Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-29470

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-11 Aug, 2023 | 02:37
Updated At-09 Oct, 2024 | 17:34
Rejected At-
Credits

Improper access control in the Intel® DTT Software before version 8.7.10400.15482 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:11 Aug, 2023 | 02:37
Updated At:09 Oct, 2024 | 17:34
Rejected At:
▼CVE Numbering Authority (CNA)

Improper access control in the Intel® DTT Software before version 8.7.10400.15482 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Products
Vendor
n/a
Product
Intel DTT Software
Default Status
unaffected
Versions
Affected
  • before version 8.7.10400.15482
Problem Types
TypeCWE IDDescription
N/AN/Aescalation of privilege
N/AN/AImproper access control
Type: N/A
CWE ID: N/A
Description: escalation of privilege
Type: N/A
CWE ID: N/A
Description: Improper access control
Metrics
VersionBase scoreBase severityVector
3.16.7MEDIUM
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00875.html
N/A
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00875.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00875.html
x_transferred
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00875.html
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:11 Aug, 2023 | 03:15
Updated At:22 Sep, 2023 | 18:15

Improper access control in the Intel® DTT Software before version 8.7.10400.15482 may allow an authenticated user to potentially enable escalation of privilege via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
CPE Matches
Intel Corporation
intel
>>dynamic_tuning_technology>>Versions before 8.7.10400.15482(exclusive)
cpe:2.3:a:intel:dynamic_tuning_technology:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00875.htmlsecure@intel.com
Vendor Advisory
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00875.html
Source: secure@intel.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

532Records found
CVE-2023-28397
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.71%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated to potentially enable escalation of privileges via local access.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncIntel CorporationMicrosoft Corporation
Product-windowslinux_kernelaptio_v_uefi_firmware_integrator_toolsIntel(R) Aptio* V UEFI Firmware Integrator Toolsaptio_v_uefi_firmware_integrator_tools
CWE ID-CWE-284
Improper Access Control
CVE-2023-28389
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 8.02%
||
7 Day CHG~0.00%
Published-14 Mar, 2024 | 16:45
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in some Intel(R) CSME installer software before version 2328.5.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) CSME installer softwareconverged_security_and_manageability_engine
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-28405
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.32%
||
7 Day CHG+0.01%
Published-11 Aug, 2023 | 02:37
Updated-10 Oct, 2024 | 15:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2022.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-openvinoIntel(R) Distribution of OpenVINO(TM) Toolkit
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-14605
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.12%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:09
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Intel(R) SCS Platform Discovery Utility, all versions, may allow an authenticated user to potentially enable escalation of privilege via local attack.

Action-Not Available
Vendor-n/aIntel Corporation
Product-setup_and_configuration_software_platform_discovery_utilityIntel(R) SCS Platform Discovery Utility
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-14601
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.16%
||
7 Day CHG~0.00%
Published-17 Jan, 2020 | 17:35
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for Intel(R) RWC 3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-raid_web_console_3Intel(R) RWC 3 for Windows
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-14608
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.19% / 40.10%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:10
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc7i7dnke_firmwarenuc8i3cysmnuc7i5dnke_firmwarenuc6i5syh_firmwarestk2mv64cc_firmwarestk2m3w64ccd34010wybnuc7cjyhnuc_8_mainstream_game_kitstk2m3w64cc_firmwarenuc8i7hnknuc_8_mainstream_game_mini_computer_firmwarenuc6i5syhcd1iv128mknuc8i7bek_firmwarenuc7i3dnhenuc8i7hnk_firmwarecd1iv128mk_firmwarenuc6i7kykcd1m3128mk_firmwared34010wyb_firmwarecd1m3128mknuc7cjyh_firmwarecd1p64gknuc7i3dnhe_firmwarenuc_8_mainstream_game_mini_computerde3815tybe_firmwarenuc7i5dnkenuc6cayscd1p64gk_firmwarenuc_8_mainstream_game_kit_firmwarede3815tybenuc7i7dnkestk2mv64ccnuc6i7kyk_firmwarenuc6cays_firmwarenuc8i7beknuc8i3cysm_firmwareIntel(R) NUC(R)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-14603
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.16%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:09
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the License Server software for Intel® Quartus® Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel® Quartus® Prime Pro Edition
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-28377
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 21.78%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication in some Intel(R) NUC Kit NUC11PH USB firmware installation software before version 1.1 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-usb_firmwarenuc_11_enthusiast_kit_nuc11phki7cnuc_11_enthusiast_mini_pc_nuc11phki7caaIntel(R) NUC Kit NUC11PH USB firmware installation softwareintel_nuc_kit_nuc11ph_usb_firmware_installation_software
CWE ID-CWE-287
Improper Authentication
CVE-2019-14565
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 31.74%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:47
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access.

