Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-33946

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-16 Feb, 2023 | 20:00
Updated At-27 Jan, 2025 | 18:17
Rejected At-
Credits

Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:16 Feb, 2023 | 20:00
Updated At:27 Jan, 2025 | 18:17
Rejected At:
▼CVE Numbering Authority (CNA)

Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Products
Vendor
n/a
Product
Intel(R) SUR software
Default Status
unaffected
Versions
Affected
  • before version 2.4.8902
Problem Types
TypeCWE IDDescription
N/AN/Aescalation of privilege
Type: N/A
CWE ID: N/A
Description: escalation of privilege
Metrics
VersionBase scoreBase severityVector
3.15.6MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L
Version: 3.1
Base score: 5.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html
N/A
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html
x_transferred
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:16 Feb, 2023 | 21:15
Updated At:27 Feb, 2023 | 19:03

Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.15.6MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 5.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L
CPE Matches
Intel Corporation
intel
>>system_usage_report>>Versions before 2.4.8902(exclusive)
cpe:2.3:a:intel:system_usage_report:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-287Primarynvd@nist.gov
CWE ID: CWE-287
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.htmlsecure@intel.com
Patch
Vendor Advisory
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html
Source: secure@intel.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

531Records found
CVE-2020-8687
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.18%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 03:16
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-rste_software_raidIntel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB Advisory
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-8672
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.07%
||
7 Day CHG~0.00%
Published-02 Feb, 2021 | 21:16
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read in BIOS firmware for 8th, 9th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 Series Processors may allow an unauthenticated user to potentially enable elevation of privilege or denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-core_i7_9700kfcore_i7_9700core_i5_9600core_i5_9400tcore_i5_9400fcore_i3_8350kcore_i5_8400tcore_i3_9100fcore_i3_8300core_i3_9300tcore_i5_9600tcore_i9_9900kcore_i3_9100tcore_i7_9700fcore_i5_9600kcore_i3_9300core_i5_8600tcore_i7_8086kcore_i5_8500core_i7_8700kcore_i5_8500tcore_i9_9900kfcore_i9_9900tcore_i5_8600core_i5_9500fcore_i3_9320core_i7_8700tcore_i5_8400core_i5_9400celeron_4305uecore_i3_8100tcore_i9_9900celeron_4305ucore_i3_8300tcore_i9_9900kscore_i7_9700kcore_i3_9350kfcore_i5_9500celeron_4205ucore_i5_8600kcore_i5_9500tcore_i5_9600kfbioscore_i3_9100core_i7_8700core_i3_8100core_i7_9700tcore_i3_9350kcore_i3_8100fIntel BIOS Advisory
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-8743
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.92%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:14
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Intel(R) Mailbox Interface driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-mailbox_interface_driverIntel(R) Mailbox Interface driver Advisory
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-8678
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:49
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control for Intel(R) Graphics Drivers before version 15.45.33.5164 and 27.20.100.8280 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) Graphics Drivers
CVE-2020-8763
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.92%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:14
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Intel(R) RealSense(TM) D400 Series UWP driver for Windows* 10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-realsense_d435_firmwarerealsense_d415_firmwarerealsense_d435i_firmwarewindows_10Intel(R) RealSense(TM) D400 Series Advisory
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-8736
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:22
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in subsystem for the Intel(R) Computing Improvement Program before version 2.4.5718 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-computing_improvement_programIntel(R) Computing Improvement Program Advisory
CVE-2020-8681
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 03:18
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds write in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) Graphics Drivers Advisory
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-8741
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.92%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:44
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Intel(R) Thunderbolt(TM) non-DCH driver, all versions, for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-thunderbolt_non-dch_driverIntel(R) Thunderbolt(TM)
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-8760
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 32.30%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:08
