Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-41689

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-14 Nov, 2023 | 19:04
Updated At-03 Aug, 2024 | 12:49
Rejected At-
Credits

Improper access control in some Intel In-Band Manageability software before version 3.0.14 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:14 Nov, 2023 | 19:04
Updated At:03 Aug, 2024 | 12:49
Rejected At:
▼CVE Numbering Authority (CNA)

Improper access control in some Intel In-Band Manageability software before version 3.0.14 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Products
Vendor
n/a
Product
Intel In-Band Manageability software
Default Status
unaffected
Versions
Affected
  • before version 3.0.14
Problem Types
TypeCWE IDDescription
N/AN/Aescalation of privilege
CWECWE-284Improper access control
Type: N/A
CWE ID: N/A
Description: escalation of privilege
Type: CWE
CWE ID: CWE-284
Description: Improper access control
Metrics
VersionBase scoreBase severityVector
3.17.3HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00968.html
N/A
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00968.html
Resource: N/A
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00968.html
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00968.html
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:14 Nov, 2023 | 19:15
Updated At:25 Nov, 2023 | 02:27

Improper access control in some Intel In-Band Manageability software before version 3.0.14 may allow an authenticated user to potentially enable escalation of privilege via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.3HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CPE Matches
Intel Corporation
intel
>>in-band_manageability>>Versions before 3.0.14(exclusive)
cpe:2.3:a:intel:in-band_manageability:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE-284Secondarysecure@intel.com
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-284
Type: Secondary
Source: secure@intel.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00968.htmlsecure@intel.com
Patch
Vendor Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00968.html
Source: secure@intel.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

715Records found
CVE-2021-0064
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:18
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in the Intel(R) PROSet/Wireless WiFi software installer for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ac_8265ac_9462ac_3165_firmwareac_9560_firmwareac_8265_firmwareax200ac_3165ac_9461ac_8260ac_9260ac_9461_firmwareac_9462_firmwareac_3168ac_9560ax200_firmware7265_firmwareac_3168_firmwareax201ax210_firmwareax201_firmwareac_9260_firmwareac_8260_firmwareax2107265Intel(R) PROSet/Wireless WiFi software installer for Windows 10
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-42429
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 15.30%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in some Intel NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc7cjyhn_firmwarenuc_7_essential_pc_nuc7cjysal_firmwarenuc_kit_nuc7cjyhnuc_kit_nuc7pjyhn_firmwarenuc_kit_nuc7cjyh_firmwarenuc_kit_nuc7cjyhnnuc_kit_nuc7pjyh_firmwarenuc_7_essential_nuc7cjysalnuc_kit_nuc7pjyhnnuc_7_essential_nuc7cjysamnnuc_kit_nuc7pjyhnuc_7_essential_nuc7cjysamn_firmwareIntel NUC BIOS firmware
CWE ID-CWE-92
DEPRECATED: Improper Sanitization of Custom Special Characters
CVE-2021-0062
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-11 Aug, 2021 | 12:47
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) Graphics Drivers before version 27.20.100.8935 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-windowsgraphics_driversIntel(R) Graphics Drivers
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0094
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.33%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:05
Updated-03 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper link resolution before file access in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-driver_\&_support_assistantIntel(R) DSA
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-0143
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-17 Jun, 2021 | 11:12
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Intel(R) Brand Verification Tool before version 11.0.0.1225 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-brand_verification_toolIntel(R) Brand Verification Tool
