cliIntel(R) oneAPI Toolkits oneapi-cli
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-26052
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.44%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) MPI Library before version 2021.6 for Intel(R) oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-mpi_libraryIntel(R) MPI Library for Intel(R) oneAPI HPC Toolkit
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-25966
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.61%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:47
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-edge_insights_for_industrialIntel(R) Edge Insights for Industrial software
CVE-2024-22379
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 23.20%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) Inspector software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) Inspector softwareinspectorhpc_toolkit
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-25999
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.44%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:56
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) Enpirion(R) Digital Power Configurator GUI software, all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-enpirion_digital_power_configurator_guiversion
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-25841
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.44%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:56
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path elements in the Intel(R) Datacenter Group Event Android application, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-datacenter_group_eventversion
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26086
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.44%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-gametechdev_presentmonPresentMon software maintained by Intel(R)
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26062
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.44%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) Trace Analyzer and Collector before version 2021.6 for Intel(R) oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trace_analyzer_and_collectorIntel(R) Trace Analyzer and Collector for Intel(R) oneAPI HPC Toolkit
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26028
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.44%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:49
Updated-29 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-vtune_profilerIntel(R) VTune(TM) Profiler software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26076
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.44%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) oneAPI Deep Neural Network (oneDNN) before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_deep_neural_networkIntel(R) oneAPI Deep Neural Network (oneDNN)
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26124
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 15.40%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC 8 Boards, Intel(R) NUC 8 Rugged Boards and Intel(R) NUC 8 Rugged Kits before version CHAPLCEL.0059 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_8_rugged_kit_nuc8cchkrn_firmwarenuc_8_rugged_board_nuc8cchbn_firmwarenuc_8_rugged_board_nuc8cchbnnuc_board_nuc8cchbnuc_board_nuc8cchb_firmwarenuc_8_rugged_kit_nuc8cchkrnuc_8_rugged_kit_nuc8cchkr_firmwarenuc_8_rugged_kit_nuc8cchkrnIntel(R) NUC Boards, Intel(R) NUC 8 Boards, Intel(R) NUC 8 Rugged Boards and Intel(R) NUC 8 Rugged Kits
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-25864
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 17.38%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-10 Oct, 2024 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_math_kernel_libraryIntel(R) oneMKL software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-26032
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.44%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) Distribution for Python programming language before version 2022.1 for Intel(R) oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-distribution_for_pythonIntel(R) Distribution for Python programming language for Intel(R) oneAPI Toolkits
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-21807
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.44%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:52
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path elements in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-vtune_profilerIntel(R) VTune(TM) Profiler software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-21812
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.61%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:47
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel(R) HAXM software before version 7.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hardware_accelerated_execution_managerIntel(R) HAXM software
CVE-2022-21220
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.66%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus(R) Prime Pro Edition
CWE ID-CWE-611
Improper Restriction of XML External Entity Reference
CVE-2022-21181
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.72%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 00:00
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-dual_band_wireless-ac_8265wireless-ac_9461wireless-ac_9462wireless-ac_9560_firmwarewireless-ac_9260_firmwarewireless-ac_9260dual_band_wireless-ac_8260wireless-ac_9462_firmwaredual_band_wireless-ac_8265_firmwarekiller_ac_1550_firmwaredual_band_wireless-ac_8260_firmwarewireless-ac_9461_firmwarewireless-ac_9560killer_ac_1550Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products
CWE ID-CWE-20
Improper Input Validation
CVE-2022-21128
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.89%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:35
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-advisorIntel(R) Advisor software
CVE-2022-21162
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 31.72%
||
7 Day CHG+0.02%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for the Intel(R) HDMI Firmware Update tool for NUC before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_hdmi_firmware_update_toolIntel(R) HDMI Firmware Update tool for NUC
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-21174
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.89%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus(R) Prime Pro Edition
CVE-2022-21163
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.4||HIGH
EPSS-0.14% / 32.90%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Crypto API Toolkit for Intel(R) SGX before version 2.0 commit ID 91ee496 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-crypto_api_toolkit_for_intel_sgxCrypto API Toolkit for Intel(R) SGX