Action-Not Available
Vendor-Linux Kernel Organization, IncIntel CorporationMicrosoft Corporation
Product-windowssoftware_guard_extensions_sdklinux_kernel2019.2 IPU – Intel(R) SGX
CWE ID-CWE-665
Improper Initialization
CVE-2017-5711
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 34.92%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.

Action-Not Available
Vendor-Intel CorporationASUS (ASUSTeK Computer Inc.)Siemens AG
Product-z170-arz170_pro_gamingprime_b250m-aex-b250m-v3z170m-plusb250_mining_expert_firmwaresimatic_field_pg_m5_firmwareprime_z370-aprime_b250-ab150m_pro_gaming_firmwarerog_maximus_viii_formulasimatic_ipc827dprime_b250m-d_firmwarerog_maximus_ix_extremeb150m-a_d3_firmwareprime_b250m-j_firmwareb250-mrh110i-plus_firmwarerog_maximus_viii_hero_alphasimotion_p320-4sz170_pro_gaming\/aurah110m-c_firmwarerog_maximus_x_codeh110m-k_xsimatic_ipc677cex-b250-v7_firmwarez170-kb150m-k_d3rog_strix_z370-e_gaming_firmwarerog_maximus_viii_geneh170-plus_d3b150m_pro_gamingh110m-d_firmwareh170-pro_firmwarerog_maximus_viii_rangerh110m-p\/dvi_firmwareh110m-c\/psz170-premiumsinumerik_pcu50.5-c_firmwareb150_pro_gaming_d3h110m-p\/dvirog_strix_z370-i_gaming_firmwareh110m-c\/ps_firmwareh170-prob150m-k_d3_firmwarerog_maximus_x_formula_firmwareq170m-cm-bz170-e_firmwarerog_maximus_x_formulah170i-proz170-ph110-plus_firmwareh110m-k_d3_firmwarez170m-plus\/br_firmwareb150-prob250m-c_pro_firmwarerog_strix_h270f_gamingprime_h270-proex-b150-v7rog_maximus_viii_hero_alpha_firmwareh110s2_firmwaresimatic_ipc677db250_mining_expertb150m-plus_d3rog_maximus_ix_formula_firmwareb150m-plus_firmwareb150i_pro_gaming\/wifi\/aurab150-a_firmwareprime_z270-a_firmwareb150m-c_d3b150m-v_plus_firmwareh110m-ksrog_strix_z370-h_gamingex-b150-v7_firmwareh110m-k_firmwarerog_strix_z270i_gaming_firmwareh170-plus_d3_firmwarerog_strix_z270g_gaming_firmwareprime_h270m-plus_firmwarerog_strix_b250g_gamingrog_strix_z270h_gamingex-b150m-v_firmwareprime_h110m2z170_pro_gaming_firmwareh110m-cprime_q270m-cb150-pro_d3b150_pro_gamingsimatic_ipc477ez170-deluxesimatic_ipc547db150i_pro_gaming\/auraz170-k_firmwareh170m-plus_firmwareactive_management_technology_firmwareh110m-c2_firmwareex-b250m-v3_firmwarerog_strix_b250h_gamingsimatic_ipc477d_pro_firmwarez170m-e_d3_firmwareh110tq270m-cm-ah110m-a\/m.2_firmwareprime_b250m-plus_firmwareb150m-plusprime_q270m-c_firmwareh110t-a_firmwareh110m-r_firmwareb250-sq170s1h170-pro\/usb_3.1z170-eprime_b250m-plusq170m2\/cdm\/siex-b150m-v3sinumerik_pcu50.5-p_firmwareh170m-plusprime_b250m-k_firmwareex-b250m-v5_firmwareb150m-c_d3_firmwareprime_z270m-plus_firmwareb150-ab150-plussimatic_ipc627c_firmwareh110m-a_d3_firmwarerog_strix_b250g_gaming_firmwaresimatic_field_pg_m3rog_strix_z370-g_gaming_firmwareh170m-e_d3_firmwareb150m-c\/brprime_z270-psimatic_ipc647dz170i_pro_gaming_firmwareh110m-tsz170m-plus_firmwareex-h110m-v3_firmwareh110m-e_firmwareh110t-ah110m-e\/m.2h110m-k_d3h110m-cs\/brrog_strix_z370-f_gaming_firmwarerog_strix_z370