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-0106
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.43%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:13
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the Intel(R) Optane(TM) DC Persistent Memory for Windows software versions before 2.00.00.3842 or 1.00.00.3515 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_gold_6246rxeon_platinum_8276lxeon_platinum_8358xeon_platinum_9222xeon_gold_5315yxeon_gold_5217xeon_gold_6230txeon_platinum_8362xeon_gold_6230nxeon_platinum_8354hxeon_gold_5218nxeon_gold_6338xeon_silver_4309yxeon_platinum_8352yxeon_platinum_8368xeon_gold_5220xeon_gold_6246xeon_silver_4214rxeon_gold_6326xeon_gold_6254xeon_silver_4310txeon_gold_6269yxeon_gold_6240yxeon_gold_6234xeon_platinum_8380xeon_gold_6238rxeon_silver_4316xeon_platinum_8351nxeon_gold_6208uxeon_platinum_8268xeon_gold_5215xeon_platinum_8352vxeon_gold_6336yxeon_gold_6262vxeon_gold_5222xeon_gold_5218xeon_platinum_8284xeon_silver_4209txeon_platinum_8380hxeon_gold_5215lxeon_platinum_8360hlxeon_silver_4215rxeon_gold_6252nxeon_platinum_9221xeon_platinum_8376hxeon_gold_6244xeon_gold_6330xeon_silver_4210txeon_platinum_8321hcxeon_gold_6248xeon_gold_6212uxeon_gold_6314uxeon_platinum_8280xeon_gold_6248rxeon_gold_6354xeon_gold_6258rxeon_gold_6240xeon_gold_6238lxeon_platinum_8352mxeon_gold_6240lxeon_gold_6250xeon_platinum_8353hxeon_platinum_8256xeon_gold_6348hxeon_gold_6262xeon_gold_6330hxeon_gold_5219yxeon_gold_6222vxeon_gold_5318hxeon_platinum_8376hlxeon_gold_6242xeon_gold_5320hxeon_gold_5320xeon_platinum_8360yxeon_platinum_8274xeon_platinum_8260yxeon_platinum_8270xeon_gold_6242rxeon_gold_6338txeon_gold_6346xeon_gold_5218txeon_silver_4215xeon_gold_5220rxeon_gold_5318sxeon_gold_6338nxeon_silver_4214xeon_platinum_8276xeon_platinum_8360hxeon_gold_6238txeon_silver_4210rxeon_gold_6250lxeon_silver_4214yxeon_gold_6210uxeon_gold_6348xeon_gold_6330nxeon_gold_5218bxeon_platinum_8380hlxeon_gold_5318nxeon_platinum_8358pxeon_platinum_8368qxeon_silver_4216xeon_gold_6230xeon_platinum_8253xeon_gold_6240rxeon_silver_4310xeon_gold_6222xeon_gold_5317xeon_gold_6334ipmctlxeon_platinum_8356hxeon_gold_6209uxeon_gold_6226xeon_gold_6256xeon_gold_6342xeon_gold_6230rxeon_gold_6238xeon_gold_6252xeon_gold_5320txeon_silver_4208xeon_platinum_8260xeon_platinum_8352sxeon_gold_5318yxeon_gold_5218rxeon_bronze_3206rxeon_gold_6226rxeon_gold_6312uxeon_gold_6328hxeon_gold_5220sxeon_platinum_9242xeon_platinum_9282xeon_platinum_8260lxeon_platinum_8280lxeon_bronze_3204xeon_gold_6328hlxeon_silver_4314xeon_gold_5220txeon_silver_4210Intel(R) Optane(TM) DC Persistent Memory for Windows software versions
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-0109
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:36
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions for the Intel(R) SOC driver package for STK1A32SC before version 604 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_stick_stk1a32sccompute_stick_stk1a32sc_firmwareIntel(R) SOC driver package for STK1A32SC
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-42773
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.07% / 22.75%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-28 Aug, 2025 | 01:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper neutralization in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationMicrosoft Corporation
Product-windowspower_gadgetIntel(R) Power Gadget software for Windowspower_gadget_software
CWE ID-CWE-707
Improper Neutralization
CVE-2022-38787
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.04% / 8.82%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) FPGA products before version 2.7.0 Hotfix may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-stratix_10_sx_650_fpgastratix_10_gx_400_fpga_firmwareagilex_7_fpga_f-series_006_firmwareagilex_7_fpga_i-series_022stratix_10_tx_2500_fpga_firmwarestratix_10_gx_10m_fpga_firmwarestratix_10_sx_1650_fpgastratix_10_gx_2800_fpga_firmwarestratix_10_tx_850_fpga_firmwarestratix_10_tx_1650_fpgastratix_10_gx_850_fpgastratix_10_gx_1660_fpgastratix_10_sx_400_fpga_firmwareagilex_7_fpga_i-series_022_firmwarestratix_10_dx_2100_fpgaagilex_7_fpga_i-series_035_firmwarestratix_10_tx_400_fpga_firmwarestratix_10_mx_2100_fpga_firmwareagilex_7_fpga_m-series_039stratix_10_gx_2500_fpga_firmwarestratix_10_gx_10m_fpgaagilex_7_fpga_f-series_012_firmwareagilex_7_fpga_f-series_023stratix_10_gx_2100