CVE-2022-21204
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.16%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus(R) Prime Pro Edition
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-21229
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.61%
||
7 Day CHG-0.09%
Published-18 Aug, 2022 | 00:00
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions for some Intel(R) NUC 9 Extreme Laptop Kit drivers before version 2.2.0.22 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-lapqc71clapqc71blapqc71acontrol_centerlapqc71dIntel(R) NUC 9 Extreme Laptop Kit drivers
CVE-2022-21148
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.61%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:47
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-edge_insights_for_industrialIntel(R) Edge Insights for Industrial software
CVE-2022-33963
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 23.74%
||
7 Day CHG-0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the software installer for Intel(R) Unite(R) Client software for Windows before version 4.2.34870 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-unitesoftware installer for Intel(R) Unite(R) Client software for Windows
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-22376
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.04% / 13.08%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in some installation software for Intel(R) Ethernet Adapter Driver Pack before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-installation software for Intel(R) Ethernet Adapter Driver Packethernet_adapter_complete_driver_pack
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-21769
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.04% / 13.08%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) Ethernet Connection I219-LM install software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) Ethernet Connection I219-LM install softwareethernet_complete_driver_pack
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-21831
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.65% / 71.06%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-27 Aug, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) Processor Diagnostic Tool software before version 4.1.9.41 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-processor_diagnostic_toolIntel(R) Processor Diagnostic Tool softwareprocessor_diagnostic_tool
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-21861
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 35.62%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) GPA Framework software before version 2023.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzers_frameworkIntel(R) GPA Framework softwaregraphics_performance_analyzer
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-21857
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.05% / 14.06%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) oneAPI Compiler software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) oneAPI Compiler softwareoneapi_compiler_software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-21772
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 24.85%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-27 Aug, 2025 | 16:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) Advisor software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_base_toolkitadvisorIntel(R) Advisor softwareoneapi_base_toolkitadvisor
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-21818
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 23.20%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) PCM software before version 202311 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) PCM softwarepcm
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-21766
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 7.99%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) oneAPI Math Kernel Library softwareoneapi_math_kernel_library
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-21837
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.21% / 43.08%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-28 Jan, 2025 | 17:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) Quartus(R) Prime Lite Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus(R) Prime Lite Edition Design softwarequartus_prime_lite_edition_design_softwareprime_pro_edition_designquartus_prime_standard_edition_software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-21862
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.21% / 43.08%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-28 Jan, 2025 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) Quartus(R) Prime Standard Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus(R) Prime Standard Edition Design softwarequartus_prime_standard_edition_design_software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-21835
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 29.48%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-01 Aug, 2024 | 22:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-extreme_tuning_utilityIntel(R) XTU softwareextreme_tuning_utility
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-21788
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 24.10%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) GPA software before version 2023.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzersIntel(R) GPA softwaregraphics_performance_analyzer
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-21784
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.06% / 19.68%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-27 Aug, 2025 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) IPP Cryptography software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-integrated_performance_primitives_cryptographyoneapi_base_toolkitIntel(R) IPP Cryptography softwareipp_cryptography
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-21843
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 23.20%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) Computing Improvement Program software before version 2.4.0.10654 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) Computing Improvement Program softwarecomputing_improvement_program
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-1598
Matching Score-8
Assigner-Phoenix Technologies, Inc.
ShareView Details
Matching Score-8
Assigner-Phoenix Technologies, Inc.
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.64%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 14:56
Updated-25 Sep, 2025 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Potential buffer overflow when handling UEFI variables

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before 4.1.0.567.