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-cloud_backupactive_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-8739
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.23% / 46.10%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:04
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of potentially dangerous function in Intel BIOS platform sample code for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-xeon_platinum_8153xeon_w-2223core_i7-9800xxeon_w-3245mxeon_gold_5217xeon_gold_6230txeon_gold_6146xeon_gold_6126tcore_i7-6950xxeon_gold_6230ncore_i7-4960xxeon_w-3225xeon_w-3265xeon_gold_5218nxeon_bronze_3106xeon_gold_6138txeon_w-3245xeon_d-1527xeon_gold_5115xeon_gold_5120xeon_platinum_8170xeon_gold_6136xeon_w-2125core_i9-10940xxeon_d-1523nxeon_d-1540xeon_gold_6138xeon_gold_5220xeon_d-1653nxeon_platinum_8160thci_compute_node_bioscore_i7-7740xxeon_w-2295xeon_silver_4214rcore_i7-5820kxeon_d-1528xeon_platinum_8164xeon_d-1577xeon_silver_4114txeon_d-1637core_i7-3960xaff_biosxeon_gold_6154xeon_gold_6234xeon_d-2141ixeon_w-2175xeon_d-1541core_i7-3940xmxeon_gold_6238rxeon_w-1250xeon_w-1250texeon_w-2255xeon_d-1518fas_bioshci_storage_node_biosxeon_gold_6208ucore_i7-4940mxxeon_gold_5215xeon_w-1290exeon_d-2143itcore_i7-4930kxeon_d-2163itxeon_platinum_8168core_i9-7920xxeon_gold_5222xeon_w-3275xeon_gold_5218xeon_w-1270xeon_d-1553nxeon_silver_4209txeon_silver_4109txeon_d-1567xeon_silver_4116xeon_w-1270exeon_d-1633nxeon_gold_5215lxeon_silver_4215rxeon_d-1548xeon_gold_6138fcore_i7-4820kxeon_d-1529xeon_gold_5122xeon_w-2245xeon_d-1649nxeon_platinum_8160core_i9-7960xxeon_silver_4210tcore_i7-7820xxeon_gold_6212uxeon_w-1270tecore_i9-7980xexeon_silver_4114core_i7-6900kcore_i9-9940xxeon_gold_6148fxeon_bronze_3104xeon_d-1520xeon_w-1290txeon_gold_6132xeon_d-1571xeon_gold_6238lbiosxeon_gold_6152core_i9-9820xxeon_platinum_8158xeon_w-2155xeon_platinum_8156xeon_d-2173itcore_i9-9900xxeon_d-2123itxeon_w-1290pxeon_w-3265mxeon_w-2135xeon_gold_6222vxeon_d-1627core_i7-3930kxeon_platinum_8176xeon_w-2265xeon_d-1623nxeon_w-2145xeon_d-1531xeon_d-1602xeon_w-10855mxeon_gold_6142xeon_gold_6126fxeon_d-1539xeon_d-1533nxeon_gold_6128core_i9-9980xexeon_gold_5218txeon_silver_4215xeon_gold_6150xeon_gold_5118xeon_w-2235xeon_gold_6130fxeon_d-2142itxeon_gold_5220rxeon_gold_6140core_i7-6800kxeon_d-2146ntxeon_platinum_8160fcore_i9-10900xxeon_silver_4214xeon_w-1270pxeon_silver_4210rxeon_d-2161ixeon_silver_4214ycore_i9-10920xcore_i9-10980xexeon_gold_6210uxeon_d-2187ntxeon_gold_5218bcore_i7-6850kxeon_gold_6126core_i7-3970xcore_i9-7940xxeon_gold_6138pcore_i9-9960xxeon_w-1250exeon_w-1290xeon_d-2166ntcore_i7-3920xmxeon_platinum_8176fxeon_silver_4216solidfire_biosxeon_gold_6230xeon_w-2195xeon_w-10885mxeon_d-2183itxeon_silver_4116txeon_d-1513nxeon_d-1537xeon_w-2275xeon_d-1622xeon_w-1290tecore_i5-7640xcore_i9-7900xxeon_d-1543nxeon_gold_6209uxeon_silver_4112xeon_gold_6226xeon_gold_6142fxeon_w-3223xeon_d-1521xeon_d-1559core_i7-5960xxeon_d-2145ntxeon_gold_5120txeon_gold_6230rxeon_w-3175xxeon_gold_6238xeon_gold_6130xeon_gold_6134xeon_w-1250pcore_i7-7800xcore_i9-9920xcore_i7-4930mxxeon_w-3235xeon_silver_4208core_i7-5930kxeon_gold_5218rxeon_gold_6226rxeon_bronze_3206rxeon_w-2225xeon_w-2123xeon_gold_5220sxeon_w-2133xeon_w-3275mxeon_d-1557xeon_gold_6148core_i7-3820xeon_gold_6144xeon_silver_4110xeon_bronze_3204xeon_platinum_8180xeon_d-2177ntxeon_gold_5119txeon_silver_4108xeon_gold_6130txeon_gold_5220txeon_silver_4210Intel BIOS platform sample code for some Intel(R) Processors
CVE-2020-8729
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.85%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:56
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer copy without checking size of input for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8750
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:07
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Kernel Mode Driver for Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trusted_execution_engineIntel(R) TXE
CWE ID-CWE-416
Use After Free
CVE-2023-24592
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.15% / 35.88%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:05
Updated-02 Aug, 2024 | 11:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023.1 may allow authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_base_toolkitmpi_libraryoneapi_hpc_toolkitinspectoradvisorIntel(R) oneAPI Toolkits and Component software
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-36398
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.07%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-battery_life_diagnostic_toolIntel(R) Battery Life Diagnostic Tool software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24525
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.92%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:16