_fpga_firmwarestratix_10_tx_1100_fpga_firmwarestratix_10_tx_1650_fpga_firmwareagilex_7_fpga_m-series_039_firmwareagilex_7_fpga_f-series_019_firmwarestratix_10_sx_1100_fpgaagilex_7_fpga_f-series_022stratix_10_tx_2800_fpga_firmwarestratix_10_tx_2800_fpgaagilex_7_fpga_i-series_023_firmwarestratix_10_sx_2500_fpga_firmwarestratix_10_gx_650_fpgaagilex_7_fpga_i-series_041agilex_7_fpga_i-series_040stratix_10_tx_1100_fpgaagilex_7_fpga_f-series_008stratix_10_gx_2100_fpgastratix_10_gx_1650_fpgaagilex_7_fpga_f-series_022_firmwarestratix_10_gx_1100_fpga_firmwarestratix_10_sx_400_fpgastratix_10_dx_1100_fpgastratix_10_sx_1100_fpga_firmwarestratix_10_gx_2110_fpga_firmwareagilex_7_fpga_f-series_027stratix_10_sx_650_fpga_firmwareagilex_7_fpga_i-series_027_firmwareagilex_7_fpga_i-series_027stratix_10_sx_850_fpgastratix_10_nx_2100_fpga_firmwareagilex_7_fpga_f-series_012stratix_10_nx_2100_fpgastratix_10_dx_1100_fpga_firmwareagilex_7_fpga_f-series_008_firmwarestratix_10_sx_850_fpga_firmwarestratix_10_sx_1650_fpga_firmwarestratix_10_gx_400_fpgastratix_10_mx_1650_fpgastratix_10_sx_2100_fpgastratix_10_gx_1660_fpga_firmwarestratix_10_tx_2100_fpga_firmwareagilex_7_fpga_i-series_040_firmwarestratix_10_sx_2800_fpgastratix_10_tx_400_fpgaagilex_7_fpga_i-series_035agilex_7_fpga_i-series_041_firmwareagilex_7_fpga_f-series_006agilex_7_fpga_f-series_027_firmwarestratix_10_tx_2100_fpgastratix_10_gx_650_fpga_firmwareagilex_7_fpga_f-series_014agilex_7_fpga_f-series_014_firmwarestratix_10_tx_2500_fpgaagilex_7_fpga_f-series_023_firmwarestratix_10_gx_1650_fpga_firmwarestratix_10_sx_2100_fpga_firmwarestratix_10_dx_2800_fpga_firmwarestratix_10_dx_2800_fpgastratix_10_tx_850_fpgastratix_10_sx_2500_fpgastratix_10_dx_2100_fpga_firmwareagilex_7_fpga_i-series_019_firmwarestratix_10_gx_850_fpga_firmwareagilex_7_fpga_i-series_019stratix_10_sx_2800_fpga_firmwarestratix_10_gx_1100_fpgaagilex_7_fpga_f-series_019stratix_10_gx_2110_fpgastratix_10_mx_1650_fpga_firmwarestratix_10_gx_2500_fpgaagilex_7_fpga_i-series_023stratix_10_gx_2800_fpgastratix_10_mx_2100_fpgaIntel(R) FPGA products
CWE ID-CWE-20
Improper Input Validation
CVE-2020-8702
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.10% / 27.82%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 18:47
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in the Intel(R) Processor Diagnostic Tool before version 4.1.5.37 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-processor_diagnostic_toolIntel(R) Processor Diagnostic Tool
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-41961
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 29.65%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) GPA software before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzersIntel(R) GPA softwaregraphics_performance_analyzers
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-8750
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.58%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:07
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Kernel Mode Driver for Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trusted_execution_engineIntel(R) TXE
CWE ID-CWE-416
Use After Free
CVE-2020-8763
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:14
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Intel(R) RealSense(TM) D400 Series UWP driver for Windows* 10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-realsense_d435_firmwarerealsense_d415_firmwarerealsense_d435i_firmwarewindows_10Intel(R) RealSense(TM) D400 Series Advisory
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-8760
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 32.30%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:08
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-cloud_backupactive_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-42766
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 15.60%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel NUC 8 Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_8_compute_element_cm8v5cb_firmwarenuc_8_compute_element_cm8v7cb_firmwarenuc_8_compute_element_cm8v7cbnuc_8_compute_element_cm8v5cbIntel NUC 8 Compute Element BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2020-8687
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.13%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 03:16
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-rste_software_raidIntel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB Advisory
