Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-38102

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-11 Aug, 2023 | 02:36
Updated At-13 Feb, 2025 | 16:32
Rejected At-
Credits

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:11 Aug, 2023 | 02:36
Updated At:13 Feb, 2025 | 16:32
Rejected At:
▼CVE Numbering Authority (CNA)

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.

Affected Products
Vendor
n/a
Product
Intel(R) Converged Security and Management Engine
Default Status
unaffected
Versions
Affected
  • before versions 15.0.45, and 16.1.27
Problem Types
TypeCWE IDDescription
N/AN/Adenial of service
CWECWE-20Improper Input validation
Type: N/A
CWE ID: N/A
Description: denial of service
Type: CWE
CWE ID: CWE-20
Description: Improper Input validation
Metrics
VersionBase scoreBase severityVector
3.17.2HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html
N/A
https://security.netapp.com/advisory/ntap-20230824-0002/
N/A
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html
Resource: N/A
Hyperlink: https://security.netapp.com/advisory/ntap-20230824-0002/
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html
x_transferred
https://security.netapp.com/advisory/ntap-20230824-0002/
x_transferred
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html
Resource:
x_transferred
Hyperlink: https://security.netapp.com/advisory/ntap-20230824-0002/
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:11 Aug, 2023 | 03:15
Updated At:07 Nov, 2023 | 03:50

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.14.4MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Secondary3.17.2HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H
Type: Primary
Version: 3.1
Base score: 4.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H
CPE Matches
Intel Corporation
intel
>>converged_security_management_engine_firmware>>Versions before 16.1.27(exclusive)
cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>b660>>-
cpe:2.3:h:intel:b660:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>h610>>-
cpe:2.3:h:intel:h610:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>h610e>>-
cpe:2.3:h:intel:h610e:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>h670>>-
cpe:2.3:h:intel:h670:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>hm670>>-
cpe:2.3:h:intel:hm670:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>q670>>-
cpe:2.3:h:intel:q670:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>q670e>>-
cpe:2.3:h:intel:q670e:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>r680e>>-
cpe:2.3:h:intel:r680e:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>w680>>-
cpe:2.3:h:intel:w680:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>wm690>>-
cpe:2.3:h:intel:wm690:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>z690>>-
cpe:2.3:h:intel:z690:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>converged_security_management_engine_firmware>>Versions before 15.0.45(exclusive)
cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>atom_x6200fe>>-
cpe:2.3:h:intel:atom_x6200fe:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>atom_x6211e>>-
cpe:2.3:h:intel:atom_x6211e:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>atom_x6212re>>-
cpe:2.3:h:intel:atom_x6212re:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>atom_x6214re>>-
cpe:2.3:h:intel:atom_x6214re:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>atom_x6413e>>-
cpe:2.3:h:intel:atom_x6413e:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>atom_x6414re>>-
cpe:2.3:h:intel:atom_x6414re:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>atom_x6416re>>-
cpe:2.3:h:intel:atom_x6416re:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>atom_x6425e>>-
cpe:2.3:h:intel:atom_x6425e:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>atom_x6425re>>-
cpe:2.3:h:intel:atom_x6425re:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>atom_x6427fe>>-
cpe:2.3:h:intel:atom_x6427fe:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>b560>>-
cpe:2.3:h:intel:b560:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>c252>>-
cpe:2.3:h:intel:c252:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>c256>>-
cpe:2.3:h:intel:c256:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_j1750>>-
cpe:2.3:h:intel:celeron_j1750:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_j1800>>-
cpe:2.3:h:intel:celeron_j1800:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_j1850>>-
cpe:2.3:h:intel:celeron_j1850:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_j1900>>-
cpe:2.3:h:intel:celeron_j1900:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_j3060>>-
cpe:2.3:h:intel:celeron_j3060:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_j3160>>-
cpe:2.3:h:intel:celeron_j3160:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_j3355>>-
cpe:2.3:h:intel:celeron_j3355:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_j3355e>>-
cpe:2.3:h:intel:celeron_j3355e:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_j3455>>-
cpe:2.3:h:intel:celeron_j3455:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_j3455e>>-
cpe:2.3:h:intel:celeron_j3455e:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_j4005>>-
cpe:2.3:h:intel:celeron_j4005:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_j4025>>-
cpe:2.3:h:intel:celeron_j4025:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_j4105>>-
cpe:2.3:h:intel:celeron_j4105:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_j4125>>-
cpe:2.3:h:intel:celeron_j4125:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_j6412>>-
cpe:2.3:h:intel:celeron_j6412:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_j6413>>-
cpe:2.3:h:intel:celeron_j6413:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_n2805>>-
cpe:2.3:h:intel:celeron_n2805:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_n2806>>-
cpe:2.3:h:intel:celeron_n2806:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_n2807>>-
cpe:2.3:h:intel:celeron_n2807:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_n2808>>-
cpe:2.3:h:intel:celeron_n2808:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_n2810>>-
cpe:2.3:h:intel:celeron_n2810:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_n2815>>-
cpe:2.3:h:intel:celeron_n2815:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_n2820>>-
cpe:2.3:h:intel:celeron_n2820:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>celeron_n2830>>-
cpe:2.3:h:intel:celeron_n2830:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE-20Secondarysecure@intel.com
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-20
Type: Secondary
Source: secure@intel.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.htmlsecure@intel.com