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_board_h27002-404nuc_8_mainstream-g_kit_nuc8i7inhnuc_8_pro_kit_nuc8i3pnknuc_8_pro_board_nuc8i3pnbnuc_8_pro_kit_nuc8i3pnhnuc_kit_h26998-402nuc_board_h27002-400nuc_8_mainstream-g_mini_pc_nuc8i7inhnuc_board_nuc8cchbnuc_8_pro_mini_pc_nuc8i3pnknuc_kit_h26998-405_firmwarenuc_8_mainstream-g_kit_nuc8i7inh_firmwarenuc_8_mainstream-g_mini_pc_nuc8i5inhnuc_kit_h26998-500_firmwarenuc_kit_h26998-402_firmwarenuc_8_pro_board_nuc8i3pnb_firmwarenuc_8_rugged_kit_nuc8cchkrnuc_board_h27002-404_firmwarenuc_8_mainstream-g_kit_nuc8i5inh_firmwarenuc_8_mainstream-g_kit_nuc8i5inhnuc_board_nuc8cchb_firmwarenuc_kit_h26998-500nuc_kit_h26998-404nuc_board_h27002-500_firmwarenuc_8_rugged_kit_nuc8cchkr_firmwarenuc_board_h27002-400_firmwarenuc_board_h27002-402_firmwarenuc_kit_h26998-403_firmwarenuc_kit_h26998-403nuc_board_h27002-402nuc_kit_h26998-401nuc_kit_h26998-405nuc_8_pro_mini_pc_nuc8i3pnk_firmwarenuc_8_mainstream-g_mini_pc_nuc8i5inh_firmwarenuc_board_h27002-401_firmwarenuc_8_pro_kit_nuc8i3pnh_firmwarenuc_board_h27002-401nuc_kit_h26998-401_firmwarenuc_board_h27002-500nuc_9_pro_kit_nuc9v7qnxnuc_9_pro_kit_nuc9vxqnx_firmwarenuc_9_pro_kit_nuc9vxqnxnuc_9_pro_kit_nuc9v7qnx_firmwarenuc_8_mainstream-g_mini_pc_nuc8i7inh_firmwarenuc_8_pro_kit_nuc8i3pnk_firmwarenuc_kit_h26998-404_firmwareIntel(R) NUCs
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-24481
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.38%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:45
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions for the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartusIntel(R) Quartus Prime Pro and Standard edition software
CVE-2020-24462
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:49
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds write in the Intel(R) Graphics Driver before version 15.33.53.5161, 15.36.40.5162, 15.40.47.5166, 15.45.33.5164 and 27.20.100.8336 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) Graphics Driver
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-24456
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.92%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:56
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the Intel(R) Board ID Tool version v.1.01 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-board_id_toolIntel(R) Board ID Tool
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-24453
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:46
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) EPID SDK before version 8, may allow an authenticated user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-epid_software_development_kitIntel(R) EPID SDK
CWE ID-CWE-20
Improper Input Validation
CVE-2020-24450
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:47
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper conditions check in some Intel(R) Graphics Drivers before versions 26.20.100.8141, 15.45.32.5145 and 15.40.46.5144 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) Graphics Drivers
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2020-24473
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:01
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds write in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_system_r2312wfqzsserver_system_r1304wftysserver_board_s2600bpsserver_board_s2600bpqrserver_system_r2208wf0zsserver_board_s2600wftcompute_module_hns2600bpb24rserver_system_r2312wftzsrserver_system_r1208wftysserver_board_s2600bpbserver_board_s2600stqrserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r2308wftzsrserver_board_s2600bpqcompute_module_hns2600bps24rserver_system_r1304wftysrserver_board_s2600stbserver_board_s2600wfqserver_system_r2208wfqzsrserver_board_s2600bpsrcompute_module_hns2600bpsrserver_system_r2312wf0npserver_system_r2312wf0nprserver_system_r2224wfqzsserver_board_s2600stbrserver_system_r1208wfqysrserver_system_r2312wftzsserver_board_s2600wfqrserver_board_s2600stqserver_system_r2224wftzscompute_module_hns2600bpqrserver_system_r2208wf0zsrcompute_module_hns2600bpbrserver_system_r2308wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_r2208wftzsrserver_system_r1208wftysrserver_system_r2208wftzsserver_board_s2600bpbrcompute_module_hns2600bpq24rserver_system_r2224wftzsrbaseboard_management_controller_firmwareserver_board_s2600wftrserver_board_s2600wf0Intel(R) Server Boards, Server Systems and Compute Modules
CWE ID-CWE-787
Out-of-bounds Write
CVE-2015-2291
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.54% / 84.88%
||
7 Day CHG+0.28%
Published-09 Aug, 2017 | 18:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-03-03||Apply updates per vendor instructions.

(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.

Action-Not Available
Vendor-n/aIntel CorporationMicrosoft Corporation
Product-ethernet_diagnostics_driver_iqvw32.sysethernet_diagnostics_driver_iqvw64.syswindowsn/aEthernet Diagnostics Driver for Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2020-12287
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.92%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:11
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect permissions in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2020.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-distribution_of_openvino_toolkitIntel(R) Distribution of OpenVINO(TM) Toolkit Advisory
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-46691
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.9||HIGH
EPSS-0.06% / 18.55%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-28 Aug, 2025 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationMicrosoft Corporation
Product-windowspower_gadgetIntel(R) Power Gadget software for Windowspower_gadget_software
