Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-25775

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-11 Aug, 2023 | 02:36
Updated At-13 Feb, 2025 | 16:44
Rejected At-
Credits

Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:11 Aug, 2023 | 02:36
Updated At:13 Feb, 2025 | 16:44
Rejected At:
▼CVE Numbering Authority (CNA)

Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Affected Products
Vendor
n/a
Product
Intel(R) Ethernet Controller RDMA driver for linux
Default Status
unaffected
Versions
Affected
  • before version 1.9.30
Problem Types
TypeCWE IDDescription
N/AN/Aescalation of privilege
CWECWE-284Improper access control
Type: N/A
CWE ID: N/A
Description: escalation of privilege
Type: CWE
CWE ID: CWE-284
Description: Improper access control
Metrics
VersionBase scoreBase severityVector
3.15.6MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Version: 3.1
Base score: 5.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00794.html
N/A
https://security.netapp.com/advisory/ntap-20230915-0013/
N/A
https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html
N/A
https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html
N/A
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00794.html
Resource: N/A
Hyperlink: https://security.netapp.com/advisory/ntap-20230915-0013/
Resource: N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html
Resource: N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html
Resource: N/A
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00794.html
x_transferred
https://security.netapp.com/advisory/ntap-20230915-0013/
x_transferred
https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html
x_transferred
https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html
x_transferred
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00794.html
Resource:
x_transferred
Hyperlink: https://security.netapp.com/advisory/ntap-20230915-0013/
Resource:
x_transferred
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html
Resource:
x_transferred
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:11 Aug, 2023 | 03:15
Updated At:11 Jan, 2024 | 21:15

Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary3.15.6MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 5.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CPE Matches
Intel Corporation
intel
>>ethernet_controller_rdma_driver_for_linux>>Versions before 1.9.30(exclusive)
cpe:2.3:a:intel:ethernet_controller_rdma_driver_for_linux:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE-284Secondarysecure@intel.com
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-284
Type: Secondary
Source: secure@intel.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00794.htmlsecure@intel.com
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2024/01/msg00004.htmlsecure@intel.com
N/A
https://lists.debian.org/debian-lts-announce/2024/01/msg00005.htmlsecure@intel.com
N/A
https://security.netapp.com/advisory/ntap-20230915-0013/secure@intel.com
N/A
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00794.html
Source: secure@intel.com
Resource:
Vendor Advisory
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html
Source: secure@intel.com
Resource: N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html
Source: secure@intel.com
Resource: N/A
Hyperlink: https://security.netapp.com/advisory/ntap-20230915-0013/
Source: secure@intel.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

443Records found
CVE-2021-33833
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 36.79%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 17:44
Updated-03 Aug, 2024 | 23:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA).

Action-Not Available
Vendor-n/aIntel CorporationDebian GNU/Linux
Product-debian_linuxconnection_managern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-4324
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.09% / 26.15%
||
7 Day CHG~0.00%
Published-15 Aug, 2023 | 18:25
Updated-08 Oct, 2024 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers

Action-Not Available
Vendor-Intel CorporationBroadcom Inc.
Product-raid_controller_web_interfaceLSI Storage Authority (LSA)RAID Web Console 3 (RWC3)raid_web_console_3lsi_storage_authority
CVE-2023-4329
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.09% / 26.15%
||
7 Day CHG~0.00%
Published-15 Aug, 2023 | 18:25
Updated-08 Oct, 2024 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute

Action-Not Available
Vendor-Intel CorporationBroadcom Inc.
Product-raid_controller_web_interfaceLSI Storage Authority (LSA)RAID Web Console 3 (RWC3)raid_web_console_3lsi_storage_authority
CVE-2023-4325
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.09% / 26.15%
||
7 Day CHG~0.00%
Published-15 Aug, 2023 | 18:25
Updated-08 Oct, 2024 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities

Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities

Action-Not Available
Vendor-Intel CorporationBroadcom Inc.
Product-raid_controller_web_interfaceLSI Storage Authority (LSA)RAID Web Console 3 (RWC3)raid_web_console_3lsi_storage_authority
CVE-2022-33964
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.4||HIGH
EPSS-0.14% / 34.52%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_usage_reportIntel(R) SUR software
CWE ID-CWE-20
Improper Input Validation
CVE-2020-8752
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.73% / 71.80%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:05
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow an unauthenticated user to potentially enable escalation of privileges via network access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-cloud_backupactive_management_technology_firmwarestandard_manageabilityIntel(R) AMT, Intel(R) ISM versions
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-5689
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-94.30% / 99.94%
||
7 Day CHG~0.00%
Published-02 May, 2017 | 14:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-07-28||Apply updates per vendor instructions.