Vendor Advisory
https://security.netapp.com/advisory/ntap-20230824-0002/secure@intel.com
N/A
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html
Source: secure@intel.com
Resource:
Vendor Advisory
Hyperlink: https://security.netapp.com/advisory/ntap-20230824-0002/
Source: secure@intel.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

335Records found
CVE-2020-24493
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.06% / 17.50%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:40
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient access control in the firmware for the Intel(R) 700-series of Ethernet Controllers before version 8.0 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_adapter_x710-da2_for_ocp_3.0ethernet_network_adapter_x710-t4ethernet_network_adapter_xl710-qda1ethernet_network_adapter_xxv710-da2tethernet_network_adapter_xl710-qda2_for_open_compute_projectethernet_network_adapter_xl710-bm1ethernet_network_adapter_x710-am2ethernet_network_adapter_x710-t2lethernet_network_adapter_xxv710-da1_for_ocpethernet_network_adapter_x722-da2ethernet_network_adapter_xxv710-am2ethernet_network_adapter_v710-at2ethernet_network_adapter_x710-tm4ethernet_network_adapter_xxv710-dax_for_ocpethernet_network_adapter_x722-da4ethernet_network_adapter_x710-da4_for_ocp_3.0ethernet_network_adapter_x710-da2ethernet_network_adapter_x710-da2_for_ocpethernet_network_adapter_x710-da4ethernet_network_adapter_x710-bm2ethernet_network_adapter_xl710-am1ethernet_network_adapter_xxv710-da1ethernet_network_adapter_x710-t2l_for_ocp_3.0ethernet_network_adapter_xl710-am2ethernet_network_adapter_xl710-qda1_for_open_compute_projectethernet_network_adapter_xxv710-da2ethernet_network_adapter_x710-t4lethernet_network_adapter_700_firmwareethernet_network_adapter_x710-at2ethernet_network_adapter_xlk710-qda2ethernet_network_adapter_xxv710-am1ethernet_network_adapter_xl710-bm2ethernet_network_adapter_x710-t4l_for_ocp_3.0Intel(R) 700-series of Ethernet Controllers
CVE-2020-24498
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.06% / 20.17%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:41
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_adapter_e810-cqda1_for_ocp_3.0ethernet_network_adapter_e810-cqda1_for_ocpethernet_network_adapter_e810-cqda2ethernet_network_adapter_e810-xxvda2ethernet_network_adapter_e810-xxvda2_for_ocpethernet_network_adapter_e810-xxvda4ethernet_network_adapter_e810-cqda1ethernet_network_adapter_e810-xxvda2_for_ocp_3.0ethernet_network_adapter_e810_firmwareethernet_network_adapter_e810-cqda2_for_ocp_3.0Intel(R) E810 Ethernet Controllers
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-24500
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.06% / 20.17%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:43
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable a denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_adapter_e810-cqda1_for_ocp_3.0ethernet_network_adapter_e810-cqda1_for_ocpethernet_network_adapter_e810-cqda2ethernet_network_adapter_e810-xxvda2ethernet_network_adapter_e810-xxvda2_for_ocpethernet_network_adapter_e810-xxvda4ethernet_network_adapter_e810-cqda1ethernet_network_adapter_e810-xxvda2_for_ocp_3.0ethernet_network_adapter_e810_firmwareethernet_network_adapter_e810-cqda2_for_ocp_3.0Intel(R) E810 Ethernet Controllers
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-24492
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.06% / 17.50%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:39
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient access control in the firmware for the Intel(R) 722 Ethernet Controllers before version 1.5 may allow a privileged user to potentially enable a denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_adapter_x722-da2_firmwareethernet_network_adapter_x722-da4_firmwareethernet_network_adapter_x722-da2ethernet_network_adapter_x722-da4Intel(R) 722 Ethernet Controllers
CVE-2020-0522
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.06% / 17.50%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:57
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper initialization in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_i210-atethernet_controller_i210-csethernet_controller_i210-clethernet_controller_i210-isethernet_controller_i210-itethernet_controller_i210_firmwareIntel(R) Ethernet I210 Controller series of network adapters
CWE ID-CWE-665
Improper Initialization
CVE-2020-0525
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.06% / 17.50%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:58
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_i210-atethernet_controller_i210-csethernet_controller_i210-clethernet_controller_i210-isethernet_controller_i210-itethernet_controller_i210_firmwareIntel(R) Ethernet I210 Controller series of network adapters
CVE-2020-0523
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.06% / 17.50%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:57
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may potentially allow a privileged user to enable a denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_i210-atethernet_controller_i210-csethernet_controller_i210-clethernet_controller_i210-isethernet_controller_i210-itethernet_controller_i210_firmwareIntel(R) Ethernet I210 Controller series of network adapters
CVE-2020-0507
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 15.47%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 17:41
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted service path in Intel(R) Graphics Drivers before versions 15.33.49.5100, 15.36.38.5117, 15.40.44.5107, 15.45.30.5103, and 26.20.100.7212 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-Intel Corporation
Product-graphics_driverIntel(R) Graphics Drivers
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-32285
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6||MEDIUM