Action-Not Available
Vendor-phoenixtechPhoenixphoenixIntel Corporation
Product-securecore_technologyceleron_n4020SecureCore™ for Intel Gemini Lakesecurecore_technology
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-0196
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.89%
||
7 Day CHG~0.00%
Published-11 Aug, 2021 | 12:48
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in kernel mode driver for some Intel(R) NUC 9 Extreme Laptop Kits before version 2.2.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-lapqc71alapqc71dlapqc71c_firmwarelapqc71clapqc71d_firmwarelapqc71blapqc71a_firmwarelapqc71b_firmwareIntel(R) NUC 9 Extreme Laptop Kits
CVE-2021-0190
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.18%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:36
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncaught exception in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_e5-2650l_v4xeon_e5-1607_v4_firmwarexeon_e5-2689_v4xeon_e5-1650_v4_firmwarexeon_e5-2630l_v4xeon_e5-2699_v4_firmwarexeon_e5-4640_v4_firmwarexeon_e5-2637_v4_firmwarexeon_e5-2660_v4_firmwarexeon_e5-4669_v4_firmwarexeon_e5-4667_v4xeon_e5-2603_v4_firmwarexeon_e5-2697a_v4xeon_e5-4628l_v4xeon_e5-2687w_v4xeon_e5-2637_v4core_i9-10980xe_firmwarexeon_e5-1650_v4xeon_e5-1620_v4xeon_e5-4669_v4xeon_e5-2689_v4_firmwarexeon_e5-2630_v4_firmwarexeon_e5-2609_v4_firmwarexeon_e5-4610a_v4xeon_e5-2623_v4xeon_e5-2699r_v4_firmwarexeon_e5-2679_v4xeon_e5-4640_v4xeon_e5-2628l_v4xeon_e5-2650_v4xeon_e5-2650_v4_firmwarexeon_e5-4660_v4_firmwarexeon_e5-2630l_v4_firmwarexeon_e5-2687w_v4_firmwarecore_i9-10980xexeon_e5-2690_v4_firmwarexeon_e5-2608l_v4xeon_e5-4650_v4xeon_e5-2697_v4xeon_e5-2660_v4xeon_e5-4610_v4xeon_e5-2680_v4_firmwarexeon_e5-2658_v4_firmwarexeon_e5-4627_v4_firmwarexeon_e5-2658_v4xeon_e5-2679_v4_firmwarexeon_e5-1630_v4_firmwarexeon_e5-2648l_v4_firmwarexeon_e5-4650_v4_firmwarexeon_e5-2667_v4xeon_e5-1680_v4_firmwarexeon_e5-2695_v4_firmwarexeon_e5-4620_v4_firmwarecore_i9-10900x_firmwarexeon_e5-4655_v4_firmwarexeon_e5-2608l_v4_firmwarexeon_e5-4627_v4xeon_e5-2630_v4xeon_e5-1603_v4_firmwarexeon_e5-1630_v4xeon_e5-4610_v4_firmwarexeon_e5-2620_v4core_i9-10920x_firmwarexeon_e5-2609_v4core_i9-10940xxeon_e5-1660_v4xeon_e5-4628l_v4_firmwarexeon_e5-1680_v4xeon_e5-2698_v4_firmwarexeon_e5-2683_v4_firmwarexeon_e5-2618l_v4_firmwarecore_i9-10900xxeon_e5-1607_v4xeon_e5-2643_v4_firmwarexeon_e5-2695_v4xeon_e5-2623_v4_firmwarexeon_e5-2690_v4xeon_e5-2650l_v4_firmwarexeon_e5-2699r_v4core_i9-10940x_firmwarecore_i9-10920xxeon_e5-2699a_v4_firmwarexeon_e5-2640_v4_firmwarexeon_e5-2667_v4_firmwarexeon_e5-2699a_v4xeon_e5-2618l_v4xeon_e5-4667_v4_firmwarexeon_e5-1660_v4_firmwarexeon_e5-2648l_v4xeon_e5-4620_v4xeon_e5-4610a_v4_firmwarexeon_e5-2643_v4xeon_e5-2683_v4xeon_e5-2699_v4xeon_e5-2628l_v4_firmwarexeon_e5-2603_v4xeon_e5-4660_v4xeon_e5-2697_v4_firmwarexeon_e5-2698_v4xeon_e5-1620_v4_firmwarexeon_e5-1603_v4xeon_e5-2620_v4_firmwarexeon_e5-2640_v4xeon_e5-2680_v4xeon_e5-4655_v4xeon_e5-2697a_v4_firmwareIntel(R) Processors