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).

Action-Not Available
Vendor-Siemens AGHewlett Packard Enterprise (HPE)Intel Corporation
Product-simatic_ipc627dsimatic_pcs_7_ipc647csimatic_ipc827d_firmwaresimatic_pcs_7_ipc677c_firmwaresimotion_p320-4_sproliant_ml10_gen9_server_firmwaresimatic_ipc827csimatic_ipc547gsimatic_ipc477d_firmwaresimatic_field_pg_m4_firmwaresimatic_pcs_7_ipc647c_firmwaresimatic_pcs_7_ipc847csimatic_pcs_7_ipc677csimatic_itp1000_firmwaresimatic_ipc847c_firmwaresimatic_ipc647c_firmwaresimatic_ipc427dsimatic_pcs_7_ipc477d_firmwaresimatic_pcs_7_ipc547g_firmwaresinumerik_pcu_50.5-psimatic_pcs_7_ipc847dsimatic_ipc647d_firmwaresimatic_pcs_7_ipc627c_firmwaresimatic_ipc477dsimatic_ipc547g_firmwaresinumerik_pcu50.5-p_firmwaresimatic_ipc477e_firmwaresimatic_pcs_7_ipc427e_firmwaresimatic_pcs_7_ipc627csimatic_ipc647dproliant_ml10_gen9_serversimatic_pcs_7_ipc547d_firmwaresimatic_ipc477esimotion_p320-4_s_firmwaresimatic_ipc547esimatic_field_pg_m3_firmwaresimatic_pcs_7_ipc547e_firmwaresimatic_ipc427esimatic_pcs_7_ipc427esimatic_ipc677csimatic_pcs_7_ipc647dsimatic_pcs_7_ipc847c_firmwareactive_management_technology_firmwaresimatic_pcs_7_ipc647d_firmwaresimatic_ipc427e_firmwaresimatic_ipc547e_firmwaresimatic_ipc827dsimatic_ipc547d_firmwaresimatic_ipc847csimatic_field_pg_m5simatic_ipc647csimatic_ipc547dsimatic_ipc627d_firmwaresimatic_pcs_7_ipc547gsimatic_field_pg_m3simatic_ipc677c_firmwaresimatic_ipc847dsimatic_ipc627csimatic_field_pg_m4simatic_pcs_7_ipc547esimatic_ipc677dsimatic_pcs_7_ipc477dsimatic_ipc627c_firmwaresimatic_pcs_7_ipc547dsimatic_pcs_7_ipc847d_firmwaresimatic_itp1000simatic_field_pg_m5_firmwaresimatic_ipc427d_firmwaresimatic_ipc847d_firmwaresimatic_ipc677d_firmwaresimatic_ipc827c_firmwareIntel Active Mangement Technology, Intel Small Business Technology, Intel Standard ManageabilityActive Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-31273
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-10||CRITICAL
EPSS-0.36% / 57.74%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 15:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Protection mechanism failure in some Intel DCM software before version 5.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managerIntel DCM software
CWE ID-CWE-693
Protection Mechanism Failure
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-30601
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.46% / 80.03%
||
7 Day CHG+0.80%
Published-18 Aug, 2022 | 00:00
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable information disclosure and escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwarestandard_manageabilityIntel(R) AMT and Intel(R) Standard Manageability
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-29486
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.29% / 51.71%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in the Hyperscan library maintained by Intel(R) all versions downloaded before 04/29/2022 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hyperscanHyperscan library maintained by Intel(R)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-29514
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.7||HIGH
EPSS-0.57% / 67.61%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_usage_reportIntel(R) SUR software
CVE-2020-5955
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.73% / 71.66%
||
7 Day CHG~0.00%
Published-03 Nov, 2021 | 00:19
Updated-04 Aug, 2024 | 08:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Int15MicrocodeSmm in Insyde InsydeH2O before 2021-10-14 on Intel client chipsets. A caller may be able to escalate privileges.