EPSS-0.03% / 10.22%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-01 Oct, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc7i5bnknuc_board_nuc7i3bnhx1nuc_kit_nuc7i5bnkp_firmwarenuc_kit_nuc7i3bnhx1_firmwarenuc_board_nuc7i5bnk_firmwarenuc_mini_pc_nuc7i5bnkpnuc_mini_pc_nuc7i5bnh_firmwarenuc_enthusiast_nuc7i3bnhx1nuc_kit_nuc7i5bnbnuc_kit_nuc7i3bnhxfnuc_kit_nuc7i5bnhnuc_board_nuc7i3bnk_firmwarenuc_mini_pc_nuc7i7bnh_firmwarenuc_enthusiast_nuc7i5bnhxf_firmwarenuc_board_nuc7i5bnbnuc_kit_nuc7i3bnknuc_board_nuc7i3bnb_firmwarenuc_enthusiast_nuc7i5bnkpnuc_board_nuc7i5bnhnuc_enthusiast_nuc7i5bnkp_firmwarenuc_board_nuc7i7bnkq_firmwarenuc_enthusiast_nuc7i7bnh_firmwarenuc_kit_nuc7i7bnhnuc_board_nuc7i5bnh_firmwarenuc_kit_nuc7i3bnh_firmwarenuc_kit_nuc7i3bnhx1nuc_board_nuc7i5bnhx1_firmwarenuc_board_nuc7i7bnhx1nuc_board_nuc7i7bnb_firmwarenuc_board_nuc7i7bnhxg_firmwarenuc_mini_pc_nuc7i7bnkq_firmwarenuc_kit_nuc7i5bnh_firmwarenuc_enthusiast_nuc7i5bnh_firmwarenuc_board_nuc7i7bnhx1_firmwarenuc_mini_pc_nuc7i5bnbnuc_mini_pc_nuc7i7bnbnuc_enthusiast_nuc7i3bnhxf_firmwarenuc_kit_nuc7i5bnhxfnuc_enthusiast_nuc7i3bnh_firmwarenuc_mini_pc_nuc7i5bnhcompute_element_stk2mv64ccnuc_kit_nuc6cayh_firmwarenuc_kit_nuc7i7bnhxgnuc_board_nuc7i3bnhxfnuc_kit_nuc7i5bnhx1_firmwarenuc_board_nuc7i5bnhxfnuc_kit_nuc7i3bnk_firmwarenuc_kit_nuc7i7bnhx1nuc_enthusiast_nuc7i3bnhnuc_mini_pc_nuc7i3bnhnuc_enthusiast_nuc7i7bnbnuc_board_nuc7i5bnkp_firmwarenuc_enthusiast_nuc7i7bnhx1nuc_kit_nuc6cays_firmwarenuc_kit_nuc7i7bnkqnuc_mini_pc_nuc7i3bnk_firmwarenuc_kit_nuc7i7bnbnuc_kit_nuc7i5bnkpnuc_board_nuc7i7bnhnuc_kit_nuc7i3bnbnuc_mini_pc_nuc7i3bnbnuc_enthusiast_nuc7i3bnb_firmwarenuc_mini_pc_nuc7i7bnkqnuc_enthusiast_nuc7i7bnb_firmwarenuc_enthusiast_nuc7i7bnkqnuc_mini_pc_nuc7i5bnhxfnuc_kit_nuc7i3bnhxf_firmwarenuc_enthusiast_nuc7i5bnk_firmwarenuc_board_nuc7i3bnhnuc_enthusiast_nuc7i3bnbnuc_enthusiast_nuc7i7bnhxgnuc_enthusiast_nuc7i5bnhxfnuc_board_nuc7i3bnhx1_firmwarenuc_enthusiast_nuc7i7bnhxg_firmwarenuc_mini_pc_nuc7i3bnhxf_firmwarenuc_enthusiast_nuc7i5bnhx1nuc_mini_pc_nuc7i7bnhxgnuc_kit_nuc7i5bnhx1nuc_mini_pc_nuc7i3bnh_firmwarenuc_enthusiast_nuc7i5bnbnuc_board_nuc7i5bnkpnuc_enthusiast_nuc7i5bnb_firmwarecompute_element_stk2mv64cc_firmwarenuc_mini_pc_nuc7i3bnhx1nuc_board_nuc7i3bnh_firmwarenuc_kit_nuc7i3bnb_firmwarenuc_kit_nuc7i7bnb_firmwarenuc_board_nuc7i3bnhxf_firmwarenuc_mini_pc_nuc7i7bnhxg_firmwarenuc_mini_pc_nuc7i3bnhx1_firmwarenuc_enthusiast_nuc7i3bnk_firmwarenuc_mini_pc_nuc7i5bnhxf_firmwarenuc_enthusiast_nuc7i5bnhx1_firmwarenuc_kit_nuc6caysnuc_mini_pc_nuc7i5bnknuc_enthusiast_nuc7i5bnknuc_kit_nuc7i7bnh_firmwarenuc_mini_pc_nuc7i5bnhx1_firmwarenuc_mini_pc_nuc7i7bnb_firmwarenuc_mini_pc_nuc7i5bnkp_firmwarenuc_kit_nuc6cayhnuc_enthusiast_nuc7i3bnknuc_board_nuc7i3bnbnuc_board_nuc7i7bnhxgnuc_kit_nuc7i7bnhxg_firmwarenuc_board_nuc7i3bnknuc_kit_nuc7i5bnhxf_firmwarenuc_mini_pc_nuc7i7bnhx1nuc_kit_nuc7i5bnk_firmwarenuc_mini_pc_nuc7i5bnhx1nuc_mini_pc_nuc7i7bnhnuc_enthusiast_nuc7i5bnhnuc_enthusiast_nuc7i3bnhxfnuc_enthusiast_nuc7i7bnhx1_firmwarenuc_kit_nuc7i7bnhx1_firmwarenuc_enthusiast_nuc7i7bnkq_firmwarenuc_enthusiast_nuc7i3bnhx1_firmwarenuc_board_nuc7i7bnkqnuc_board_nuc7i7bnh_firmwarenuc_mini_pc_nuc7i3bnb_firmwarenuc_board_nuc7i5bnhx1nuc_kit_nuc7i7bnkq_firmwarenuc_mini_pc_nuc7i7bnhx1_firmwarenuc_board_nuc7i5bnhxf_firmwarenuc_board_nuc7i5bnb_firmwarenuc_mini_pc_nuc7i3bnhxfnuc_enthusiast_nuc7i7bnhnuc_mini_pc_nuc7i5bnb_firmwarenuc_mini_pc_nuc7i5bnk_firmwarenuc_mini_pc_nuc7i3bnknuc_board_nuc7i5bnknuc_kit_nuc7i5bnb_firmwarenuc_kit_nuc7i3bnhnuc_board_nuc7i7bnbIntel(R) NUC BIOS firmware
CWE ID-CWE-284
Improper Access Control
CVE-2020-0545
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.10% / 27.90%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 14:00
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0, SPS_E3_04.01.04.109.0, SPS_E3_04.08.04.070.0 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_platform_servicestrusted_execution_engineconverged_security_management_engine_firmwareIntel(R) CSME, Intel(R) TXE, and Intel(R) SPS
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14625
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 15.47%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 17:43
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in on-card storage for the Intel® FPGA Programmable Acceleration Card N3000, all versions, may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-Intel Corporation
Product-field_programmable_gate_array_programmable_acceleration_card_n3000_firmwarefield_programmable_gate_array_programmable_acceleration_card_n3000Intel(R) FPGA Programmable Acceleration Card N3000
CVE-2025-27243
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.76%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:25
Updated-17 Mar, 2026 | 15:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in the firmware for some Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_adapter_e810-xxvda2ethernet_network_adapter_e810-xxvda4ethernet_network_adapter_e810-xxvda4_for_ocp_3.0ethernet_network_adapter_e810-xxvda4tethernet_network_adapter_e810-xxvda2_for_ocp_3.0ethernet_network_adapter_e810-2cqda2ethernet_controllerethernet_network_adapter_e810-cqda2ethernet_network_adapter_e810-cqda1ethernet_network_adapter_e810-cqda2tethernet_network_adapter_e810-cqda1_for_ocp_3.0ethernet_network_adapter_e810-cqda2_for_ocp_3.0Intel(R) Ethernet Controller E810
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-24851
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6||MEDIUM
EPSS-0.02% / 4.76%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:25
Updated-17 Mar, 2026 | 15:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncaught exception in the firmware for some 100GbE Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_network_adapter_e810-xxvda2ethernet_network_adapter_e810-xxvda4ethernet_network_adapter_e810-xxvda4_for_ocp_3.0ethernet_network_adapter_e810-xxvda4tethernet_network_adapter_e810-xxvda2_for_ocp_3.0ethernet_network_adapter_e810-2cqda2ethernet_controllerethernet_network_adapter_e810-cqda2ethernet_network_adapter_e810-cqda1ethernet_network_adapter_e810-cqda2tethernet_network_adapter_e810-cqda1_for_ocp_3.0ethernet_network_adapter_e810-cqda2_for_ocp_3.0100GbE Intel(R) Ethernet Controller E810
CWE ID-CWE-248
Uncaught Exception
CVE-2023-30763
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 16.36%
||
7 Day CHG~0.00%
Published-12 May, 2023 | 14:01
Updated-24 Jan, 2025 | 15:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-battery_life_diagnostic_toolsoc_watchoneapi_base_toolkitIntel(R) SoC Watch based software
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-29243
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 12.11%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-04 Oct, 2024 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unchecked return value in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow a priviledged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-realsense_450_fa_firmwarerealsense_450_faIntel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA
CWE ID-CWE-252
Unchecked Return Value
CVE-2023-36860
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.6||HIGH
EPSS-0.22% / 44.79%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel CorporationApple Inc.Google LLCMicrosoft Corporation