-e_gamingh110s1z170m-e_d3simatic_field_pg_m3_firmwarerog_maximus_viii_herob150m-c\/br_firmwarerog_maximus_viii_formula_firmwareh110m-c2rog_maximus_viii_impactb150m-aq170th110m-ez170-premium_firmwarez170-pro_firmwarerog_maximus_ix_herosabertooth_z170_mark_1_firmwarepio-b150m_firmwaretrooper_h110_d3_firmwareprime_z370-pz170_pro_gaming\/aura_firmwareh110m-a_d3rog_strix_z370-g_gamingtuf_z270_mark_1_firmwareprime_b250-plus_firmwareprime_z370-a_firmwarerog_strix_b250h_gaming_firmwareprime_b250m-a_firmwarerog_strix_b250f_gaming_firmwarerog_strix_h270i_gaming_firmwaresimatic_ipc427d_firmwareprime_h270m-plussimatic_field_pg_m4b150_pro_gaming\/aura_firmwarerog_maximus_ix_coderog_strix_h270f_gaming_firmwaretuf_z270_mark_1simatic_field_pg_m5h110m-cs\/br_firmwareb150_pro_gaming\/auraprime_b250-pro_firmwarez170-ar_firmwaresimatic_ipc827csimatic_ipc427dz170i_pro_gamingrog_maximus_x_code_firmwareq170t_firmwareh110m-cssimatic_ipc427e_firmwarez170-p_firmwarerog_strix_z270e_gaming_firmwaresimatic_ipc477d_proprime_z270-arrog_strix_z270h_gaming_firmwareprime_h270-pro_firmwareq170m2\/cdm\/si_firmwareb150m-k_firmwareprime_b250m-plus\/br_firmwareb150_pro_gaming_firmwareh170m-plus\/brb150m-a\/m.2_firmwareh110m-d\/exper\/sib250-mr_firmwarez170-p_d3prime_h110m2_firmwareh170m-e_d3h110m-fh110m-cs_x_firmwareh110m-e\/m.2_firmwarerog_strix_z270f_gamingex-h110m-v_firmwaresimatic_itp1000prime_h110m2\/fpt_firmwaresimatic_ipc627db150m-d_firmwarerog_maximus_x_herotuf_z370-plus_gamingb150m-f_plus_firmwareb250-s_firmwaresinumerik_pcu50.5-crog_strix_z270e_gamingrog_strix_z270h_gaming\/k1_firmwareprime_z270-ar_firmwaresimatic_ipc627csinumerik_pcu50.5-pex-h110m-v3prime_z270m-plush170m-plus\/br_firmwaretuf_z270_mark_2_firmwareb250m-f_plustuf_z370-plus_gaming_firmwareprime_b250m-dq170m-c_firmwaretuf_z370-pro_gaming_firmwarerog_strix_b250i_gaming_firmwareprime_b250-a_firmwareh110m-ks_firmwareh110s2h110m-c2\/tf_firmwareh110m-c\/br_firmwareh110m-cs_firmwareq270m-cm-a_firmwarerog_maximus_viii_hero_firmwareh170_pro_gaming_firmwaresimatic_ipc847d_firmwareh110m-ks_r1_firmwareh110m-rprime_b250-plush110s1_firmwaresimatic_ipc847c_firmwarez170-arog_maximus_viii_extreme_firmwareprime_h110m2\/fptprime_j3355i-c_firmwarerog_strix_z270i_gamingq170m-cm-b_firmwaresabertooth_z170_s_firmwaresimatic_ipc847dtrooper_b150_d3q170t_v2_firmwarerog_strix_b250f_gamingb250m-c_proz170-a_firmwarerog_maximus_viii_gene_firmwareex-b150m-v3_firmwareq170s1_firmwareex-b250m-v5b150-plus_firmwareb150_pro_gaming_d3_firmwareb150m-v_plush170i-pro_firmwareb150-pro_d3_firmwareb150i_pro_gaming\/aura_firmwaretrooper_b150_d3_firmwareh110m-c\/hdmi_firmwareh110m-f_firmwarerog_maximus_viii_extremeh110m-ks_r1rog_maximus_ix_hero_firmwareb150m-drog_maximus_x_apexb150m-kh170-pro\/usb_3.1_firmwareh110m-a\/dp_firmwareprime_b250m-plus\/brsimotion_p320-4s_firmwareh110m-cs_xsimatic_ipc827c_firmwarerog_maximus_ix_apex_firmwareh110m-a\/dpb150m-cex-h110m-vsimatic_ipc477e_firmwaresabertooth_z170_sprime