Action-Not Available
Vendor-n/aIntel CorporationInsyde Software Corp. (ISC)
Product-comet_laketiger_lakegreenlowcomet_lake_rvpmehlowskylake_mrdmehlow-rskylakeinsydeh2o_uefi_bioswhiskey_lakegreenlow-rwhiskey_lake_rvppurley-ep_refresh_neon_cityelkhart_lakecoffee_lakeice_lakecannon_lakekaby_lakegrantley-epwhitley-spkaby_lake_mrdn/a
CVE-2022-26845
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.7||HIGH
EPSS-0.26% / 49.06%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-287
Improper Authentication
CVE-2022-25899
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.31% / 78.93%
||
7 Day CHG+0.48%
Published-18 Aug, 2022 | 19:58
Updated-25 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Authentication bypass for the Open AMT Cloud Toolkit software maintained by Intel(R) before versions 2.0.2 and 2.2.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-open_active_management_technology_cloud_toolkitIntel(R)
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-26843
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.3||HIGH
EPSS-0.54% / 66.54%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient visual distinction of homoglyphs presented to user in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.1 for Intel(R) oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_dpc\+\+\/c\+\+_compileroneapi_toolkitsIntel(R) oneAPI DPC++/C++ Compiler
CVE-2022-25987
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.3||HIGH
EPSS-0.60% / 68.32%
||
7 Day CHG+0.11%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper handling of Unicode encoding in source code to be compiled by the Intel(R) C++ Compiler Classic before version 2021.6 for Intel(R) oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_toolkitsc\+\+_compiler_classicIntel(R) C++ Compiler Classic
CVE-2023-39281
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.23% / 45.89%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 00:00
Updated-06 Sep, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.