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-41091
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 35.35%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-24 Oct, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) MPI Library Software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-mpi_libraryIntel(R) MPI Library Software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2015-2291
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.54% / 84.86%
||
7 Day CHG+0.28%
Published-09 Aug, 2017 | 18:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-03-03||Apply updates per vendor instructions.

(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-ethernet_diagnostics_driver_iqvw32.sysethernet_diagnostics_driver_iqvw64.syswindowsn/aEthernet Diagnostics Driver for Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2023-40156
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 36.45%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-25 Oct, 2024 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in some Intel(R) SSU software before version 3.0.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_support_utilityIntel(R) SSU softwaresystem_support_utility
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-39230
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.93%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-rapid_storage_technologyIntel Rapid Storage Technology software
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-14570
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.83%
||
7 Day CHG~0.00%
Published-11 Oct, 2019 | 17:58
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Action-Not Available
Vendor-Intel Corporation
Product-nuc_kit_dn2820fykhnuc_board_de3815tybe_firmwarenuc_8_mainstream_game_kitnuc_kit_de3815tykhe_firmwarenuc_8_mainstream_game_mini_computer_firmwarenuc_8_mainstream_game_kit_firmwarenuc_kit_de3815tykhenuc_kit_dn2820fykh_firmwarenuc_board_de3815tybenuc_8_mainstream_game_mini_computerNUC Advisory
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14605
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.25%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:09
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Intel(R) SCS Platform Discovery Utility, all versions, may allow an authenticated user to potentially enable escalation of privilege via local attack.

Action-Not Available
Vendor-n/aIntel Corporation
Product-setup_and_configuration_software_platform_discovery_utilityIntel(R) SCS Platform Discovery Utility
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-38587
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.23%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc8i7bek_firmwarenuc_8_home_nuc8i3behfa_firmwarenuc_kit_nuc8i5behnuc_kit_nuc8i7beknuc_kit_nuc8i5behs_firmwarenuc_kit_nuc8i3beh_firmwarenuc_kit_nuc8i7behnuc_8_enthusiast_nuc8i7bekqa_firmwarenuc_8_enthusiast_nuc8i7bekqanuc_8_home_nuc8i5behfanuc_8_home_nuc8i5bekpa_firmwarenuc_kit_nuc8i7beh_firmwarenuc_kit_nuc8i3behsnuc_kit_nuc8i3beknuc_kit_nuc8i5beh_firmwarenuc_8_enthusiast_nuc8i7behganuc_kit_nuc8i5beknuc_kit_nuc8i5behsnuc_kit_nuc8i3behnuc_kit_nuc8i3bek_firmwarenuc_kit_nuc8i5bek_firmwarenuc_8_home_nuc8i5bekpanuc_8_home_nuc8i3behfanuc_8_enthusiast_nuc8i7behga_firmwarenuc_8_home_nuc8i5behfa_firmwarenuc_kit_nuc8i3behs_firmwareIntel NUC BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-38570
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.07% / 21.56%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Access of memory location after end of buffer for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationApple Inc.Google LLCMicrosoft Corporation
Product-androidwindowsunison_softwareiphone_osIntel Unison software
CWE ID-CWE-788
Access of Memory Location After End of Buffer
CVE-2019-14601
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-17 Jan, 2020 | 17:35
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for Intel(R) RWC 3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-raid_web_console_3Intel(R) RWC 3 for Windows
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-38566
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 35.35%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-24 Oct, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) ISPC software before version 1.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-implicit_spmd_program_compilerIntel(R) ISPC softwareispc