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2021-0188
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.30%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:36
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Return of pointer value outside of expected range in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_e3-1565l_v5xeon_e3-1235l_v5_firmwarexeon_e3-1260l_v5_firmwarexeon_e3-1240l_v5xeon_e3-1575m_v5xeon_e3-1240_v6_firmwarexeon_e3-1220_v5xeon_e3-1505m_v5_firmwarexeon_e3-1578l_v5_firmwarexeon_e3-1268l_v5xeon_e3-1230_v6xeon_e3-1285_v6_firmwarexeon_e3-1501l_v6xeon_e3-1505m_v5xeon_e3-1220_v5_firmwarexeon_e3-1240_v5xeon_e3-1585l_v5_firmwarexeon_e3-1585_v5xeon_e3-1535m_v6xeon_e3-1535m_v6_firmwarexeon_e3-1585_v5_firmwarexeon_e3-1220_v6xeon_e3-1240_v6xeon_e3-1230_v5xeon_e3-1240_v5_firmwarexeon_e3-1501m_v6xeon_e3-1220_v6_firmwarexeon_e3-1545m_v5_firmwarexeon_e3-1275_v5_firmwarexeon_e3-1585l_v5xeon_e3-1535m_v5_firmwarexeon_e3-1505l_v5_firmwarexeon_e3-1245_v5xeon_e3-1501m_v6_firmwarexeon_e3-1275_v5xeon_e3-1280_v5_firmwarexeon_e3-1505l_v6xeon_e3-1225_v6xeon_e3-1280_v6xeon_e3-1558l_v5_firmwarexeon_e3-1280_v5xeon_e3-1285_v6xeon_e3-1505l_v6_firmwarexeon_e3-1235l_v5xeon_e3-1225_v5_firmwarexeon_e3-1245_v6_firmwarexeon_e3-1230_v6_firmwarexeon_e3-1565l_v5_firmwarexeon_e3-1275_v6xeon_e3-1225_v6_firmwarexeon_e3-1270_v6xeon_e3-1275_v6_firmwarexeon_e3-1545m_v5xeon_e3-1515m_v5_firmwarexeon_e3-1505m_v6xeon_e3-1230_v5_firmwarexeon_e3-1270_v5_firmwarexeon_e3-1535m_v5xeon_e3-1578l_v5xeon_e3-1245_v6xeon_e3-1505m_v6_firmwarexeon_e3-1505l_v5xeon_e3-1240l_v5_firmwarexeon_e3-1501l_v6_firmwarexeon_e3-1260l_v5xeon_e3-1280_v6_firmwarexeon_e3-1268l_v5_firmwarexeon_e3-1575m_v5_firmwarexeon_e3-1225_v5xeon_e3-1270_v5xeon_e3-1515m_v5xeon_e3-1558l_v5xeon_e3-1270_v6_firmwarexeon_e3-1245_v5_firmwareIntel(R) Processors
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-0189
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.18%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:36
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of out-of-range pointer offset in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_e3-1565l_v5xeon_e7-4820_v4xeon_e-2286gxeon_gold_5215xeon_e3-1240_v6_firmwarexeon_e3-1220_v5xeon_e-2174g_firmwarexeon_platinum_8260yxeon_e-2276ml_firmwarexeon_e3-1505m_v5_firmwarexeon_e3-1578l_v5_firmwarexeon_e-2246gxeon_e3-1230_v6xeon_platinum_8260y_firmwarexeon_e-2374gxeon_gold_5218txeon_e3-1501l_v6xeon_e-2254ml_firmwarexeon_e7-4809_v4_firmwarexeon_e7-8867_v4xeon_e-2378xeon_e-2236xeon_e3-1220_v5_firmwarexeon_platinum_8280_firmwarexeon_e-2374g_firmwarexeon_gold_5218nxeon_silver_4209t_firmwarexeon_e-2386g_firmwarexeon_e-2176m_firmwarexeon_gold_6250lxeon_gold_6209uxeon_e7-8891_v4xeon_e-2278g_firmwarexeon_e3-1240_v6xeon_e3-1230_v5xeon_e3-1240_v5_firmwarexeon_e-2278gexeon_platinum_