Action-Not Available
Vendor-n/aIntel CorporationInsyde Software Corp. (ISC)Advanced Micro Devices, Inc.
Product-celeron_7305lryzen_7_7645hxcore_i7-1280pcore_i7-12650hxcore_i5-12600tcore_i7-12700hcore_i5-13600kryzen_7_pro_7730ucore_i7_14700kcore_i3-1210uvan_gogh_0405core_i7-13700kfryzen_5_5600hsryzen_3_5300gecore_i3-13300hrecore_i7-1260uryzen_7_5825uryzen_9_7940hxv3c44core_i5-12450hryzen_9_7950xryzen_5_7540ucore_i7-1370pcore_i5-12500tcore_i7-1260pcore_i9-13900ecore_i5-1345urecore_i5-1335ucore_i5-12500hcore_i3-1220pryzen_7_7700xcore_i7-13800hcore_i5-1345ucore_i5-13500hryzen_7_5700gcore_i7-1270pn50core_i5_14600kryzen_9_6900hxryzen_z1_extremeryzen_7_7840hxcore_i5-12600hcore_i7-12700hlcore_i3-13300hecore_i7-12800hxryzen_5_7640hcore_i7-13700hm770core_i7-12700kryzen_5_5500core_i9-12900fryzen_3_5400ub760core_i7-1255ulceleron_g6900core_i5-12400core_i3-12100tryzen_7_7735ucore_i3-12300hln97ryzen_9_pro_7945core_i9-13900hkcore_i9-12900hkryzen_7_7745hxryzen_7_5700core_i5-1240pcore_i5-12500core_i7-13650hxcore_i7-13850hxryzen_5_7535ucore_i9-14900kcore_i5-1345uecore_i7_14700kfcore_i3-13100teryzen_9_7845hxryzen_7_6800hscore_i5-1245ulcore_i5-13600hxryzen_7_7736ucore_i9-13900kfcore_i5-13500tecore_i5-13400eryzen_5_5600ucore_i7-12700core_i5-13600core_i5_14600kfryzen_9_7645hx3dryzen_5_5600gecore_i9-13950hxpentium_gold_g7400tathlon_gold_7220ucore_i5-13400tcore_i3-12100fcore_i9-13900tceleron_7305core_i5-12400tcore_i3-1320peryzen_5_7535hscore_i7-13700hcore_i9-12950hxcore_i9-12900ksinsydeh2ocore_i5-1340peryzen_3_5425ucore_i7-1370precore_i7-13700tcore_i9-13980hxcore_i5-13420hcore_i7-1360pcore_i9-12900tryzen_3_7440uryzen3_5300ucore_i3-n300ryzen_7_5800ucore_i7-12650hcore_i3-1215ucore_i9-13900ksryzen_5_pro_7645core_i7-1355ucore_i3-12100v314core_i5-12500hlryzen_7_5800hcore_i7-12700fatom_x7211ecore_i5-13600hecore_i9-12900core_i7-1375precore_i5-13500tc262ryzen_7_5700ucore_i7-13700ecore_i5-12600hlcore_i5-1340pryzen_7_6800hcore_i5-13505hpentium_gold_g7400core_i9-13900core_i3-1315ucore_i9-13900hryzen_7_7840uryzen_3_pro_7330uryzen_7_5800hscore_i7-1250uryzen_5_5500hcore_i7-12800hlcore_i7-13800hrecore_i9-12900kryzen_z1core_i3-13100fcore_i5-1350peryzen_5_6600hcore_i9-13900fryzen_9_6980hxpentium_8500core_i3-13100tz790core_i5-1350preryzen_9_7940hryzen_5_5560ucore_i7-13620hcore_i3-1215ulcore_i7-1265ulcore_i7-1366urecore_i3-13100eryzen_9_7900xn200core_i7-1265uryzen_5_6600hsceleron_g6900tcore_i7-13700ten100ryzen_7_7840hryzen_9_5900hscore_i5-13400ryzen_5_7640ucore_i9-13900teryzen_9_5980hscore_i7-1365urecore_i5-13600kfryzen_5_7600ryzen_9_6900hspentium_8505core_i7-13700kcore_i7-1255ucore_i5-12600core_i3-1315uen95core_i7-1370peryzen_3_5300gh770ryzen_3_7320uryzen_5_pro_7530uryzen_7_pro_7745ryzen_5_7520uryzen_5_5500ucore_i3-13100core_i5-12400fcore_i5-12490fcore_i5-13500eryzen_7_7800x3dcore_i5-13600tryzen_5_pro_7640hscore_i7-13705hv3c16core_i5-1245uryzen_5_5600hcore_i7-12700tryzen_7_6800uryzen_9_7945hxcore_i3-12300ryzen_5_5600gcore_i5-1235ulryzen_7_7735hsryzen_9_7900x3dcore_i7-13700hxcore_i5-12600kcore_i3-1320precore_i5-1335uev3c48ryzen_5_7600xathlon_silver_7120uryzen_5_6600uryzen_5_5625ucore_i9-13900kcore_i3-12300tryzen_7_5700gecore_i7-1365uecore_i7-12700kfryzen_3_5125ccore_i9-12900kfcore_i9-13900hxcore_i3-1305ucore_i3-1315ureatom_x7213ecore_i9-12900hcore_i5-13500core_i9-14900kfryzen_3_7335uryzen_7_pro_7840hscore_i5-12450hxryzen_5_7545ucore_i5-1235ucore_i5-13400fu300eatom_x7425ecore_i5-13500hxcore_i5-1240uryzen_5_7500fceleron_7300ryzen_9_pro_7940hscore_i7-1365ucore_i7-12800hwm790core_i5-12600kfu300core_i7-13800hev3c18ryzen_9_5900hxcore_i9-13905hc266core_i7-12850hxcore_i5-1350pryzen_9_7950x3dcore_i7-13700fryzen_7_7700core_i5-12600hxcore_i5-13600hryzen_3_5100core_i3-n305ryzen_9_7900core_i5-13600hrecore_i9-12900hxcore_i5-1250pcore_i5-1230ucore_i5-13450hxcore_i5-1334uryzen_9_6980hsryzen_9_7940hsn/ainsydeh20
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-12338
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.81% / 82.06%
||
7 Day CHG~0.00%
Published-13 Nov, 2020 | 20:00
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient control flow management in the Open WebRTC Toolkit before version 4.3.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-open_webrtc_toolkitOpen WebRTC Toolkit
CVE-2020-11483
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.35%
||
7 Day CHG~0.00%
Published-29 Oct, 2020 | 03:35
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or information disclosure.

Action-Not Available
Vendor-NVIDIA CorporationIntel Corporation
Product-bmc_firmwaredgx-1dgx-2NVIDIA DGX Servers
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2022-22730
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 60.14%
||
7 Day CHG-0.05%
Published-18 Aug, 2022 | 19:44
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-edge_insights_for_industrialIntel(R) Edge Insights for Industrial software
CWE ID-CWE-287
Improper Authentication
CVE-2020-11486
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.13% / 83.45%
||
7 Day CHG~0.00%
Published-29 Oct, 2020 | 03:35
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product's environment, which may lead to remote code execution.