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-14610
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.19% / 40.69%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:11
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc7i7dnke_firmwarenuc8i3cysmnuc7i5dnke_firmwarenuc6i5syh_firmwarestk2mv64cc_firmwarestk2m3w64ccd34010wybnuc7cjyhnuc_8_mainstream_game_kitstk2m3w64cc_firmwarenuc8i7hnknuc_8_mainstream_game_mini_computer_firmwarenuc6i5syhcd1iv128mknuc8i7bek_firmwarenuc7i3dnhenuc8i7hnk_firmwarecd1iv128mk_firmwarenuc6i7kykcd1m3128mk_firmwared34010wyb_firmwarecd1m3128mknuc7cjyh_firmwarecd1p64gknuc7i3dnhe_firmwarenuc_8_mainstream_game_mini_computerde3815tybe_firmwarenuc7i5dnkenuc6cayscd1p64gk_firmwarenuc_8_mainstream_game_kit_firmwarede3815tybenuc7i7dnkestk2mv64ccnuc6i7kyk_firmwarenuc6cays_firmwarenuc8i7beknuc8i3cysm_firmwareIntel(R) NUC(R)
CVE-2019-11111
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.24% / 47.24%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 19:04
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-graphics_drivercloud_backupsteelstore_cloud_integrated_storagesolidfire_baseboard_management_controller_firmwaresolidfire_baseboard_management_controllerdata_availability_services2019.2 IPU – Intel(R) Graphics Driver for Windows* and Linux
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-11181
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.41%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:38
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hpcr1304wftysrbbs2600bpbhns2600bpb24rhpcr2208wf0zsrr1304wftysrhpcr2208wftzsrr2208wftzsrr2208wf0zsrr1208wftysr1304wf0ysr2224wfqzshns2600bpqbbs2600stqhpcr2312wftzsrhns2600bpbrhpcr2224wftzsrhns2600bpblchpcr2208wftzsrxbbs2600stbr2208wf0zsr2208wftzshns2600bpsrr1208wftysrr2208wftzsrxbbs2600stbrhns2600bpbrxr2312wf0nphns2600bpblcrs2600stbr2224wftzsrr2208wfqzsrr2224wftzsbbs2600bpqrbbs2600stqrr2208wfqzsbbs2600bpshns2600bpshpcr2312wf0nprhns2600bpq24rhns2600bpb24hns2600bps24hns2600bpq24hns2600bpblc24r2312wfqzshpcr1208wftysrs9256wk1hlchpchns2600bpsrbbs2600bpsrr2312wf0nprs2600stbrs2600wftrhns2600bpbhpcr2208wfqzsrs9248wk2hlcr1304wftysbbs2600bpbrs9248wk2hachpcr1208wfqysrhns2600bpblc24rs2600wf0rs2600stqrs9232wk1hlcs2600stqs9232wk2hacr2308wftzss9248wk1hlcs2600wfqrhpcr2308wftzsrr1208wfqysrhpchns2600bpbrr2312wftzsrr2308wftzsrhpcr1304wf0ysrhpchns2600bpqrs2600wf0hns2600bps24rs9232wk2hlchns2600bpqrs2600wfqbbs2600bpqr1304wf0ysrbaseboard_management_controller_firmwares2600wfthns2600bpb24rxr2312wftzsIntel(R) BMC
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-11103
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.31%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwareIntel(R) CSME
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11097
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.25%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in the installer for Intel(R) Management Engine Consumer Driver for Windows before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45,13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trusted_execution_engine_firmwareIntel(R) Management Engine
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-36493
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 32.73%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-29 Oct, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) SDK for OpenCL(TM) Applications software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-software_development_kit_for_openclIntel(R) SDK for OpenCL(TM) Applications softwarefield_programmable_gate_array_software_development_kit_for_opencl
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-11112
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.24% / 47.49%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:41
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-graphics_drivercloud_backupdata_availability_servicessteelstore_cloud_integrated_storage2019.2 IPU – Intel(R) Graphics Driver for Windows* and Linux
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-11117
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.25%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for Intel(R) Omni-Path Fabric Manager GUI before version 10.9.2.1.1 may allow an authenticated user to potentially enable escalation of privilege via local attack.