_j3355i-csimatic_ipc477dprime_h270-plussabertooth_z170_mark_1h110m-c\/hdmirog_maximus_ix_extreme_firmwaresimatic_ipc677d_firmwaresimatic_ipc547erog_maximus_x_apex_firmwareex-b150m-vh110-pluspio-b250i_firmwareprime_h270-plus_firmwareprime_b250m-ch110m-ktuf_z270_mark_2b150m-c_firmwareprime_h110m-psimatic_ipc477d_firmwareex-b150m-v5manageability_engine_firmwaresimatic_ipc647ctuf_z370-pro_gamingq170t_v2rog_strix_z270f_gaming_firmwaresimatic_ipc427eq170m2_firmwarerog_strix_h270i_gamingq270-s_firmwareb150m-a_d3h110m-ts_firmwarepio-b250ih110m-k_x_firmwaresimatic_ipc547d_firmwarerog_maximus_viii_impact_firmwareex-b250m-v_firmwareq170m2b250m-f_plus_firmwareh110m-plusrog_maximus_x_hero_firmwarerog_maximus_viii_ranger_firmwareprime_z270m-plus\/brprime_b250-proprime_z270m-plus\/br_firmwarerog_strix_z370-h_gaming_firmwaretrooper_h110_d3rog_maximus_ix_apexprime_z270-k_firmwareh110m-c\/brsimatic_ipc827d_firmwareprime_h110m-p_firmwarez170-p_d3_firmwareq270-srog_strix_b250i_gamingq170m-cz170-proh110m-ab150-pro_firmwareb150m-a_firmwarerog_strix_z370-i_gamingsimatic_ipc547e_firmwareprime_b250m-kb150m-plus_d3_firmwareh110m-a_firmwaresimatic_ipc847cex-b250-v7rog_maximus_ix_formulaz170-deluxe_firmwareprime_z370-p_firmwareh110i-plush110m-d\/exper\/si_firmwarerog_strix_z370-f_gamingrog_strix_z270g_gamingsimatic_ipc647d_firmwareprime_b250m-c_firmwaresimatic_ipc677c_firmwareh110m-drog_strix_z270h_gaming\/k1prime_b250m-jb150m-f_plusex-b250m-vprime_z270-ksimatic_ipc647c_firmwarez170m-plus\/brsimatic_itp1000_firmwaresimatic_field_pg_m4_firmwareprime_z270-p_firmwarerog_maximus_ix_code_firmwareex-b150m-v5_firmwareh170_pro_gamingh110m-plus_firmwareh110m-a\/m.2pio-b150mh110t_firmwareh110m-c2\/tfsimatic_ipc627d_firmwareb150i_pro_gaming\/wifi\/aura_firmwareb150m-a\/m.2prime_z270-aActive Management Technology
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-28401
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.2||MEDIUM
EPSS-0.07% / 20.62%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-02 Aug, 2024 | 12:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-windowsarc_a_graphicsiris_xe_graphicsIntel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14569
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.80%
||
7 Day CHG~0.00%
Published-11 Oct, 2019 | 17:57
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pointer corruption in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Action-Not Available
Vendor-Intel Corporation
Product-nuc_kit_dn2820fykhnuc_board_de3815tybe_firmwarenuc_8_mainstream_game_kitnuc_kit_de3815tykhe_firmwarenuc_8_mainstream_game_mini_computer_firmwarenuc_8_mainstream_game_kit_firmwarenuc_kit_de3815tykhenuc_kit_dn2820fykh_firmwarenuc_board_de3815tybenuc_8_mainstream_game_mini_computerNUC Advisory
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-14566
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 31.74%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:46