Action-Not Available
Vendor-NVIDIA CorporationIntel Corporation
Product-bmc_firmwaredgx-1NVIDIA DGX Servers
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-12315
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.49% / 80.28%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:14
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path traversal in the Intel(R) EMA before version 1.3.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-endpoint_management_assistantIntel(R) EMA
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2020-0595
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.78% / 85.48%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 13:56
Updated-04 Aug, 2024 | 06:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-service_manageractive_management_technology_firmwareIntel(R) AMT and Intel(R) ISM
CWE ID-CWE-416
Use After Free
CVE-2019-11131
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.59% / 68.11%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logic issue in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) AMT
CVE-2019-11171
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.55% / 66.94%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:36
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hpcr1304wftysrbbs2600bpbhns2600bpb24rhpcr2208wf0zsrr1304wftysrhpcr2208wftzsrr2208wftzsrr2208wf0zsrr1208wftysr1304wf0ysr2224wfqzshns2600bpqbbs2600stqhpcr2312wftzsrhns2600bpbrhpcr2224wftzsrhns2600bpblchpcr2208wftzsrxbbs2600stbr2208wf0zsr2208wftzshns2600bpsrr1208wftysrr2208wftzsrxbbs2600stbrhns2600bpbrxr2312wf0nphns2600bpblcrs2600stbr2224wftzsrr2208wfqzsrr2224wftzsbbs2600bpqrbbs2600stqrr2208wfqzsbbs2600bpshns2600bpshpcr2312wf0nprhns2600bpq24rhns2600bpb24hns2600bps24hns2600bpq24hns2600bpblc24r2312wfqzshpcr1208wftysrs9256wk1hlchpchns2600bpsrbbs2600bpsrr2312wf0nprs2600stbrs2600wftrhns2600bpbhpcr2208wfqzsrs9248wk2hlcr1304wftysbbs2600bpbrs9248wk2hachpcr1208wfqysrhns2600bpblc24rs2600wf0rs2600stqrs9232wk1hlcs2600stqs9232wk2hacr2308wftzss9248wk1hlcs2600wfqrhpcr2308wftzsrr1208wfqysrhpchns2600bpbrr2312wftzsrr2308wftzsrhpcr1304wf0ysrhpchns2600bpqrs2600wf0hns2600bps24rs9232wk2hlchns2600bpqrs2600wfqbbs2600bpqr1304wf0ysrbaseboard_management_controller_firmwares2600wfthns2600bpb24rxr2312wftzsIntel(R) BMC
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-11119
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.50% / 65.06%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient session validation in the service API for Intel(R) RWC3 version 4.186 and before may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-raid_web_console_3Intel(R) RAID Web Console 3 for Windows*
CVE-2019-11107
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 62.96%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:09
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-20
Improper Input Validation
CVE-2020-8758
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.59% / 80.90%
||
7 Day CHG+0.28%
Published-10 Sep, 2020 | 14:22
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned systems, an authenticated user may potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-active_management_technology_firmwarestandard_manageabilitysteelstore_cloud_integrated_storageIntel(R) AMT and Intel(R) ISM
CVE-2022-32292
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.71% / 81.60%
||
7 Day CHG+0.23%
Published-03 Aug, 2022 | 00:00
Updated-03 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.

Action-Not Available
Vendor-n/aIntel CorporationDebian GNU/Linux
Product-connmandebian_linuxn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-12865
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.76% / 87.57%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable.

Action-Not Available
Vendor-n/aDebian GNU/LinuxIntel Corporation
Product-debian_linuxconnmann/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-0594
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.78% / 85.48%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 13:55
Updated-04 Aug, 2024 | 06:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-service_manageractive_management_technology_firmwareIntel(R) AMT and Intel(R) ISM
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-28050
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.02% / 4.27%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-06 Sep, 2024 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.4824 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-arc_a_graphicsiris_xe_graphicsIntel(R) Arc(TM) & Iris(R) Xe Graphics software
CWE ID-CWE-284
Improper Access Control
CVE-2024-26022
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.5||HIGH
EPSS-0.03% / 7.23%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-06 Sep, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) UEFI Integrator Tools on Aptio V for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-aptio_v_uefi_firmware_integrator_toolsIntel(R) UEFI Integrator Tools on Aptio V for Intel(R) NUCuefi_integrator_tools_on_aptio_v_for_intel_nuc_lnxuefi_integrator_tools_on_aptio_v_for_intel_nuc_win
CWE ID-CWE-284
Improper Access Control
CVE-2024-24986
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-9.3||CRITICAL
EPSS-0.03% / 7.23%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-06 Sep, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_800_series_controllers_driverIntel(R) Ethernet Network Controllers and Adaptersethernet_complete_driver_pack
CWE ID-CWE-284
Improper Access Control
CVE-2024-25576
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.5||HIGH
EPSS-0.03% / 8.03%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-06 Sep, 2024 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