Action-Not Available
Vendor-n/aIntel Corporation
Product-omni-path_fabric_manager_guiIntel(R) Omni-Path Fabric Manager GUI
CVE-2019-11156
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.07%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:54
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logic errors in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, denial of service, and information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wireless-ac_9461wireless-ac_9560wi-fi_6_ax201dual_band_wireless-ac_3165dual_band_wireless-ac_7265_\(rev_d\)dual_band_wireless-ac_8260wireless-ac_9260dual_band_wireless-ac_3168wireless_7265_\(rev_d\)wi-fi_6_ax200wireless-ac_9462dual_band_wireless-n_7265_\(rev_d\)dual_band_wireless-ac_8265proset\/wireless_wifiIntel(R) PROSet/Wireless WiFi Software Security
CVE-2023-34427
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 18.18%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-04 Oct, 2024 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Protection mechanism failure in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-realsense_450_fa_firmwarerealsense_450_faIntel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2023-35192
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.12% / 32.23%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) GPA Framework software before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzers_frameworkIntel(R) GPA Framework softwaregraphics_performance_analyzer
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-11120
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-11 Oct, 2019 | 17:56
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient path checking in the installer for Intel(R) Active System Console before version 8.0 Build 24 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-62x_chipsetactive_system_consoleActive System Console Advisory
CVE-2023-35060
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 35.35%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-29 Oct, 2024 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) Battery Life Diagnostic Tool software before version 2.3.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-battery_life_diagnostic_toolIntel(R) Battery Life Diagnostic Tool softwarebattery_life_diagnostic_tool
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-11145
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-19 Aug, 2019 | 16:12
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper file verification in Intel® Driver & Support Assistant before 19.7.30.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-driver_\&_support_assistantIntel(R) Driver & Support Assistant Advisory
CWE ID-CWE-275
Not Available
CVE-2019-11151
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 36.40%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:55
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable escalation of privilege, denial of service, and information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wireless-ac_9560wireless-n_7265wi-fi_6_ax201_firmwarewireless-ac_9461_firmwaredual_band_wireless-ac_8260_firmwaredual_band_wireless-ac_8265_firmwarewireless-ac_9260_firmwaredual_band_wireless-ac_7265wireless-ac_9462_firmwarewireless-ac_9560_firmwaredual_band_wireless-ac_7265_firmwarewi-fi_6_ax200wireless-ac_9462dual_band_wireless-n_7265wireless-ac_9461dual_band_wireless-ac_3168_firmwarewi-fi_6_ax200_firmwarewi-fi_6_ax201dual_band_wireless-ac_3165dual_band_wireless-ac_8260wireless-ac_9260dual_band_wireless-ac_3168dual_band_wireless-ac_3165_firmwaredual_band_wireless-n_7265_firmwaredual_band_wireless-ac_8265wireless-n_7265_firmwareIntel(R) WIFI Drivers and Intel(R) PROSet/Wireless WiFi Software extension DLL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34314
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 21.01%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel(R) Simics Simulator software before version 1.7.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-simics_simulatorIntel(R) Simics Simulator software
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-34355
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 24.80%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-17 Oct, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element for some Intel(R) Server Board M10JNP2SB integrated BMC video drivers before version 3.0 for Microsoft Windows and before version 1.13.4 for linux may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-integrated_bmc_video_driverserver_board_m10jnp2sbIntel(R) Server Board M10JNP2SB integrated BMC video driversintel_server_board_m10jnp2sb_integrated_bmc_video_drive