CWE ID-CWE-416
Use After Free
CVE-2023-45736
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 8.74%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-28 Aug, 2025 | 01:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationMicrosoft Corporation
Product-windowspower_gadgetIntel(R) Power Gadget software for Windowspower_gadget_software
CWE ID-CWE-277
Insecure Inherited Permissions
CVE-2020-12303
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.48%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:07
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_and_manageability_enginetrusted_execution_technologyIntel(R) CSME, Intel(R) TXE
CWE ID-CWE-416
Use After Free
CVE-2017-5711
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.97%
||
7 Day CHG~0.00%
Published-21 Nov, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)Siemens AGIntel Corporation
Product-rog_strix_z270g_gaming_firmwareh110-plus_firmwareh170m-plus\/brsimatic_ipc627dprime_h110m-ptuf_z270_mark_2rog_strix_z270h_gaming\/k1prime_j3355i-cb150i_pro_gaming\/aurasimatic_ipc827ch110m-a\/dp_firmwaresimatic_ipc477d_firmwareq170t_firmwareb250m-f_plush110m-ksh110m-a_d3ex-b150m-v5rog_strix_b250i_gaming_firmwareh170_pro_gamingsimotion_p320-4strooper_b150_d3_firmwareh110s2b150m-dtuf_z370-plus_gaming_firmwareh110m-ts_firmwaresimatic_ipc647d_firmwareb150-asimatic_ipc477db150m-plus_d3_firmwarerog_maximus_viii_hero_firmwarerog_strix_z270f_gamingrog_maximus_viii_ranger_firmwareb150m-v_plus_firmwareprime_q270m-ch110-plush110s2_firmwareh110m-e_firmwareprime_h110m2\/fpt_firmwaresabertooth_z170_mark_1h110m-c\/hdmi_firmwaresinumerik_pcu50.5-p_firmwaretuf_z370-pro_gaming_firmwarerog_maximus_viii_hero_alpha_firmwarerog_maximus_ix_hero_firmwarez170-krog_strix_b250g_gaming_firmwarerog_strix_z370-f_gamingb150m-ah110m-aex-b250m-v5z170-prosimatic_ipc477eb150m-k_d3prime_h110m2_firmwarerog_maximus_viii_formulaprime_b250m-dsimatic_field_pg_m3_firmwarerog_maximus_ix_extremesimatic_ipc677cb150m-k_firmwareq170s1_firmwareex-b150m-v3_firmwareprime_b250m-jb150m-a_d3_firmwarez170m-e_d3z170-k_firmwarepio-b150m_firmwarerog_strix_h270i_gaming_firmwareh170m-plush110m-ks_r1_firmwareex-b250-v7b150m-plusz170-ar_firmwareh110m-plusb150m-v_plush110m-kex-b150-v7_firmwareh110m-a_d3_firmwarerog_strix_b250h_gaming_firmwareh110m-c\/br_firmwarez170m-plus\/brprime_h270-plus_firmwareprime_h110m2\/fptprime_z270m-plus\/br_firmwareh110t-a_firmwareh110i-plus_firmwaresimatic_ipc627d_firmwaresimatic_field_pg_m3prime_z270-kh170i-pro_firmwaresimatic_field_pg_m4simatic_ipc627ch170i-prob150m-plus_d3z170-premium_firmwaresabertooth_z170_mark_1_firmwareb150m-f_plush170m-e_d3z170-eb150-pro_firmwarepio-b150mrog_maximus_ix_codeprime_b250-plus_firmwareh110m-c_firmwarerog_maximus_x_hero_firmwaresimatic_itp1000simatic_ipc427d_firmwareh110m-e\/m.2_firmwareprime_h110m2rog_maximus_x_formularog_maximus_x_formula_firmwareh110m-d\/exper\/sib150_pro_gaming\/aura_firmwaremanageability_engine_firmwarerog_maximus_ix_herorog_strix_z270i_gamingh170-plus_d3_firmwareex-b150m-v_firmwareq170m-cm-brog_strix_z370-g_gamingprime_z270-arb150-pro_d3rog_strix_z270h_gamingh110m-cs\/br_firmwarerog_strix_z370-i_gamingrog_strix_z370-h_gaming_firmwareh110m-d_firmwaresabertooth_z170_sb150_pro_gamingh110m-a\/m.2q270m-cm-asimatic_ipc847c_firmwareh110m-rh170-pro\/usb_3.1_firmwareq170m2_firmwareb150m-kprime_z270m-plus_firmwareh110m-a_firmwareex-h110m-v3_firmwareh110m-k_x_firmwarez170m-e_d3_firmwareh170_pro_gaming_firmwareb150m-k_d3_firmwarerog_strix_z270f_gaming_firmwarerog_strix_b250f_gamingh110m-cs\/brq170s1ex-b250-v7_firmwaresabertooth_z170_s_firmwarerog_strix_b250h_gamingh110m-d\/exper\/si_firmwareex-b150m-v5_firmwareprime_b250m-d_firmwareh110m-p\/dvib150i_pro_gaming\/aura_firmwaresimatic_ipc647db150m-f_plus_firmwareh110m-ks_r1h110m-c\/ps_firmwareb150-proprime_h270-proex-h110m-v_firmwareex-b250m-v3rog_strix_z270g_gamingrog_maximus_ix_formula_firmwarerog_maximus_viii_gene_firmwareprime_z270-p_firmwareex-h110m-v3h110m-c2\/tf_firmwarez170-p_firmwareq270-sactive_management_technology_firmwaresimatic_ipc427e_firmwarez170m-plustrooper_h110_d3z170-deluxe_firmwaresimatic_ipc547d_firmwaresimatic_ipc847cprime_q270m-c_firmwaresimatic_ipc547dh170m-plus_firmwareb250_mining_expert_firmwarerog_strix_h270i_gamingrog_strix_z270h_gaming\/k1_firmwareprime_z370-pz170-e_firmwarerog_maximus_viii_extreme_firmwareb250_mining_expertb150m-a_d3simatic_ipc677dh110m-c2prime_b250m-a_firmwaresimatic_ipc627c_firmwareprime_b250m-plus\/br_firmwarez170-ah110m-k_firmwaretuf_z270_mark_1_firmwareb150_pro_gaming_d3q170m-c_firmwarez170_pro_gaming\/auraex-b250m-vh110m-a\/m.2_firmwareb150m-d_firmwarerog_strix_b250f_gaming_firmwareprime_z370-a_firmwaresinumerik_pcu50.5-crog_maximus_x_code_firmwarerog_maximus_viii_impactsimatic_ipc827d_firmwareprime_b250m-plus_firmwarez170-deluxeb150m-cprime_b250m-plush110m-cs_xb150-pro_d3_firmwareprime_b250-proz170-a_firmwareb150_pro_gaming_d3_firmwareb150-plusprime_z270-a_firmwareprime_z270-k_firmwareh110m-c\/hdmisimatic_itp1000_firmwareprime_b250-a_firmwareprime_b250-arog_maximus_viii_geneh110t-aex-b250m-v5_firmwaresimatic_ipc647c_firmwareb150-a_firmwaresimatic_ipc427drog_maximus_viii_impact_firmwareq170th110m-r_firmwareh110m-crog_maximus_ix_apex_firmwareprime_z270-ar_firmwarez170_pro_gaming\/aura_firmwareh110m-fprime_b250m-k_firmwareprime_b250m-j_firmwarerog_strix_z370-e_gamingprime_b250m-c_firmwarerog_strix_z270i_gaming_firmwareprime_b250m-ah110m-p\/dvi_firmwareb150m-a_firmwareh170-plus_d3h110m-c\/brrog_strix_b250g_gamingb250-srog_maximus_ix_extreme_firmwareprime_z270m-plusb150_pro_gaming_firmwareex-b150-v7prime_j3355i-c_firmwareb150m-c_d3_firmwaresimatic_ipc427eprime_b250-pro_firmwareh110tq170m2\/cdm\/sib150m-a\/m.2z170_pro_gaming_firmwarerog_strix_z270e_gaming_firmwareb150m-c_firmwarerog_strix_z370-e_gaming_firmwareb150_pro_gaming\/auraq170m2prime_b250m-kprime_z370-aex-h110m-vh110m-dq170t_v2b150m-plus_firmwaresimatic_ipc647csinumerik_pcu50.5-c_firmwareb150m-a\/m.2_firmwareprime_h110m-p_firmwarez170-pro_firmwaresimatic_ipc847dh110m-k_d3z170-premiumex-b250m-v_firmwarerog_strix_z370-g_gaming_firmwareh110i-plussimatic_ipc477d_pro_firmwareb250m-f_plus_firmwarerog_maximus_viii_rangerh110m-plus_firmwareh110m-f_firmwareex-b150m-vtrooper_h110_d3_firmwarerog_maximus_x_apex_firmwarez170i_pro_gamingsimatic_field_pg_m5_firmwaretrooper_b150_d3simatic_ipc677d_firmwarerog_maximus_ix_apexh110m-a\/dpb150m-c\/brrog_strix_z370-i_gaming_firmwareh170-pro_firmwareb150i_pro_gaming\/wifi\/aura_firmwareh110m-erog_maximus_x_heroh110m-cs_firmwareh110m-cssimatic_field_pg_m4_firmwareh110m-cs_x_firmwareb150m-c_d3rog_maximus_viii_extremeh110s1_firmwaretuf_z270_mark_1z170m-plus\/br_firmwareex-b150m-v3prime_z270-pb150-plus_firmwareprime_z370-p_firmwareq170m2\/cdm\/si_firmwarerog_maximus_ix_formulatuf_z370-pro_gamingh170m-e_d3_firmwareb250m-c_prorog_strix_b250i_gamingrog_strix_z370-h_gamingprime_z270m-plus\/brh110m-ks_firmwareb250-mr_firmwareq170m-cm-b_firmwaresimatic_ipc477e_firmwarerog_strix_h270f_gamingrog_strix_z370-f_gaming_firmwareh110s1prime_h270m-plusz170-p_d3prime_b250m-cz170i_pro_gaming_firmwarerog_maximus_viii_heroh110m-tssimatic_ipc477d_propio-b250i_firmwareq170t_v2_firmwareprime_h270m-plus_firmwareb150m-c\/br_firmwareq170m-crog_maximus_x_codetuf_z370-plus_gamingb250-mrh170-prosimatic_ipc547erog_maximus_viii_formula_firmwareb250m-c_pro_firmwarerog_strix_h270f_gaming_firmwareh170-pro\/usb_3.1z170-p_d3_firmwarerog_maximus_x_apexpio-b250ib150m_pro_gaming_firmwarez170m-plus_firmwaresimatic_ipc547e_firmwaresimatic_ipc827dh110m-c\/psh110m-k_d3_firmwarerog_maximus_viii_hero_alphasimatic_field_pg_m5b150i_pro_gaming\/wifi\/aurarog_strix_z270h_gaming_firmwarerog_maximus_ix_code_firmwareprime_h270-pro_firmwareb150m_pro_gamingh110m-c2\/tfq270m-cm-a_firmwareh110m-c2_firmwarerog_strix_z270e_gamingtuf_z270_mark_2_firmwaresimatic_ipc677c_firmwareprime_b250m-plus\/brq270-s_firmwareh110t_firmwareex-b250m-v3_firmwarez170-ph110m-e\/m.2z170-arh110m-k_xsinumerik_pcu50.5-pb250-s_firmwareprime_z270-asimotion_p320-4s_firmwareprime_b250-plusprime_h270-plussimatic_ipc847d_firmwareh170m-plus\/br_firmwarez170_pro_gamingsimatic_ipc827c_firmwareActive Management Technology
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-33090
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.44%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 18:57
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissionsin the software installer for the Intel(R) NUC HDMI Firmware Update Tool for NUC10i3FN, NUC10i5FN, NUC10i7FN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc10i5fnnuc10i3fnnuc_hdmi_firmware_update_toolnuc10i7fnIntel(R) NUC HDMI Firmware Update Tool for NUC10i3FN, NUC10i5FN, NUC10i7FN
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-46689
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.14% / 34.02%
||
7 Day CHG+0.06%
Published-16 May, 2024 | 20:47
Updated-28 Aug, 2025 | 01:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper neutralization in Intel(R) Power Gadget software for macOS all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationApple Inc.
Product-power_gadgetmacosIntel(R) Power Gadget software for macOSpower_gadget_software
CWE ID-CWE-707
Improper Neutralization
CVE-2021-33088
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.44%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 18:36
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the installer for the Intel(R) NUC M15 Laptop Kit Integrated Sensor Hub driver pack before version 5.4.1.4449 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_m15_laptop_kit_integrated_sensor_hub_driver_packnuc_m15_laptop_kit_lapbc710nuc_m15_laptop_kit_lapbc510Intel(R) NUC M15 Laptop Kit Integrated Sensor Hub driver pack
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-45320
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 26.46%
||
7 Day CHG+0.04%
Published-16 May, 2024 | 20:47
Updated-28 Aug, 2025 | 01:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-vtune_profilerIntel(R) VTune(TM) Profiler softwarevtune_profiler
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-12377
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:55
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hns2600bpb24rr1304wftysrr2208wf0zsrr1208wftysr2208wftzsrr1304wf0ysr2312wf0nprhns2600bpbr1304wftyshns2600bpqr2224wfqzsr1000wfhns2600bpblc24rs2600bpqrhns2600bpbrs2600stqhns2600bpblcr2308wftzshns2600bpsrr1208wftysrr2208wf0zsr2208wftzsr2312wf0npr1208wfqysrr2224wftzsrr2208wfqzsrs2600stbr2224wftzsr2312wftzsrr2308wftzsrs2600wf0bmc_firmwarehns2600bps24rhns2600bpqrs2600wfqr2208wfqzshns2600bpshns2600bpq24rhns2600bpb24hns2600bps24r1304wf0ysrhns2600bpq24s2600wfts2600bpbrhns2600bpblc24s2600bpsrr2312wfqzsr2312wftzsIntel(R) Server Boards, Server Systems and Compute Modules