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access.

Action-Not Available
Vendor-Linux Kernel Organization, IncIntel CorporationMicrosoft Corporation
Product-windowssoftware_guard_extensions_sdklinux_kernel2019.2 IPU – Intel(R) SGX
CWE ID-CWE-20
Improper Input Validation
CVE-2023-27519
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.05% / 14.62%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-11 Jun, 2025 | 14:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) Optane(TM) SSD products may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-optane_memory_h20_with_solid_state_storageoptane_ssd_dc_p4800x_firmwareoptane_ssd_dc_p4801x_firmwareoptane_ssd_905poptane_ssd_900poptane_ssd_dc_p4801xoptane_memory_h20_with_solid_state_storage_firmwareoptane_ssd_dc_p4800xoptane_ssd_905p_firmwareoptane_ssd_900p_firmwareIntel(R) Optane(TM) SSD products
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14613
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.89%
||
7 Day CHG~0.00%
Published-17 Jan, 2020 | 17:37
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in driver for Intel(R) VTune(TM) Amplifier for Windows* before update 8 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-vtune_profilerIntel(R) VTune(TM) Amplifier for Windows*
CVE-2019-14599
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.20%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted service path in Control Center-I version 2.1.0.0 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-control_center-iControl Center-I
CWE ID-CWE-426
Untrusted Search Path
CVE-2019-14568
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 31.33%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:12
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the executable for Intel(R) RST before version 17.7.0.1006 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-rapid_storage_technologyIntel(R) RST
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-21807
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.44%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:52
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path elements in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-vtune_profilerIntel(R) VTune(TM) Profiler software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-27509
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.6||MEDIUM
EPSS-0.05% / 14.88%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-02 Oct, 2024 | 13:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ispc_software_installerIntel(R) ISPC software installers
CWE ID-CWE-284
Improper Access Control
CVE-2023-46689
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.24% / 47.25%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-28 Aug, 2025 | 01:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper neutralization in Intel(R) Power Gadget software for macOS all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationApple Inc.