Product-androidwindowsunison_softwareiphone_osIntel Unison software
CWE ID-CWE-20
Improper Input Validation
CVE-2023-34431
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.06% / 18.13%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:05
Updated-30 Aug, 2024 | 17:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) Server Board BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bps24compute_module_hns2600bpblc24rserver_board_s2600bpsserver_board_s2600bpqrcompute_module_hns2600bps_firmwarecompute_module_hns2600bpq24_firmwarecompute_module_hns2600bpq_firmwarecompute_module_hns2600bpblc24_firmwareserver_board_s2600bpqr_firmwareserver_system_vrn2224bphy6compute_module_hns2600bpq24r_firmwarecompute_module_hns2600bps24rcompute_module_hns2600bpbserver_board_s2600bpb_firmwarecompute_module_hns2600bpsrcompute_module_liquid-cooled_hns2600bpbrctserver_system_m70klp4s2uhhserver_system_vrn2224bphy6_firmwarecompute_module_hns2600bpblc_firmwarecompute_module_hns2600bpblcrcompute_module_hns2600bpbr_firmwareserver_system_m20ntp1ur304server_system_vrn2224bpaf6compute_module_hns2600bpqrcompute_module_hns2600bpbrserver_system_vrn2224bpaf6_firmwarecompute_module_hns2600bpb_firmwareserver_board_m20ntp2sbserver_board_m10jnp2sb_firmwareserver_board_s2600bpbrserver_system_m70klp4s2uhh_firmwareserver_board_m70klp2sbcompute_module_hns2600bps24_firmwarecompute_module_hns2600bps24r_firmwareserver_system_zsb2224bpaf2compute_module_hns2600bpsr_firmwarecompute_module_hns2600bpb24_firmwareserver_system_mcb2208wfaf5_firmwarecompute_module_liquid-cooled_hns2600bpbrct_firmwareserver_board_s2600bpbr_firmwarecompute_module_hns2600bpqcompute_module_hns2600bpblcr_firmwareserver_board_s2600bpbcompute_module_hns2600bpblc24server_system_zsb2224bphy1_firmwareserver_system_m20ntp1ur304_firmwareserver_board_m70klp2sb_firmwarecompute_module_hns2600bpblc24r_firmwareserver_board_s2600bpqserver_board_m10jnp2sbserver_system_zsb2224bpaf1server_board_s2600bpq_firmwarecompute_module_hns2600bpblcserver_system_zsb2224bpaf1_firmwareserver_board_s2600bpsrcompute_module_hns2600bpqr_firmwareserver_board_s2600bps_firmwarecompute_module_hns2600bpsserver_board_s2600bpsr_firmwarecompute_module_hns2600bpb24server_system_zsb2224bphy1server_system_zsb2224bpaf2_firmwarecompute_module_hns2600bpq24rcompute_module_hns2600bpq24server_board_m20ntp2sb_firmwareserver_system_mcb2208wfaf5Intel(R) Server Board BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-32617
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.04% / 12.73%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-02 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc7i5bnknuc_7_home_nuc7i3bnhxfnuc_board_nuc7i3bnbnuc_7_home_nuc7i3bnhxf_firmwarenuc_kit_nuc7i3bnhx1_firmwarenuc_kit_nuc7i5bnh_firmwarenuc_board_nuc8cchbnuc_kit_nuc7i5bnk_firmwarenuc_kit_nuc7i7bnhx1_firmwarecompute_stick_stk2mv64cc_firmwarenuc_7_enthusiast_nuc7i7bnkq_firmwarenuc_8_rugged_kit_nuc8cchkrn_firmwarenuc_8_rugged_kit_nuc8cchkrnuc_kit_nuc7i5bnhx1nuc_kit_nuc6cayh_firmwarenuc_7_home_nuc7i5bnkpnuc_7_enthusiast_nuc7i7bnhxg_firmwarenuc_kit_nuc7i5bnhx1_firmwarenuc_kit_nuc7i3bnk_firmwarenuc_kit_nuc7i7bnhx1nuc_board_nuc8cchb_firmwarenuc_7_home_nuc7i5bnhxfnuc_8_rugged_board_nuc8cchbn_firmwarenuc_kit_nuc7i5bnhnuc_8_rugged_kit_nuc8cchkr_firmwarenuc_board_nuc7i5bnbnuc_kit_nuc7i3bnknuc_kit_nuc6cays_firmwarenuc_board_nuc7i5bnb_firmwarenuc_board_nuc7i3bnb_firmwarenuc_7_home_nuc7i5bnkp_firmwarenuc_7_enthusiast_nuc7i7bnhxgnuc_kit_nuc7i7bnhnuc_kit_nuc7i3bnh_firmwarenuc_kit_nuc7i3bnhx1nuc_7_home_nuc7i5bnhxf_firmwarecompute_stick_stk2mv64ccnuc_kit_nuc6caysnuc_kit_nuc7i7bnh_firmwarenuc_8_rugged_board_nuc8cchbnnuc_board_nuc7i7bnb_firmwarenuc_8_rugged_kit_nuc8cchkrnnuc_7_enthusiast_nuc7i7bnkqnuc_kit_nuc7i3bnhnuc_board_nuc7i7bnbnuc_kit_nuc6cayhIntel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-29495
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.06% / 17.57%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-09 May, 2025 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel NUC BIOS firmware before version IN0048 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_8_mainstream-g_kit_nuc8i5inhnuc_8_mainstream-g_kit_nuc8i5inh_firmwarenuc_8_mainstream-g_kit_nuc8i7inhnuc_8_mainstream-g_kit_nuc8i7inh_firmwareIntel NUC BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-29494
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.04% / 12.78%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-18 Oct, 2024 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/abios_firmwareIntel Corporation
Product-nuc_11_pro_kit_nuc11tnhi3_firmwarenuc_11_pro_kit_nuc11tnki70znuc_11_pro_kit_nuc11tnki3_firmwarenuc_11_pro_kit_nuc11tnhi3nuc_11_pro_board_nuc11tnbi7_firmwarenuc_11_pro_board_nuc11tnbi30z_firmwarenuc_11_pro_board_nuc11tnbi5nuc_11_pro_kit_nuc11tnhi70l_firmwarenuc_11_pro_kit_nuc11tnhi5_firmwarenuc_11_pro_board_nuc11tnbi3nuc_11_pro_board_nuc11tnbi70z_firmwarenuc_11_pro_kit_nuc11tnhi30znuc_11_pro_kit_nuc11tnhi30p_firmwarenuc_11_pro_kit_nuc11tnhi30lnuc_11_pro_board_nuc11tnbi70znuc_11_pro_kit_nuc11tnhi70qnuc_11_pro_kit_nuc11tnhi30pnuc_11_pro_board_nuc11tnbi50z_firmwarenuc_11_pro_kit_nuc11tnhi7_firmwarenuc_11_pro_kit_nuc11tnhi70z_firmwarenuc_11_pro_kit_nuc11tnki30znuc_11_pro_kit_nuc11tnhi30z_firmwarenuc_11_pro_kit_nuc11tnhi50l_firmwarenuc_11_pro_kit_nuc11tnhi5nuc_11_pro_kit_nuc11tnki5_firmwarenuc_11_pro_kit_nuc11tnhi70znuc_11_pro_kit_nuc11tnhi50wnuc_11_pro_kit_nuc11tnki50z_firmwarenuc_11_pro_kit_nuc11tnki50znuc_11_pro_kit_nuc11tnhi70q_firmwarenuc_11_pro_kit_nuc11tnki5nuc_11_pro_board_nuc11tnbi30znuc_11_pro_kit_nuc11tnki30z_firmwarenuc_11_pro_kit_nuc11tnhi7nuc_11_pro_kit_nuc11tnki7_firmwarenuc_11_pro_kit_nuc11tnhi50z_firmwarenuc_11_pro_board_nuc11tnbi5_firmwarenuc_11_pro_kit_nuc11tnhi50lnuc_11_pro_kit_nuc11tnki7nuc_11_pro_board_nuc11tnbi7nuc_11_pro_kit_nuc11tnhi50w_firmwarenuc_11_pro_kit_nuc11tnhi30l_firmwarenuc_11_pro_kit_nuc11tnki3nuc_11_pro_board_nuc11tnbi50znuc_11_pro_kit_nuc11tnhi70lnuc_11_pro_kit_nuc11tnhi50znuc_11_pro_kit_nuc11tnki70z_firmwarenuc_11_pro_board_nuc11tnbi3_firmwareIntel(R) NUCsintel_r_nucs
CWE ID-CWE-20
Improper Input Validation
CVE-2021-33115
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.51% / 66.91%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) PROSet/Wireless WiFi in UEFI may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-uefi_wifi_driverac_9461ac_7265ac_3168ac_9560ac_8260ac_8265ac_9260ax201ax210ax200ac_3165ac_9462Intel(R) PROSet/Wireless WiFi in UEFI
CWE ID-CWE-20
Improper Input Validation
CVE-2023-27519