CWE ID-CWE-20
Improper Input Validation
CVE-2020-12324
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:24
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Protection mechanism failure in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-thunderbolt_dch_driverIntel(R) Thunderbolt(TM) DCH drivers for Windows*
CVE-2020-12360
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.17% / 39.18%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 18:53
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aNetApp, Inc.Intel CorporationSiemens AG
Product-xeon_platinum_8153xeon_e3-1230_v5xeon_e3-1558l_v5xeon_w-3245mxeon_e5-4610_v4xeon_e7-8894_v4xeon_gold_6146xeon_e5-2660_v3core_i7-1068ng7e-series_bioscore_i7-1160g7xeon_e5-1680_v3xeon_d-1527xeon_e5-2697_v4xeon_gold_5115xeon_platinum_8170xeon_gold_6136xeon_w-2125core_i9-10940xxeon_e5-4610_v3xeon_e5-4650_v4xeon_e7-8880_v4xeon_gold_6138xeon_e5-1660_v4simatic_ipc547g_firmwarexeon_e7-8891_v4xeon_platinum_8164xeon_e-2226gxeon_e3-1280_v5xeon_gold_6234xeon_e5-2699r_v4xeon_w-2255xeon_d-1518core_i7-11700core_i7-6822eqcore_i7-6700texeon_e3-1501l_v6xeon_gold_6262vcore_i7-11370hxeon_e5-2683_v4xeon_platinum_8168core_i7-7600uxeon_e5-2608l_v4xeon_e5-2640_v3xeon_e-2224xeon_gold_5218xeon_e5-1620_v4core_i7-11850hxeon_d-1567simatic_cpu_1518f-4_firmwarexeon_e5-2630l_v3xeon_e3-1505l_v6xeon_e-2278gexeon_e5-1607_v3xeon_e5-4640_v4xeon_gold_5117xeon_gold_5122xeon_w-2245xeon_d-1587xeon_e5-2699_v3xeon_d-2191xeon_gold_6248rcore_i7-7820hkxeon_e5-2689_v4xeon_e7-8870_v4xeon_w-1290tcore_i5-l16g7xeon_gold_6240core_i7-6970hqxeon_gold_6262xeon_platinum_8156xeon_e-2136core_i7-10510ucore_i7-1060g7xeon_w-2265xeon_e5-2667_v4xeon_platinum_8274xeon_w-10855mxeon_gold_6126fxeon_d-1539xeon_e3-1535m_v5xeon_e5-1680_v4core_i7-7700xeon_gold_5220rxeon_d-2146ntxeon_e3-1268l_v5xeon_platinum_8160fxeon_e5-2658_v3xeon_e5-4660_v4core_i7-8750hxeon_e3-1501m_v6xeon_gold_6250lxeon_gold_6210uxeon_d-2187ntxeon_platinum_8160mcore_i7-10700fxeon_d-2166ntxeon_e3-1270_v6xeon_e-2286mxeon_e3-1505m_v5core_i7-10750hxeon_silver_4216xeon_gold_6230xeon_platinum_8253xeon_e5-2630l_v4xeon_w-2195xeon_e5-4667_v4xeon_e5-2628l_v4xeon_e-2276gxeon_e5-2685_v3xeon_w-1390xeon_e-2186gxeon_d-2183itxeon_silver_4116txeon_e-2174gxeon_e5-2630_v4xeon_d-1622core_i7-8809gxeon_e5-4667_v3xeon_platinum_8160hcore_i7-8700bxeon_e5-2643_v3xeon_d-2145ntxeon_d-1581xeon_e5-1650_v4xeon_gold_6238xeon_e5-2630_v3xeon_w-1250pxeon_silver_4208xeon_e3-1585_v5xeon_w-2104xeon_e5-2623_v4core_i7-6560uxeon_w-2123xeon_gold_5220sxeon_w-3275mxeon_platinum_9282xeon_e5-2683_v3core_i7-10700exeon_silver_4108xeon_gold_6130txeon_silver_4210core_i7-11700kfcloud_backupcore_i7-10870hxeon_e7-8867_v4xeon_bronze_3106xeon_w-2102xeon_e-2274gcore_i7-10700kxeon_e-2278gelxeon_d-1540xeon_e3-1280_v6hci_compute_node_biosxeon_e5-2698_v4xeon_platinum_8160tcore_i7-11700kxeon_d-1528xeon_silver_4214rcore_i7-6500uxeon_e5-2697_v3xeon_e5-4627_v4xeon_e-2124core_i7-10710uxeon_d-2141icore_i7-10700kfxeon_d-1541xeon_e5-2660_v4xeon_e7-4830_v4xeon_w-1250texeon_platinum_8268xeon_platinum_8176mxeon_e-2276mecore_i7-8565uxeon_gold_5222xeon_e5-2687w_v4xeon_e5-1603_v3core_i7-7560uxeon_gold_5117fxeon_e3-1535m_v6xeon_d-1548xeon_d-1649nxeon_d-1529xeon_platinum_9221xeon_e3-1220_v5xeon_platinum_8160xeon_e5-2428l_v3core_i7-6700hqxeon_e7-4809_v4xeon_e5-4648_v3xeon_gold_6122xeon_silver_4123xeon_gold_6148fxeon_gold_6132biosxeon_e5-2618l_v4xeon_w-2155xeon_gold_6137core_i7-7500ucore_i7-8550uxeon_e-2224gxeon_w-2135xeon_d-1623nxeon_w-2145xeon_e-2226gecore_i7-6650uxeon_gold_6142core_i7-10610ucore_i7-8500ycore_i7-7567uxeon_silver_4214xeon_w-1390pxeon_d-2161ixeon_silver_4210rxeon_d-1632core_i7-7820hqxeon_e3-1585l_v5xeon_e5-2620_v3xeon_e5-2670_v3xeon_gold_5218bxeon_e5-2648l_v3xeon_gold_6142mxeon_e5-2609_v3xeon_e3-1275_v5xeon_e5-2438l_v3xeon_e3-1240_v5xeon_e5-2650_v3xeon_gold_6222core_i7-6567uxeon_e5-2648l_v4xeon_e5-4620_v4xeon_e7-8855_v4xeon_d-1513nxeon_d-1537xeon_e3-1515m_v5xeon_w-1290texeon_e3-1225_v5xeon_gold_6209uxeon_silver_4112xeon_d-1559xeon_w-3223xeon_gold_5120txeon_w-3175xxeon_gold_6134xeon_gold_6162xeon_e5-2628l_v3xeon_e-2254mexeon_w-3235core_i7-7y75xeon_e5-4669_v3xeon_w-2225xeon_gold_6130hxeon_w-2133core_i7-6700xeon_d-1557xeon_e5-4627_v3xeon_e7-4850_v4xeon_gold_6148xeon_e3-1505m_v6xeon_gold_6144xeon_gold_6140msimatic_cpu_1518f-4xeon_gold_5220txeon_platinum_8276lxeon_w-2223xeon_e5-2679_v4core_i7-7700kcore_i7-8705gxeon_e-2276mcore_i7-8665uxeon_gold_6129xeon_platinum_9222xeon_gold_6230tcore_i7-7660ucore_i7-6600ucore_i7-8706gxeon_gold_6126tcore_i7-11700fxeon_platinum_8165xeon_w-3225xeon_gold_6135xeon_e3-1565l_v5xeon_e-2236xeon_w-1370core_i7-10850hxeon_e5-1603_v4core_i7-1185grexeon_e5-2408l_v3core_i7-11375hxeon_e3-1240_v6xeon_d-1573ncore_i7-8700core_i7-7700tcore_i7-10700txeon_e5-1630_v4xeon_e5-4660_v3xeon_gold_6246core_i7-8086kxeon_w-2295core_i7-6770hqcore_i7-8700kxeon_e5-2603_v3fas_biosxeon_e-2134xeon_e5-2667_v3xeon_gold_5215xeon_e5-4655_v3xeon_d-2143itxeon_d-2163itxeon_e5-2699_v4xeon_e3-1285_v6xeon_w-1390tsimatic_cpu_1518-4xeon_w-1270xeon_e3-1225_v6xeon_platinum_8284xeon_silver_4109tcore_i7-10510yxeon_e3-1240l_v5xeon_e5-2690_v3xeon_e5-4655_v4xeon_gold_5215lxeon_silver_4215rxeon_e5-2658_v4xeon