8253xeon_e3-1545m_v5_firmwarexeon_silver_4214yxeon_gold_6252nxeon_e3-1275_v5_firmwarexeon_e-2278gel_firmwarexeon_e7-8894_v4xeon_platinum_8270_firmwarexeon_gold_6230txeon_silver_4210rxeon_e3-1505l_v6xeon_e-2254me_firmwarexeon_e-2236_firmwarexeon_e-2244g_firmwarexeon_platinum_8280xeon_gold_6238l_firmwarexeon_e-2126gxeon_e7-8893_v4_firmwarexeon_gold_5220t_firmwarexeon_gold_6252xeon_gold_5220rxeon_e3-1285_v6xeon_e3-1505l_v6_firmwarexeon_gold_6246xeon_gold_6226r_firmwarexeon_e-2276mlxeon_e3-1235l_v5xeon_e3-1225_v5_firmwarexeon_silver_4214rxeon_e3-1245_v6_firmwarexeon_silver_4210r_firmwarexeon_e3-1270_v6xeon_e3-1545m_v5xeon_gold_6256_firmwarexeon_platinum_9221xeon_e3-1515m_v5_firmwarexeon_e-2334_firmwarexeon_gold_6230rxeon_e-2276me_firmwarexeon_platinum_9222_firmwarexeon_e7-8891_v4_firmwarexeon_silver_4208xeon_e-2136_firmwarexeon_gold_6210u_firmwarexeon_e-2276mexeon_silver_4210t_firmwarexeon_e-2146gxeon_gold_5218t_firmwarexeon_e7-8870_v4xeon_e-2356g_firmwarexeon_e7-8880_v4_firmwarexeon_gold_5215lxeon_e-2146g_firmwarexeon_e-2286g_firmwarexeon_e3-1515m_v5xeon_platinum_8253_firmwarexeon_gold_6238xeon_e-2126g_firmwarexeon_gold_6240lxeon_e3-1260l_v5_firmwarexeon_gold_6248xeon_e3-1240l_v5xeon_e-2136xeon_e-2378_firmwarexeon_gold_6258rxeon_platinum_8256xeon_gold_6240l_firmwarexeon_e-2288g_firmwarexeon_platinum_9282xeon_e-2276mxeon_e-2224gxeon_silver_4215_firmwarexeon_gold_6254_firmwarexeon_gold_5220_firmwarexeon_e3-1505m_v5xeon_gold_6252_firmwarexeon_e3-1535m_v6_firmwarexeon_gold_6230n_firmwarexeon_bronze_3206rxeon_silver_4208_firmwarexeon_e7-4820_v4_firmwarexeon_gold_6240xeon_e-2144g_firmwarexeon_e3-1585l_v5xeon_gold_5220xeon_e-2378g_firmwarexeon_platinum_8256_firmwarexeon_e3-1275_v5xeon_e-2246g_firmwarexeon_gold_5218r_firmwarexeon_e3-1558l_v5_firmwarexeon_e-2388gxeon_platinum_8268xeon_e-2226gxeon_silver_4214y_firmwarexeon_gold_6240rxeon_gold_6238_firmwarexeon_e-2226ge_firmwarexeon_silver_4209txeon_e-2226gexeon_e3-1225_v6_firmwarexeon_e-2278gxeon_silver_4215rxeon_gold_6212uxeon_e7-8890_v4_firmwarexeon_e-2124xeon_e-2186g_firmwarexeon_silver_4215xeon_gold_6230nxeon_e3-1270_v5_firmwarexeon_platinum_8280l_firmwarexeon_e3-1240l_v5_firmwarexeon_e7-8860_v4_firmwarexeon_e3-1501l_v6_firmwarexeon_e3-1260l_v5xeon_e-2386gxeon_gold_6208uxeon_gold_6242_firmwarexeon_e-2134xeon_e-2388g_firmwarexeon_gold_6230r_firmwarexeon_gold_6242xeon_e-2336xeon_e3-1575m_v5_firmwarexeon_e3-1225_v5xeon_e-2186mxeon_gold_6246_firmwarexeon_e3-1558l_v5xeon_platinum_8260_firmwarexeon_e-2176mxeon_gold_6230t_firmwarexeon_e-2286mxeon_gold_6250_firmwarexeon_gold_5218_firmwarexeon_silver_4210txeon_gold_6244_firmwarexeon_e-2274gxeon_e7-8893_v4xeon_e7-4830_v4xeon_e-2134_firmwarexeon_platinum_8276_firmwarexeon_e3-1268l_v5xeon_e-2226g_firmwarexeon_platinum_8276xeon_gold_6240_firmwarexeon_gold_5220txeon_e-2324g_firmwarexeon_gold_6244xeon_gold_6242rxeon_e-2278ge_firmwarexeon_platinum_9242_firmwarexeon_e-2174gxeon_gold_6226rxeon_e3-1535