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.05% / 15.03%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-11 Jun, 2025 | 14:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) Optane(TM) SSD products may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-optane_memory_h20_with_solid_state_storageoptane_ssd_dc_p4800x_firmwareoptane_ssd_dc_p4801x_firmwareoptane_ssd_905poptane_ssd_900poptane_ssd_dc_p4801xoptane_memory_h20_with_solid_state_storage_firmwareoptane_ssd_dc_p4800xoptane_ssd_905p_firmwareoptane_ssd_900p_firmwareIntel(R) Optane(TM) SSD products
CWE ID-CWE-20
Improper Input Validation
CVE-2023-28402
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 19.45%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) BIOS Guard firmwarecomet_lake
CWE ID-CWE-20
Improper Input Validation
CVE-2023-28374
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.07% / 20.80%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:37
Updated-29 Oct, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-killer_wi-fi_6e_ax1690proset\/wirelesswi-fi_6e_ax211killerkiller_wi-fi_6e_ax1675wi-fi_6e_ax411proset_wi-fi_6e_ax210Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software
CWE ID-CWE-20
Improper Input Validation
CVE-2021-33114
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.17% / 38.66%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 and 11 may allow an authenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-ac_9462_firmwarewindows_10ac_9560_firmwarewindows_11ax200_firmwareax210_firmwareac_8260_firmwareac_7265_firmwareac_1550_firmwareac_9461_firmwareac_9260_firmwareax1650_firmwareac_3168_firmwareax1675_firmwareac_3165_firmwareac_8265_firmwareax201_firmwareIntel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 and 11
CWE ID-CWE-20
Improper Input Validation
CVE-2023-26587
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.25%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-10 Oct, 2024 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for the Intel(R) Easy Streaming Wizard software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-easy_streaming_wizardIntel(R) Easy Streaming Wizard software
CWE ID-CWE-20
Improper Input Validation
CVE-2021-33142
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6||MEDIUM
EPSS-0.05% / 15.99%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-09 Jan, 2026 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_i225-lm_firmwareethernet_controller_i225-v_firmwareethernet_controller_i225-itethernet_adapter_complete_driverethernet_controller_i225-lmethernet_controller_i225-it_firmwareethernet_controller_i225-vIntel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2021-33141
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.6||HIGH
EPSS-0.13% / 32.35%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-09 Jan, 2026 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an unauthenticated user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_i225-lm_firmwareethernet_controller_i225-v_firmwareethernet_controller_i225-itethernet_adapter_complete_driverethernet_controller_i225-lmethernet_controller_i225-it_firmwareethernet_controller_i225-vIntel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmwareethernet_adapterethernet_controller_i225_manageability_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2021-33110
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.30% / 54.07%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) Wireless Bluetooth(R) products and Killer(TM) Bluetooth(R) products in Windows 10 and 11 before version 22.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-ac_9462_firmwarewindows_10ac_9560_firmwarewindows_11ax200_firmwareax210_firmwareac_8260_firmwareac_7265_firmwareac_1550_firmwareac_9461_firmwareac_9260_firmwareax1650_firmwareac_3168_firmwareax1675_firmwareac_3165_firmwareac_8265_firmwareax201_firmwareIntel(R) Wireless Bluetooth(R) products and Killer(TM) Bluetooth(R) products in Windows 10 and 11
CWE ID-CWE-20
Improper Input Validation
CVE-2021-33098
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 20.52%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:12
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_500_series_controllers_driverethernet_connection_x540ethernet_connection_x557ethernet_connection_x550Intel(R) Ethernet ixgbe driver for Linux
CWE ID-CWE-20
Improper Input Validation
CVE-2021-33146
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.17% / 38.06%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-09 Jan, 2026 | 19:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an unauthenticated user to potentially enable information disclosure via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_i225-lm_firmwareethernet_controller_i225-v_firmwareethernet_controller_i225-itethernet_adapter_complete_driverethernet_controller_i225-lmethernet_controller_i225-it_firmwareethernet_controller_i225-vIntel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmwareethernet_adapterethernet_controller_i225_manageability_firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-20032
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.3||HIGH
EPSS-0.09% / 25.02%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 21:01
Updated-10 Sep, 2025 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wi-fi_7_be200proset\/wireless_wifiwi-fi_7_be201wi-fi_6_ax203wi-fi_6_ax101wi-fi_6_ax201wi-fi_7_be202Intel(R) PROSet/Wireless WiFi Software for Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14609
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 35.37%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:11
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc7i7dnke_firmwarenuc8i3cysmnuc7i5dnke_firmwarenuc6i5syh_firmwarestk2mv64cc_firmwarestk2m3w64ccd34010wybnuc7cjyhnuc_8_mainstream_game_kitstk2m3w64cc_firmwarenuc8i7hnknuc_8_mainstream_game_mini_computer_firmwarenuc6i5syhcd1iv128mknuc8i7bek_firmwarenuc7i3dnhenuc8i7hnk_firmwarecd1iv128mk_firmwarenuc6i7kykcd1m3128mk_firmwared34010wyb_firmwarecd1m3128mknuc7cjyh_firmwarecd1p64gknuc7i3dnhe_firmwarenuc_8_mainstream_game_mini_computerde3815tybe_firmwarenuc7i5dnkenuc6cayscd1p64gk_firmwarenuc_8_mainstream_game_kit_firmwarede3815tybenuc7i7dnkestk2mv64ccnuc6i7kyk_firmwarenuc6cays_firmwarenuc8i7beknuc8i3cysm_firmwareIntel(R) NUC(R)
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11179
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.39% / 60.14%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:38