_gold_6138fcore_i7-11800hxeon_e5-1630_v3xeon_silver_4210txeon_e5-2680_v3xeon_gold_6212uxeon_e3-1205_v6core_i7-7700hqxeon_w-1270texeon_silver_4114xeon_e5-2698_v3core_i7-6498duxeon_e3-1245_v5core_i7-6870hqxeon_gold_6258rxeon_bronze_3104xeon_d-1571xeon_gold_6240lxeon_gold_6238lxeon_e5-2637_v3xeon_e5-1620_v3xeon_gold_6250xeon_d-2173itcore_i7-11700txeon_w-11855mxeon_d-2123itxeon_gold_5219yxeon_e-2246gxeon_w-3265mxeon_d-1627xeon_e5-2637_v4xeon_e5-2687w_v3xeon_d-1602xeon_e7-8890_v4xeon_e5-2680_v4xeon_gold_5218txeon_e5-2697a_v4xeon_gold_6150xeon_gold_6140xeon_e5-2690_v4xeon_e5-2609_v4core_i7-7920hqxeon_platinum_8174xeon_d-1612xeon_e-2254mlxeon_e3-1545m_v5core_i7-10700core_i9-10920xxeon_e3-1578l_v5core_i7-6660uxeon_e3-1270_v5xeon_gold_6126xeon_e3-1260l_v5xeon_w-1250exeon_e5-2643_v4xeon_d-1563nxeon_e5-2699a_v4simatic_cpu_1518-4_firmwarecore_i7-10875hxeon_e-2276mlxeon_e-2244gxeon_e-2176gxeon_gold_6142fcore_i3-l13g4core_i7-8709gxeon_e5-4650_v3xeon_e5-2650l_v4xeon_gold_6130xeon_e-2104gxeon_platinum_8260core_i7-8557usimatic_ipc547gcore_i7-8700txeon_platinum_9242core_i7-6820hqxeon_platinum_8280lxeon_silver_4110core_i7-8650uxeon_bronze_3204xeon_gold_5119tcore_i7-1180g7core_i7-6700tcore_i7-6920hqxeon_gold_6246rxeon_e3-1230_v6xeon_gold_5217xeon_gold_6230nxeon_gold_6143xeon_w-3265xeon_gold_5218nxeon_e5-2620_v4xeon_gold_6138txeon_w-3245xeon_gold_5120core_i7-1185g7core_i7-1195g7xeon_e-2124gcore_i7-1165g7xeon_e5-2618l_v3xeon_d-1523nxeon_e5-2608l_v3core_i7-10700texeon_e-2288gxeon_d-1653nxeon_gold_5220xeon_e-2234xeon_d-1577xeon_d-1637xeon_gold_6254xeon_gold_6269yxeon_silver_4114tcore_i7-6700kxeon_gold_6240yxeon_e5-4669_v4aff_biosxeon_gold_6154xeon_w-1250xeon_e5-2640_v4hci_storage_node_biosxeon_gold_6208uxeon_e7-8893_v4xeon_w-1290exeon_e5-1650_v3xeon_w-3275core_i7-11700bxeon_d-1553nxeon_e-2126gxeon_silver_4209txeon_e5-4620_v3xeon_silver_4116xeon_w-1270exeon_d-1633ncore_i7-7820eqxeon_gold_6252nxeon_e7-4820_v4xeon_gold_6244xeon_e5-2695_v3xeon_gold_6248xeon_e3-1220_v6xeon_w-1370pxeon_platinum_8280xeon_e-2186mxeon_e5-1660_v3xeon_d-1520xeon_e-2176mcore_i7-6785rcore_i7-6820hkxeon_platinum_8256xeon_gold_6152core_i7-1060ng7xeon_e5-2623_v3xeon_platinum_8158xeon_e5-2658a_v3xeon_e5-2418l_v3xeon_w-1290pxeon_e-2286gxeon_gold_6222vxeon_platinum_8176xeon_gold_6242xeon_e3-1275_v6xeon_d-1531core_i7-10810uxeon_e3-1575m_v5xeon_e-2278gxeon_e5-2650_v4xeon_platinum_8260yxeon_e3-1505l_v5xeon_platinum_8270xeon_d-1533nxeon_gold_6242rxeon_e3-1245_v6xeon_gold_6128xeon_silver_4215xeon_d-2142itxeon_platinum_8180mcore_i7-8850hxeon_gold_5118xeon_w-2235xeon_e5-2695_v4xeon_gold_6130fxeon_w-11955mcore_i7-6820eqxeon_gold_6134mcore_i9-10900xxeon_platinum_8276xeon_gold_6238txeon_e3-1235l_v5xeon_silver_4214yxeon_e5-2603_v4core_i9-10980xexeon_e5-4628l_v4xeon_e7-8860_v4xeon_w-1350xeon_silver_4106hxeon_gold_6138pcore_i7-8665uexeon_w-1290xeon_platinum_8176fxeon_d-1524nsolidfire_biosxeon_gold_6240rxeon_w-10885mxeon_w-2275xeon_d-1543nxeon_gold_6226xeon_e-2144gxeon_gold_6256xeon_d-1521xeon_w-1350pxeon_gold_6230rcore_i7-8569uxeon_gold_6252xeon_e5-4640_v3core_i7-1185g7exeon_gold_5218rxeon_gold_6226rxeon_bronze_3206rxeon_e5-1607_v4core_i7-1065g7xeon_platinum_8260lxeon_e5-1428l_v3core_i7-8559uxeon_platinum_8170mxeon_e-2146gxeon_platinum_8180xeon_d-2177ntxeon_e5-2650l_v3xeon_w-2175Intel(R) Processors
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-12336
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:15
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_board_h27002-404nuc_8_mainstream-g_kit_nuc8i7inhnuc_8_pro_kit_nuc8i3pnknuc_8_pro_board_nuc8i3pnbnuc_8_pro_kit_nuc8i3pnhnuc_kit_h26998-402nuc_board_h27002-400nuc_8_mainstream-g_mini_pc_nuc8i7inhnuc_board_nuc8cchbnuc_8_pro_mini_pc_nuc8i3pnknuc_kit_h26998-405_firmwarenuc_8_mainstream-g_mini_pc_nuc8i5inhnuc_8_mainstream-g_kit_nuc8i7inh_firmwarenuc_kit_h26998-500_firmwarenuc_kit_h26998-402_firmwarenuc_8_pro_board_nuc8i3pnb_firmwarenuc_8_rugged_kit_nuc8cchkrnuc_board_h27002-404_firmwarenuc_8_mainstream-g_kit_nuc8i5inh_firmwarenuc_8_mainstream-g_kit_nuc8i5inhnuc_board_nuc8cchb_firmwarenuc_kit_h26998-500nuc_kit_h26998-404nuc_board_h27002-500_firmwarenuc_8_rugged_kit_nuc8cchkr_firmwarenuc_board_h27002-400_firmwarenuc_board_h27002-402_firmwarenuc_kit_h26998-403_firmwarenuc_kit_h26998-403nuc_board_h27002-402nuc_kit_h26998-401nuc_kit_h26998-405nuc_8_pro_mini_pc_nuc8i3pnk_firmwarenuc_8_mainstream-g_mini_pc_nuc8i5inh_firmwarenuc_board_h27002-401_firmwarenuc_8_pro_kit_nuc8i3pnh_firmwarenuc_board_h27002-401nuc_kit_h26998-401_firmwarenuc_board_h27002-500nuc_9_pro_kit_nuc9v7qnxnuc_9_pro_kit_nuc9vxqnx_firmwarenuc_9_pro_kit_nuc9vxqnxnuc_9_pro_kit_nuc9v7qnx_firmwarenuc_8_mainstream-g_mini_pc_nuc8i7inh_firmwarenuc_8_pro_kit_nuc8i3pnk_firmwarenuc_kit_h26998-404_firmwareIntel(R) NUCs
CWE ID-CWE-1188
Initialization of a Resource with an Insecure Default
CVE-2020-12318
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:11
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Protection mechanism failure in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wireless-ac_9461wireless-ac_9560wi-fi_6_ax201dual_band_wireless-ac_3165dual_band_wireless-ac_8260wireless-ac_9260dual_band_wireless-ac_3168wireless_7265_\(rev_d\)wi-fi_6_ax200wireless-ac_9462dual_band_wireless-ac_8265proset\/wireless_wifiIntel(R) PROSet/Wireless WiFi
CVE-2020-12345