m_v6xeon_e3-1585_v5_firmwarexeon_e3-1220_v6xeon_gold_6258r_firmwarexeon_bronze_3204xeon_e-2276m_firmwarexeon_e7-4850_v4xeon_e3-1220_v6_firmwarexeon_e7-4850_v4_firmwarexeon_gold_5218bxeon_gold_6230_firmwarexeon_e-2286m_firmwarexeon_gold_5218b_firmwarexeon_gold_6248_firmwarexeon_e3-1245_v5xeon_e3-1501m_v6_firmwarexeon_e-2176gxeon_e-2288gxeon_e-2274g_firmwarexeon_silver_4214r_firmwarexeon_e3-1225_v6xeon_gold_6254xeon_e3-1280_v6xeon_e7-8880_v4xeon_gold_5218rxeon_e-2176g_firmwarexeon_e-2254mlxeon_e-2124g_firmwarexeon_gold_6240yxeon_e-2224_firmwarexeon_gold_6238lxeon_gold_5218n_firmwarexeon_e7-8890_v4xeon_gold_6246r_firmwarexeon_gold_6246rxeon_e3-1275_v6_firmwarexeon_gold_6234_firmwarexeon_e-2224g_firmwarexeon_e3-1505m_v6xeon_e7-8860_v4xeon_e3-1535m_v5xeon_gold_5220r_firmwarexeon_e3-1505m_v6_firmwarexeon_gold_5222xeon_e7-8870_v4_firmwarexeon_e-2254mexeon_gold_6256xeon_e3-1505l_v5xeon_platinum_8260l_firmwarexeon_e7-4830_v4_firmwarexeon_gold_6248rxeon_silver_4214xeon_platinum_9222xeon_e3-1280_v6_firmwarexeon_gold_5220sxeon_platinum_8260xeon_platinum_8280lxeon_e-2144gxeon_e3-1270_v6_firmwarexeon_e-2244gxeon_e7-8867_v4_firmwarexeon_e3-1245_v5_firmwarexeon_gold_5222_firmwarexeon_silver_4216xeon_platinum_9242xeon_e3-1235l_v5_firmwarexeon_platinum_8276lxeon_e3-1575m_v5xeon_e-2124gxeon_gold_6238txeon_platinum_9221_firmwarexeon_gold_6240r_firmwarexeon_gold_6212u_firmwarexeon_e3-1285_v6_firmwarexeon_gold_6208u_firmwarexeon_gold_6209u_firmwarexeon_e-2356gxeon_platinum_9282_firmwarexeon_e3-1240_v5xeon_e3-1585l_v5_firmwarexeon_platinum_8276l_firmwarexeon_e-2336_firmwarexeon_gold_6250xeon_platinum_8260lxeon_e3-1585_v5xeon_platinum_8270xeon_gold_6248r_firmwarexeon_gold_6262v_firmwarexeon_gold_6226xeon_e-2334xeon_e3-1501m_v6xeon_silver_4214_firmwarexeon_platinum_8268_firmwarexeon_e3-1535m_v5_firmwarexeon_e3-1505l_v5_firmwarexeon_e-2314xeon_e3-1280_v5_firmwarexeon_e-2186gxeon_e-2314_firmwarexeon_gold_6226_firmwarexeon_silver_4210xeon_gold_6250l_firmwarexeon_gold_6234xeon_e3-1280_v5xeon_gold_6252n_firmwarexeon_gold_6262vxeon_gold_6240y_firmwarexeon_e7-4809_v4xeon_gold_5215_firmwarexeon_gold_5220s_firmwarexeon_e3-1230_v6_firmwarexeon_e3-1565l_v5_firmwarexeon_e3-1275_v6xeon_silver_4210_firmwarexeon_e-2276g_firmwarexeon_e-2224xeon_gold_5218xeon_e-2124_firmwarexeon_gold_6238rxeon_bronze_3204_firmwarexeon_e3-1230_v5_firmwarexeon_e-2278gelxeon_e3-1578l_v5xeon_e3-1245_v6xeon_gold_6222v_firmwarexeon_e-2378gxeon_e-2234_firmwarexeon_bronze_3206r_firmwarexeon_gold_6238r_firmwarexeon_silver_4215r_firmwarexeon_gold_6242r_firmwarexeon_gold_5217xeon_e-2324gxeon_e3-1268l_v5_firmwarexeon_e7-8894_v4_firmwarexeon_e-2276gxeon_gold_6210uxeon_gold_6222vxeon_silver_4216_firmwarexeon_e3-1270_v5xeon_e-2186m_firmwarexeon_gold_5215l_firmwarexeon_gold_6238t_firmwarexeon_e-2234xeon_gold_5217_firmwarexeon_gold_6230Intel(R) Processors
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 11
  • 12
  • Next
Details not found