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-11147
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.30%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:07
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL-SA-00125 Detection Tool version 1.0.45.0 or before may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwaresa-00086_detection_tooltrusted_execution_engine_firmwareintel-sa-00125_detection_toolIntel(R) CSME
CVE-2019-11153
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 36.40%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:55
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption issues in Intel(R) PROSet/Wireless WiFi Software extension DLL before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and a denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wireless-ac_9461wireless-ac_9560proset\/wireless_wifiwi-fi_6_ax201dual_band_wireless-ac_3165dual_band_wireless-ac_7265_\(rev_d\)dual_band_wireless-ac_8260wireless-ac_9260dual_band_wireless-ac_3168wireless_7265_\(rev_d\)wi-fi_6_ax200wireless-ac_9462dual_band_wireless-ac_8265dual_band_wireless-n_7265_\(rev_d\)Intel(R) WIFI Drivers and Intel(R) PROSet/Wireless WiFi Software extension DLL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33867
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 10.20%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-03 Oct, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-realsense_450_fa_firmwarerealsense_450_faIntel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA
CWE ID-CWE-92
DEPRECATED: Improper Sanitization of Custom Special Characters
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-33878
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 27.59%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path transversal in some Intel(R) NUC P14E Laptop Element Audio Install Package software before version 156 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_p14e_laptop_element_cmcn1ccaudio_install_packageIntel(R) NUC P14E Laptop Element Audio Install Package softwareintel_nuc_p14e_laptop_element_audio_install_package_software
CWE ID-CWE-249
DEPRECATED: Often Misused: Path Manipulation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-32658
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.16% / 36.93%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted search path in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_7_business_nuc7i3dnktcnuc_7_business_nuc7i3dnhncnuc_7_business_nuc7i5dnkpunuc_kit_nuc7i5dnhenuc_kit_nuc7i3dnhenuc_kit_nuc7i5dnkenuc_kit_nuc7i7dnhehdmi_firmwarenuc_7_business_nuc7i5dnkpcnuc_kit_nuc7i3dnkenuc_kit_nuc7i7dnkeIntel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool softwareintel_nuc_kits_nuc7i3dn_nuc7i5dn_nuc7i7dn_hdmi_firmware_update_tool_software
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-32278
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.41%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path transversal in some Intel(R) NUC Uniwill Service Driver for Intel(R) NUC M15 Laptop Kits - LAPRC510 & LAPRC710 Uniwill Service Driver installation software before version 1.0.1.7 for Intel(R) NUC Software Studio may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_m15_laptop_kit_laprc510nuc_m15_laptop_kit_evo_laprc710nuc_m15_laptop_kit_evo_laprc510nuc_m15_laptop_kit_laprc710nuc_uniwill_service_driverIntel(R) NUC Uniwill Service Driver for Intel(R) NUC M15 Laptop Kits - LAPRC510 & LAPRC710 Uniwill Service Driver installation softwarenuc_uniwill_service_driver_for_intel_nuc_m15_laptop_kits_laprc510_and_laprc710_uniwill_service_driver_installation_software
CWE ID-CWE-249
DEPRECATED: Often Misused: Path Manipulation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-32655
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 27.59%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path transversal in some Intel(R) NUC Kits & Mini PCs - NUC8i7HVK & NUC8HNK USB Type C power delivery controller installatio software before version 1.0.10.3 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_8_business_nuc8i7hnkqcnuc_8_enthusiast_nuc8i7hvkvanuc_kit_nuc8i7hvknuc_8_enthusiast_nuc8i7hvkvawnuc_kit_nuc8i7hnkusb_type_c_power_delivery_controllerIntel(R) NUC Kits & Mini PCs - NUC8i7HVK & NUC8HNK USB Type C power delivery controller installatio softwarenuc_kits_and_mini_pcs_nuc8i7hvk_nuc8hnk_usb_type_c_powe_delivery_controller_installation_software
CWE ID-CWE-249
DEPRECATED: Often Misused: Path Manipulation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 14
  • 15
  • Next
Details not found