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hpcr1304wftysrbbs2600bpbhns2600bpb24rhpcr2208wf0zsrr1304wftysrhpcr2208wftzsrr2208wftzsrr2208wf0zsrr1208wftysr1304wf0ysr2224wfqzshns2600bpqbbs2600stqhpcr2312wftzsrhns2600bpbrhpcr2224wftzsrhns2600bpblchpcr2208wftzsrxbbs2600stbr2208wf0zsr2208wftzshns2600bpsrr1208wftysrr2208wftzsrxbbs2600stbrhns2600bpbrxr2312wf0nphns2600bpblcrs2600stbr2224wftzsrr2208wfqzsrr2224wftzsbbs2600bpqrbbs2600stqrr2208wfqzsbbs2600bpshns2600bpshpcr2312wf0nprhns2600bpq24rhns2600bpb24hns2600bps24hns2600bpq24hns2600bpblc24r2312wfqzshpcr1208wftysrs9256wk1hlchpchns2600bpsrbbs2600bpsrr2312wf0nprs2600stbrs2600wftrhns2600bpbhpcr2208wfqzsrs9248wk2hlcr1304wftysbbs2600bpbrs9248wk2hachpcr1208wfqysrhns2600bpblc24rs2600wf0rs2600stqrs9232wk1hlcs2600stqs9232wk2hacr2308wftzss9248wk1hlcs2600wfqrhpcr2308wftzsrr1208wfqysrhpchns2600bpbrr2312wftzsrr2308wftzsrhpcr1304wf0ysrhpchns2600bpqrs2600wf0hns2600bps24rs9232wk2hlchns2600bpqrs2600wfqbbs2600bpqr1304wf0ysrbaseboard_management_controller_firmwares2600wfthns2600bpb24rxr2312wftzsIntel(R) BMC
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11108
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 35.37%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:10
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwareIntel(R) CSME
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11103
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.48%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwareIntel(R) CSME
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11085
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 30.51%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-i915_firmwarei915Intel(R) i915 Graphics for Linux
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11180
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.90% / 76.15%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:38
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hpcr1304wftysrbbs2600bpbhns2600bpb24rhpcr2208wf0zsrr1304wftysrhpcr2208wftzsrr2208wftzsrr2208wf0zsrr1208wftysr1304wf0ysr2224wfqzshns2600bpqbbs2600stqhpcr2312wftzsrhns2600bpbrhpcr2224wftzsrhns2600bpblchpcr2208wftzsrxbbs2600stbr2208wf0zsr2208wftzshns2600bpsrr1208wftysrr2208wftzsrxbbs2600stbrhns2600bpbrxr2312wf0nphns2600bpblcrs2600stbr2224wftzsrr2208wfqzsrr2224wftzsbbs2600bpqrbbs2600stqrr2208wfqzsbbs2600bpshns2600bpshpcr2312wf0nprhns2600bpq24rhns2600bpb24hns2600bps24hns2600bpq24hns2600bpblc24r2312wfqzshpcr1208wftysrs9256wk1hlchpchns2600bpsrbbs2600bpsrr2312wf0nprs2600stbrs2600wftrhns2600bpbhpcr2208wfqzsrs9248wk2hlcr1304wftysbbs2600bpbrs9248wk2hachpcr1208wfqysrhns2600bpblc24rs2600wf0rs2600stqrs9232wk1hlcs2600stqs9232wk2hacr2308wftzss9248wk1hlcs2600wfqrhpcr2308wftzsrr1208wfqysrhpchns2600bpbrr2312wftzsrr2308wftzsrhpcr1304wf0ysrhpchns2600bpqrs2600wf0hns2600bps24rs9232wk2hlchns2600bpqrs2600wfqbbs2600bpqr1304wf0ysrbaseboard_management_controller_firmwares2600wfthns2600bpb24rxr2312wftzsIntel(R) BMC
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11107
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 64.31%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:09
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11094
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.60%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_dn2820fykhnuc_kit_d54250wybnuc_kit_nuc7cjyhnuc_kit_nuc5i7ryhnuc_kit_nuc6i7kyknuc_kit_de3815tybenuc_kit_nuc8i7hnknuc_kit_nuc5cpyhnuc_kit_nuc7i7bnhnuc_kit_d33217gkenuc_kit_nuc6caysnuc_kit_nuc5pgyhnuc_kit_nuc5i5myhenuc_kit_d53427rkenuc_kit_nuc7i3dnhenuc_kit_nuc6i5syhnuc_kit_nuc7i5dnkenuc_kit_firmwarenuc_kit_nuc5i3myhenuc_kit_nuc7i7dnkeIntel (R) NUC
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11175
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.88% / 75.74%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:37
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hpcr1304wftysrbbs2600bpbhns2600bpb24rhpcr2208wf0zsrr1304wftysrhpcr2208wftzsrr2208wftzsrr2208wf0zsrr1208wftysr1304wf0ysr2224wfqzshns2600bpqbbs2600stqhpcr2312wftzsrhns2600bpbrhpcr2224wftzsrhns2600bpblchpcr2208wftzsrxbbs2600stbr2208wf0zsr2208wftzshns2600bpsrr1208wftysrr2208wftzsrxbbs2600stbrhns2600bpbrxr2312wf0nphns2600bpblcrs2600stbr2224wftzsrr2208wfqzsrr2224wftzsbbs2600bpqrbbs2600stqrr2208wfqzsbbs2600bpshns2600bpshpcr2312wf0nprhns2600bpq24rhns2600bpb24hns2600bps24hns2600bpq24hns2600bpblc24r2312wfqzshpcr1208wftysrs9256wk1hlchpchns2600bpsrbbs2600bpsrr2312wf0nprs2600stbrs2600wftrhns2600bpbhpcr2208wfqzsrs9248wk2hlcr1304wftysbbs2600bpbrs9248wk2hachpcr1208wfqysrhns2600bpblc24rs2600wf0rs2600stqrs9232wk1hlcs2600stqs9232wk2hacr2308wftzss9248wk1hlcs2600wfqrhpcr2308wftzsrr1208wfqysrhpchns2600bpbrr2312wftzsrr2308wftzsrhpcr1304wf0ysrhpchns2600bpqrs2600wf0hns2600bps24rs9232wk2hlchns2600bpqrs2600wfqbbs2600bpqr1304wf0ysrbaseboard_management_controller_firmwares2600wfthns2600bpb24rxr2312wftzsIntel(R) BMC
CWE ID-CWE-20
Improper Input Validation
CVE-2023-25772
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5||MEDIUM
EPSS-0.05% / 17.09%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:40
Updated-24 Jan, 2025 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) Retail Edge Mobile Android application before version 3.0.301126-RELEASE may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-retail_edge_programIntel(R) Retail Edge Mobile Android application
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11123
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 21.01%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient session validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_stick_stk2mv64cccompute_stick_stck1a32wfccompute_stick_firmwarecompute_card_cd1iv128mkcompute_card_firmwarenuc_kit_nuc8i3bexnuc_kit_firmwarecompute_card_cd1c64gkcompute_stick_stck1a8lfccompute_card_cd1m3128mkcompute_stick_stk2m364cccompute_card_cd1p64gkcompute_stick_stk2m3w64ccIntel(R) NUC Firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11101
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.14% / 34.04%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:09
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) CSME, Intel(R) TXE
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11137
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.15% / 35.17%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:56
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel CorporationHewlett Packard Enterprise (HPE)