Product-power_gadgetmacosIntel(R) Power Gadget software for macOSpower_gadget_software
CWE ID-CWE-707
Improper Neutralization
CVE-2023-46691
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.9||HIGH
EPSS-0.10% / 28.00%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-28 Aug, 2025 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationMicrosoft Corporation
Product-windowspower_gadgetIntel(R) Power Gadget software for Windowspower_gadget_software
CWE ID-CWE-416
Use After Free
CVE-2023-27505
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 15.12%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-10 Oct, 2024 | 15:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-advanced_link_analyzerIntel(R) Advanced Link Analyzer Standard Edition software installers
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-14570
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.60%
||
7 Day CHG~0.00%
Published-11 Oct, 2019 | 17:58
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Action-Not Available
Vendor-Intel Corporation
Product-nuc_kit_dn2820fykhnuc_board_de3815tybe_firmwarenuc_8_mainstream_game_kitnuc_kit_de3815tykhe_firmwarenuc_8_mainstream_game_mini_computer_firmwarenuc_8_mainstream_game_kit_firmwarenuc_kit_de3815tykhenuc_kit_dn2820fykh_firmwarenuc_board_de3815tybenuc_8_mainstream_game_mini_computerNUC Advisory
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-45736
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.48%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-28 Aug, 2025 | 01:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationMicrosoft Corporation
Product-windowspower_gadgetIntel(R) Power Gadget software for Windowspower_gadget_software
CWE ID-CWE-277
Insecure Inherited Permissions
CVE-2023-45217
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.16% / 35.88%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-28 Aug, 2025 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationMicrosoft Corporation
Product-windowspower_gadgetIntel(R) Power Gadget software for Windowspower_gadget_software
CWE ID-CWE-1220
Insufficient Granularity of Access Control
CWE ID-CWE-284
Improper Access Control
CVE-2023-25945
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 32.28%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:37
Updated-07 Nov, 2024 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Protection mechanism failure in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-one_boot_flash_updateIntel(R) OFU software
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2019-14602
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.12%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:40
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Nuvoton* CIR Driver versions 1.02.1002 and before may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-windowsnuvoton_consumer_infraredNuvoton* CIR Driver for Windows* 8 for Intel(R) NUC
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-25944
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.32%
||
7 Day CHG+0.01%
Published-11 Aug, 2023 | 02:37
Updated-10 Oct, 2024 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in some Intel(R) VCUST Tool software downloaded before February 3nd 2023 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-vcust_toolIntel(R) VCUST Tool software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-14610
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.19% / 40.10%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:11
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc7i7dnke_firmwarenuc8i3cysmnuc7i5dnke_firmwarenuc6i5syh_firmwarestk2mv64cc_firmwarestk2m3w64ccd34010wybnuc7cjyhnuc_8_mainstream_game_kitstk2m3w64cc_firmwarenuc8i7hnknuc_8_mainstream_game_mini_computer_firmwarenuc6i5syhcd1iv128mknuc8i7bek_firmwarenuc7i3dnhenuc8i7hnk_firmwarecd1iv128mk_firmwarenuc6i7kykcd1m3128mk_firmwared34010wyb_firmwarecd1m3128mknuc7cjyh_firmwarecd1p64gknuc7i3dnhe_firmwarenuc_8_mainstream_game_mini_computerde3815tybe_firmwarenuc7i5dnkenuc6cayscd1p64gk_firmwarenuc_8_mainstream_game_kit_firmwarede3815tybenuc7i7dnkestk2mv64ccnuc6i7kyk_firmwarenuc6cays_firmwarenuc8i7beknuc8i3cysm_firmwareIntel(R) NUC(R)
CVE-2023-45743
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.17% / 38.09%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-28 Jan, 2025 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) DSA software uninstallers before version 23.4.39.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-driver_\&_support_assistantIntel(R) DSA software uninstallersdsa_software_uninstallers
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-45320
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.12% / 30.82%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-28 Aug, 2025 | 01:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-vtune_profilerIntel(R) VTune(TM) Profiler softwarevtune_profiler
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-45221
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.8||MEDIUM
EPSS-0.03% / 9.91%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-28 Aug, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in Intel(R) Media SDK all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-media_sdkIntel(R) Media SDK
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-43751
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 31.43%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in Intel(R) Graphics Command Center Service bundled in some Intel(R) Graphics Windows DCH driver software before versions 31.0.101.3790/31.0.101.2114 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) Graphics Windows DCH driver softwaregraphics_windows_dch_driver_software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-43629
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.25%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzersIntel(R) GPA software installersgraphics_performance_analyzer
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-43748
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.05%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) GPA Framework software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzers_frameworkIntel(R) GPA Framework software installersgraphics_performance_analyzer