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.29% / 51.88%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:55
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managerIntel(R) Data Center Manager Console
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2020-12331
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:17
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access controls in Intel Unite(R) Cloud Service client before version 4.2.12212 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-unite_cloud_service_clientIntel Unite(R) Cloud Service client
CVE-2020-12334
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.92%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:17
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Intel(R) Advisor tools before version 2020 Update 2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-advisor_toolsIntel(R) Advisor tools
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2020-12320
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.18%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:15
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in Intel(R) SCS Add-on for Microsoft* SCCM before version 2.1.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-scs_add-on_for_microsoft_sccmIntel(R) SCS Add-on for Microsoft* SCCM
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-12307
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.92%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:13
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in some Intel(R) High Definition Audio drivers before version 9.21.00.4561 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-high_definition_audio_driverIntel(R) High Definition Audio drivers
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-12354
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.98%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:07
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in Windows(R) installer in Intel(R) AMT SDK versions before 14.0.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_software_development_kitIntel(R) AMT SDK
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-12369
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:50
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write in some Intel(R) Graphics Drivers before version 26.20.100.8336 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) Graphics Drivers
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-12330
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.92%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:16
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Intel(R) Falcon 8+ UAS AscTec Thermal Viewer, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-falcon_8\+_uas_asctec_thermal_viewerfalcon_8\+_uas_asctec_thermal_viewer_firmwareall versions
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2020-12385
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:50
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) Graphics Drivers
CWE ID-CWE-20
Improper Input Validation
CVE-2020-12380
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:55
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hns2600bpb24rr1304wftysrr2208wf0zsrr1208wftysr2208wftzsrr1304wf0ysr2312wf0nprhns2600bpbr1304wftyshns2600bpqr2224wfqzsr1000wfhns2600bpblc24rs2600bpqrhns2600bpbrs2600stqhns2600bpblcr2308wftzshns2600bpsrr1208wftysrr2208wf0zsr2208wftzsr2312wf0npr1208wfqysrr2224wftzsrr2208wfqzsrs2600stbr2224wftzsr2312wftzsrr2308wftzsrs2600wf0bmc_firmwarehns2600bps24rhns2600bpqrs2600wfqr2208wfqzshns2600bpshns2600bpq24rhns2600bpb24hns2600bps24r1304wf0ysrhns2600bpq24s2600wfts2600bpbrhns2600bpblc24s2600bpsrr2312wfqzsr2312wftzsIntel(R) Server Boards, Server Systems and Compute Modules
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-12333
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.81%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:17
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficiently protected credentials in the Intel(R) QAT for Linux before version 1.7.l.4.10.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT for Linux
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2020-12384
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:52
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) Graphics Drivers before version 26.20.100.8476 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) Graphics Drivers
CVE-2020-12297
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:05
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in Installer for Intel(R) CSME Driver for Windows versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_and_manageability_enginetrusted_execution_technologyIntel(R) CSME, Intel TXE
CVE-2020-12304
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.29%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:05
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in Installer for Intel(R) DAL SDK before version 2.1 for Windows may allow an authenticated user to potentially enable escalation of privileges via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-windowsdynamic_application_loader_software_developement_kitIntel(R) DAL SDK
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 10
  • 11
  • Next
Details not found