Product-xeon_platinum_8153atom_c3858_firmwarexeon_bronze_3104_firmwarexeon_e5-4610_v4xeon_e7-8894_v4xeon_e5-2608l_v4_firmwarexeon_gold_6146xeon_gold_6126f_firmwareatom_c3830_firmwarexeon_platinum_8168_firmwarexeon_silver_4108_firmwareapollo_4200_gen10_serverxeon_d-1527xeon_e5-2697_v4xeon_gold_5115synergy_620_gen9_compute_modulexeon_platinum_8170xeon_gold_6136xeon_gold_6138f_firmwarexeon_gold_5217_firmwareproliant_bl460c_gen9_server_bladeproliant_dl160_gen9_server_firmwarexeon_gold_6138xeon_e5-4650_v4xeon_e7-8880_v4atom_c3336_firmwarexeon_d-2163it_firmwarexeon_e5-1660_v4proliant_bl660c_gen9_serverxeon_e7-8891_v4xeon_platinum_8164xeon_d-1521_firmwareproliant_ml350_gen9_server_firmwarexeon_gold_6240_firmwarexeon_d-1557_firmwareatom_c3708_firmwareproliant_dl60_gen9_serverxeon_d-1518atom_c2550synergy_620_gen9_compute_module_firmwarexeon_platinum_8268_firmwarexeon_gold_6248_firmwarexeon_gold_6262vxeon_e5-2609_v4_firmwarexeon_platinum_8168xeon_e5-2683_v4atom_c2538_firmwarexeon_e5-2608l_v4xeon_gold_5218xeon_e5-1620_v4xeon_gold_6238m_firmwarexeon_d-1567_firmwarexeon_d-1567xeon_e5-4640_v4xeon_e5-4655_v4_firmwarexeon_gold_6138t_firmwarexeon_silver_4116_firmwarexeon_d-2173it_firmwarexeon_gold_5122xeon_platinum_8180_firmwarexeon_silver_4210_firmwareapollo_4200_gen9_server_firmwarexeon_gold_6126_firmwarexeon_d-2191proliant_dl380_gen9_serverxeon_e7-8870_v4_firmwarexeon_e5-4627_v4_firmwareproliant_ml110_gen9_server_firmwarexeon_platinum_8276_firmwarexeon_e7-8870_v4xeon_gold_6240xeon_gold_6150_firmwarexeon_platinum_8156xeon_bronze_3106_firmwarexeon_d-2177nt_firmwarexeon_gold_6138_firmwarexeon_e7-8893_v4_firmwarexeon_d-1533n_firmwarexeon_e5-2667_v4_firmwarexeon_gold_5220s_firmwarexeon_gold_5215_firmwarexeon_e5-2667_v4proliant_xl230a_gen9_server_firmwarexeon_platinum_8274proliant_dl580_gen9_serverxeon_gold_6126fxeon_d-1539xeon_silver_4109t_firmwarexeon_e5-1680_v4xeon_silver_4114_firmwarexeon_gold_6230_firmwarexeon_d-2146ntproliant_xl250a_gen9_server_firmwarexeon_platinum_8280l_firmwarexeon_platinum_8160fxeon_d-1577_firmwareatom_c2550_firmwarexeon_e5-4660_v4atom_c3538_firmwarexeon_gold_6210uxeon_d-2187ntatom_c2738xeon_e5-4669_v4_firmwarexeon_platinum_8158_firmwarexeon_d-2166ntxeon_gold_5120_firmwarexeon_gold_6140m_firmwarexeon_silver_4216xeon_platinum_8253xeon_gold_6230xeon_e5-2630l_v4xeon_gold_6134_firmwarexeon_e5-4667_v4atom_c3336atom_c3958xeon_e5-2628l_v4xeon_gold_6130t_firmwareproliant_dl380_gen10_server_firmwarexeon_d-2183itxeon_e5-2690_v4_firmwarexeon_e5-2630_v4xeon_d-1622atom_c2350_firmwarexeon_d-2145ntxeon_e5-1650_v4xeon_gold_6238xeon_gold_6126t_firmwarexeon_silver_4208xeon_e5-2623_v4xeon_e5-4620_v4_firmwarexeon_gold_5220sxeon_platinum_8280m_firmwarexeon_e7-8890_v4_firmwareapollo_4200_gen9_serverxeon_platinum_9282xeon_d-1513n_firmwarexeon_platinum_9242_firmwarexeon_e5-1620_v4_firmwarexeon_silver_4108xeon_gold_6130txeon_silver_4210xeon_platinum_8256_firmwarexeon_e5-2618l_v4_firmwarexeon_e5-2637_v4_firmwarexeon_e7-8867_v4atom_c2358_firmwareproliant_ml350_gen10_serverproliant_ml150_gen9_server_firmwarexeon_platinum_8276matom_c2338xeon_bronze_3106synergy_480_gen10_compute_module_firmwarexeon_gold_6238matom_c3708atom_c2518_firmwarexeon_d-1540xeon_platinum_8160txeon_e5-2698_v4xeon_d-1528xeon_e5-4627_v4proliant_e910_server_blade_firmwarexeon_d-2141ixeon_e5-2660_v4xeon_d-1541xeon_e7-4830_v4xeon_silver_4208_firmwarexeon_d-1633n_firmwarexeon_platinum_8268xeon_e5-2650_v4_firmwareproliant_xl230a_gen9_serverxeon_gold_5222proliant_ws460c_gen9_graphics_server_blade_firmwarexeon_e5-2687w_v4xeon_e5-2630_v4_firmwareatom_c2516synergy_680_gen9_compute_module_firmwarexeon_gold_6240mxeon_e5-4667_v4_firmwarexeon_d-1548xeon_e5-2699a_v4_firmwarexeon_d-1649nxeon_d-1529xeon_e5-2603_v4_firmwareatom_c3308_firmwarexeon_platinum_8160xeon_gold_5115_firmwareproliant_ml110_gen10_server_firmwarexeon_platinum_8156_firmwarexeon_e5-4660_v4_firmwareproliant_xl270d_gen10_serverxeon_gold_5118_firmwarexeon_e7-4809_v4proliant_xl450_gen9_serveratom_c2718xeon_gold_6146_firmwarexeon_gold_6148fxeon_e5-2630l_v4_firmwareatom_c2750xeon_gold_5218_firmwarexeon_gold_6132xeon_gold_6238t_firmwareatom_c3338atom_c2316xeon_e5-2618l_v4xeon_e7-8891_v4_firmwarexeon_e5-2650l_v4_firmwareatom_c2358proliant_dl580_gen10_serverxeon_platinum_8160_firmwarexeon_d-1623nproliant_xl170r_gen10_serveratom_c2508_firmwarexeon_e7-8894_v4_firmwareproliant_dl360_gen9_server_firmwareproliant_xl450_gen9_server_firmwarexeon_gold_6148_firmwarexeon_gold_5220t_firmwarexeon_e5-4610_v4_firmwarexeon_platinum_8253_firmwarexeon_gold_5220_firmwarexeon_d-1622_firmwareatom_c2538xeon_e5-2680_v4_firmwareproliant_e910_server_bladexeon_gold_6240m_firmwareatom_c2530_firmwarexeon_e5-1630_v4_firmwarexeon_silver_4214proliant_ml150_gen9_serverxeon_d-2161iatom_c3858xeon_platinum_8164_firmwaresynergy_680_gen9_compute_modulexeon_d-2141i_firmwareproliant_dl80_gen9_server_firmwareatom_c3558_firmwarexeon_gold_5218bproliant_dl160_gen10_server_firmwarexeon_e5-4640_v4_firmwarexeon_e5-1680_v4_firmwareproliant_xl270d_gen10_server_firmwarexeon_silver_4216_firmwarexeon_gold_6254_firmwarexeon_platinum_8284_firmwarexeon_e5-1650_v4_firmwarexeon_e5-2648l_v4xeon_e5-4620_v4proliant_dl380_gen10_serverxeon_d-1513nxeon_d-1537xeon_d-2187nt_firmwarexeon_e7-8880_v4_firmwarexeon_gold_6209uxeon_d-1539_firmwarexeon_silver_4112xeon_d-1559xeon_gold_6130_firmwarexeon_gold_5120txeon_gold_6134proliant_bl460c_gen10_server_blade_firmwarexeon_gold_6222v_firmwarexeon_platinum_8160f_firmwareatom_c3558xeon_platinum_8260_firmwarexeon_e5-2648l_v4_firmwarexeon_d-2183it_firmwareatom_c3308proliant_xl170r_gen9_server_firmwarexeon_d-1557xeon_gold_6148xeon_e7-4850_v4xeon_gold_6144xeon_gold_6140mxeon_platinum_9282_firmwareatom_c3758xeon_d-1553n_firmwarexeon_gold_6128_firmwarexeon_gold_5220tatom_c3830atom_c2750_firmwarexeon_platinum_8276latom_c3750xeon_platinum_8170_firmwareproliant_dl560_gen10_serveratom_c2730xeon_d-1627_firmwareproliant_bl660c_gen9_server_firmwarexeon_gold_6126txeon_gold_6140_firmwarexeon_gold_6238_firmwareatom_c3950_firmwareproliant_xl250a_gen9_serverxeon_e5-2640_v4_firmwareatom_c2758_firmwarexeon_gold_6246xeon_e5-1630_v4atom_c3955_firmwareatom_c2758xeon_d-1527_firmwarexeon_e5-2683_v4_firmwarexeon_e5-2628l_v4_firmwarexeon_e5-4628l_v4_firmwarexeon_e7-4850_v4_firmwarexeon_gold_5215mxeon_gold_5215proliant_xl450_gen10_server_firmwarexeon_d-2143itxeon_e5-2620_v4_firmwareproliant_xl190r_gen10_server_firmwarexeon_d-2163itsynergy_660_gen10_compute_modulexeon_e5-2699_v4xeon_gold_6244_firmwarexeon_d-2161i_firmwareatom_c3538xeon_platinum_8284xeon_silver_4109txeon_e5-2643_v4_firmwareatom_c2308_firmwarexeon_gold_5215lxeon_silver_4215_firmwarexeon_gold_5122_firmwarexeon_e5-4655_v4xeon_gold_6138fxeon_e5-2658_v4xeon_gold_6132_firmwarexeon_gold_6136_firmwareproliant_xl730f_gen9_serversynergy_480_gen9_compute_module_firmwareproliant_ml350_gen9_serverxeon_gold_6212u_firmwareatom_c2316_firmwarexeon_gold_6212uxeon_d-1531_firmwarexeon_e5-2697_v4_firmwarexeon_platinum_8280mxeon_gold_6240l_firmwarexeon_silver_4114atom_c3750_firmwarexeon_d-2123it_firmwaresynergy_480_gen9_compute_moduleatom_c3508xeon_bronze_3104xeon_d-1571xeon_gold_6240lxeon_gold_6238lxeon