CWE ID-CWE-284
Improper Access Control
CVE-2023-43747
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 8.02%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions for some Intel(R) Connectivity Performance Suite software installers before version 2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) Connectivity Performance Suite software installersconnectivity_performance_suite
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-42668
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 17.41%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in some onboard video driver software before version 1.14 for Intel(R) Server Boards based on Intel(R) 62X Chipset may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-onboard video driver software for Intel(R) Server Boards based on Intel(R) 62X Chipset62x_chipset
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-41961
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 34.30%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) GPA software before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzersIntel(R) GPA softwaregraphics_performance_analyzers
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-42433
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 17.41%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in some Endurance Gaming Mode software installers before version 1.3.937.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Endurance Gaming Mode software installersendurance_gaming_mode_software_installers
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-42766
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.05%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel NUC 8 Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_8_compute_element_cm8v5cb_firmwarenuc_8_compute_element_cm8v7cb_firmwarenuc_8_compute_element_cm8v7cbnuc_8_compute_element_cm8v5cbIntel NUC 8 Compute Element BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-42773
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.18% / 39.69%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-28 Aug, 2025 | 01:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper neutralization in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationMicrosoft Corporation
Product-windowspower_gadgetIntel(R) Power Gadget software for Windowspower_gadget_software
CWE ID-CWE-707
Improper Neutralization
CVE-2023-42429
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 15.78%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in some Intel NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc7cjyhn_firmwarenuc_7_essential_pc_nuc7cjysal_firmwarenuc_kit_nuc7cjyhnuc_kit_nuc7pjyhn_firmwarenuc_kit_nuc7cjyh_firmwarenuc_kit_nuc7cjyhnnuc_kit_nuc7pjyh_firmwarenuc_7_essential_nuc7cjysalnuc_kit_nuc7pjyhnnuc_7_essential_nuc7cjysamnnuc_kit_nuc7pjyhnuc_7_essential_nuc7cjysamn_firmwareIntel NUC BIOS firmware
CWE ID-CWE-92
DEPRECATED: Improper Sanitization of Custom Special Characters
CVE-2023-25182
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.2||MEDIUM
EPSS-0.05% / 16.27%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-02 Oct, 2024 | 14:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) Unite(R) Client software for Mac before version 4.2.11 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-uniteIntel(R) Unite(R) Client software for Mac
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-21220
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.66%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus(R) Prime Pro Edition
CWE ID-CWE-611
Improper Restriction of XML External Entity Reference
CVE-2022-21181
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.72%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 00:00
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-dual_band_wireless-ac_8265wireless-ac_9461wireless-ac_9462wireless-ac_9560_firmwarewireless-ac_9260_firmwarewireless-ac_9260dual_band_wireless-ac_8260wireless-ac_9462_firmwaredual_band_wireless-ac_8265_firmwarekiller_ac_1550_firmwaredual_band_wireless-ac_8260_firmwarewireless-ac_9461_firmwarewireless-ac_9560killer_ac_1550Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products
CWE ID-CWE-20
Improper Input Validation
CVE-2023-41091
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 34.30%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-24 Oct, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) MPI Library Software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-mpi_libraryIntel(R) MPI Library Software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-41231
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 14.95%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:37
Updated-24 Oct, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in some ACAT software maintained by Intel(R) before version 2.0.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-assistive_context-aware_toolkitACAT software maintained by Intel(R)assistive_context-aware_toolkit
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-21128
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.89%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:35
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-advisorIntel(R) Advisor software
CVE-2022-21162
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 31.72%
||
7 Day CHG+0.02%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for the Intel(R) HDMI Firmware Update tool for NUC before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_hdmi_firmware_update_toolIntel(R) HDMI Firmware Update tool for NUC
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-40156
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 35.37%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-25 Oct, 2024 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in some Intel(R) SSU software before version 3.0.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_support_utilityIntel(R) SSU softwaresystem_support_utility
CWE ID-CWE-427
Uncontrolled Search Path Element
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 10
  • 11
  • Next
Details not found