_e5-2699_v4_firmwarexeon_d-2173itxeon_d-2123itatom_c2338_firmwareatom_c2730_firmwarexeon_d-1627xeon_gold_5218n_firmwareproliant_ml350_gen10_server_firmwarexeon_e5-2637_v4proliant_dl120_gen10_server_firmwareproliant_dl180_gen9_serverxeon_platinum_8260y_firmwarexeon_gold_6144_firmwarexeon_e5-2695_v4_firmwarexeon_d-1602xeon_e7-8890_v4xeon_e5-2680_v4proliant_dl360_gen9_serverxeon_gold_5218txeon_gold_6240y_firmwarexeon_gold_6150xeon_e5-2697a_v4xeon_gold_6242_firmwarexeon_gold_6140xeon_e5-2690_v4xeon_d-1649n_firmwarexeon_e5-2609_v4proliant_dl360_gen10_serverxeon_e5-2658_v4_firmwarexeon_gold_6148f_firmwarexeon_d-2145nt_firmwareproliant_xl450_gen10_serverproliant_xl230k_gen10_serverxeon_d-1537_firmwarexeon_gold_6126xeon_d-1541_firmwarexeon_d-2166nt_firmwarexeon_d-1623n_firmwarexeon_e5-2699a_v4xeon_e5-2643_v4proliant_dl160_gen9_serverxeon_d-1548_firmwareatom_c3850_firmwarexeon_gold_6130f_firmwarexeon_d-1559_firmwareproliant_xl190r_gen10_serverxeon_e5-2698_v4_firmwareproliant_dl580_gen9_server_firmwarexeon_gold_6142fxeon_e7-4809_v4_firmwarexeon_platinum_8153_firmwarexeon_e5-2697a_v4_firmwarexeon_gold_6130xeon_e5-2650l_v4xeon_d-1529_firmwarexeon_d-1540_firmwarexeon_platinum_8260mxeon_silver_4214y_firmwarexeon_d-1637_firmwareproliant_xl170r_gen10_server_firmwareproliant_dl360_gen10_server_firmwarexeon_platinum_8260xeon_platinum_8160t_firmwareproliant_ws460c_gen9_graphics_server_bladeproliant_bl460c_gen10_server_bladexeon_bronze_3204_firmwaresynergy_480_gen10_compute_modulexeon_silver_4214_firmwareatom_c2738_firmwarexeon_d-2142it_firmwareproliant_dl120_gen10_serverproliant_ml110_gen9_serverxeon_d-2143it_firmwarexeon_platinum_9242proliant_dl160_gen10_serversynergy_660_gen10_compute_module_firmwarexeon_platinum_8280lxeon_silver_4110xeon_bronze_3204xeon_d-1523n_firmwarexeon_platinum_8280_firmwareproliant_dl580_gen10_server_firmwarexeon_gold_5217xeon_e5-2687w_v4_firmwareatom_c3758_firmwareatom_c2558_firmwarexeon_gold_5218nxeon_gold_6246_firmwarexeon_gold_5222_firmwarexeon_gold_6138txeon_e5-2620_v4xeon_e7-4820_v4_firmwareproliant_dl80_gen9_serverxeon_gold_5120proliant_dl180_gen10_server_firmwarexeon_d-1523nxeon_gold_5220xeon_gold_6154_firmwarexeon_d-1653nproliant_dl120_gen9_server_firmwarexeon_e7-8860_v4_firmwarexeon_d-1637xeon_gold_6254xeon_silver_4209t_firmwarexeon_d-1577xeon_gold_6240yxeon_platinum_8176_firmwarexeon_e5-4669_v4xeon_gold_6154proliant_ml110_gen10_serverxeon_gold_5215l_firmwarexeon_d-1543n_firmwarexeon_e5-2640_v4xeon_e7-8893_v4xeon_gold_6252n_firmwarexeon_gold_5120t_firmwareproliant_dl560_gen9_server_firmwarexeon_d-1653n_firmwareproliant_xl230k_gen10_server_firmwarexeon_platinum_8270_firmwarexeon_d-1553natom_c3808_firmwarexeon_d-1571_firmwareatom_c3955xeon_silver_4209txeon_silver_4116xeon_d-1633nxeon_gold_6210u_firmwareproliant_xl170r_gen9_serveratom_c3850xeon_gold_6252nxeon_e7-4820_v4xeon_gold_6244xeon_gold_5218t_firmwarexeon_gold_6248xeon_platinum_8260l_firmwarexeon_gold_6226_firmwarexeon_d-1518_firmwarexeon_platinum_8274_firmwarexeon_platinum_8280atom_c2558xeon_gold_6152_firmwarexeon_platinum_8176f_firmwarexeon_d-1520proliant_dl180_gen10_serverproliant_dl380_gen9_server_firmwarexeon_platinum_8256xeon_gold_6152xeon_d-2146nt_firmwarexeon_platinum_8158xeon_gold_6238l_firmwarexeon_e7-4830_v4_firmwareatom_c3508_firmwarexeon_gold_5218b_firmwarexeon_gold_6222vproliant_bl460c_gen9_server_blade_firmwarexeon_d-1520_firmwarexeon_platinum_8176xeon_gold_6242xeon_silver_4112_firmwarexeon_d-1531atom_c2518xeon_gold_6262v_firmwarexeon_e5-2660_v4_firmwarexeon_platinum_8260yxeon_platinum_8270xeon_e5-2650_v4xeon_platinum_8260m_firmwareproliant_dl560_gen9_serverxeon_d-1533nproliant_xl190r_gen9_serverxeon_gold_6128xeon_silver_4215xeon_d-2142itxeon_gold_5118xeon_gold_6130fxeon_e5-2695_v4atom_c2530atom_c2508proliant_xl730f_gen9_server_firmwarexeon_gold_5215m_firmwarexeon_platinum_8276xeon_gold_6142f_firmwarexeon_gold_6238txeon_silver_4214yxeon_e5-2603_v4proliant_xl190r_gen9_server_firmwarexeon_e5-1660_v4_firmwarexeon_e5-4628l_v4xeon_e7-8860_v4atom_c2350atom_c2516_firmwareatom_c3338_firmwarexeon_platinum_8276m_firmwarexeon_platinum_8176fxeon_e7-8867_v4_firmwareatom_c2308xeon_e5-2623_v4_firmwareapollo_4200_gen10_server_firmwareatom_c3808xeon_d-1543nxeon_d-1528_firmwareproliant_dl120_gen9_serverxeon_gold_6226xeon_d-1521xeon_d-2191_firmwarexeon_gold_6252atom_c3950xeon_e5-4650_v4_firmwareproliant_dl560_gen10_server_firmwareatom_c2718_firmwarexeon_gold_6252_firmwarexeon_gold_6209u_firmwarexeon_silver_4110_firmwarexeon_platinum_8260lproliant_dl60_gen9_server_firmwarexeon_d-1602_firmwarexeon_platinum_8180proliant_dl180_gen9_server_firmwarexeon_d-2177ntatom_c3958_firmwarexeon_platinum_8276l_firmware2019.2 IPU – UEFI
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11087
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 33.98%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:09
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) CSME, Intel(R) TXE
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11140
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.70%
||
7 Day CHG~0.00%
Published-19 Aug, 2019 | 16:13
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient session validation in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_stick_stk2mv64cccompute_stick_firmwarecompute_card_firmwarecompute_card_cd1iv128mknuc_kit_nuc7i5dnxnuc_kit_nuc7i7dnxnuc_kit_firmwarenuc_kit_nuc7i3dnxIntel(R) NUC Advisory
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11089
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.16% / 36.40%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 19:05
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-graphics_drivercloud_backupsteelstore_cloud_integrated_storagesolidfire_baseboard_management_controller_firmwaresolidfire_baseboard_management_controllerdata_availability_services2019.2 IPU – Intel(R) Graphics Driver for Windows* and Linux
CWE ID-CWE-20
Improper Input Validation
CVE-2023-25951
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6||MEDIUM
EPSS-0.07% / 21.12%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:37
Updated-29 Oct, 2024 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-killer_wi-fi_6e_ax1690proset\/wirelesswi-fi_6e_ax211killerkiller_wi-fi_6e_ax1675wi-fi_6e_ax411proset_wi-fi_6e_ax210Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi softwareproset\/wirelesskiller_wifi_software
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0094
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.08% / 23.44%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) Active Management Technology (AMT)
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • Next
Details not found