improper access control in firmware for some Intel(R) FPGA products before version 24.1 may allow a privileged user to enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-agilex_7_fpga_firmwareIntel(R) FPGA productsagilex_7_fpga_f-series_019_firmware
CWE ID-CWE-284
Improper Access Control
CVE-2023-26596
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-2.5||LOW
EPSS-0.04% / 11.12%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:37
Updated-10 Oct, 2024 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-thunderbolt_dch_driverIntel(R) Thunderbolt(TM) DCH drivers for Windows
CWE ID-CWE-284
Improper Access Control
CVE-2023-45217
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.06% / 19.44%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-02 Aug, 2024 | 20:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) Power Gadget software for Windowspower_gadget_software
CWE ID-CWE-1220
Insufficient Granularity of Access Control
CWE ID-CWE-284
Improper Access Control
CVE-2023-43748
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.64%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) GPA Framework software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzers_frameworkIntel(R) GPA Framework software installersgraphics_performance_analyzer
CWE ID-CWE-284
Improper Access Control
CVE-2023-43626
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.7||HIGH
EPSS-0.02% / 4.65%
||
7 Day CHG~0.00%
Published-16 Sep, 2024 | 16:38
Updated-16 Sep, 2024 | 21:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-UEFI firmware for some Intel(R) Processorsatom_c5325_firmware
CWE ID-CWE-284
Improper Access Control
CVE-2023-39433
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 8.45%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-02 Aug, 2024 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control for some Intel(R) CST software before version 2.1.10300 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) CST softwarecontext_sensing_technology
CWE ID-CWE-284
Improper Access Control
CVE-2023-39228
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.11% / 29.68%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control for some Intel Unison software may allow an unauthenticated user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel CorporationApple Inc.Google LLCMicrosoft Corporation
Product-androidwindowsunison_softwareiphone_osIntel Unison software
CWE ID-CWE-284
Improper Access Control
CVE-2023-40070
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.06% / 19.44%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-02 Aug, 2024 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) Power Gadget software for macOS all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) Power Gadget software for macOSpower_gadget_software
CWE ID-CWE-1220
Insufficient Granularity of Access Control
CWE ID-CWE-284
Improper Access Control
CVE-2023-40071
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.07% / 21.47%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzersIntel(R) GPA software installers
CWE ID-CWE-284
Improper Access Control
CVE-2023-40161
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.6||MEDIUM
EPSS-0.06% / 19.59%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-23 Oct, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel Unite(R) Client software before version 4.2.35041 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-uniteIntel Unite(R) Client software
CWE ID-CWE-284
Improper Access Control
CVE-2023-35121
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.22%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-02 Aug, 2024 | 16:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) oneAPI DPC++/C++ Compiler softwareoneapi_base_toolkitoneapi_ai_analytics_toolkitoneapi_hpc_toolkitinspectoroneapi_deep_neural_networkoneapi_iot_toolkitadvisor
CWE ID-CWE-284
Improper Access Control
CVE-2022-45112
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.05% / 15.04%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-10 Oct, 2024 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) VROC software before version 8.0.0.4035 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-virtual_raid_on_cpuIntel(R) VROC software
CWE ID-CWE-284
Improper Access Control
CVE-2022-41659
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-1.9||LOW
EPSS-0.04% / 9.65%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-03 Aug, 2024 | 12:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-unisonIntel Unison software
CWE ID-CWE-284
Improper Access Control
CVE-2022-41784
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.09% / 27.11%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may allow an authenticated user to potentially enable escalation of privilege via local access

Action-Not Available
Vendor-n/aIntel Corporation
Product-one_boot_flash_updateIntel(R) OFU software
CWE ID-CWE-284
Improper Access Control
CVE-2022-41621
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-3.3||LOW
EPSS-0.07% / 20.59%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT drivers for Windows
CWE ID-CWE-284
Improper Access Control
CVE-2022-40964
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.9||HIGH
EPSS-0.03% / 5.94%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:36
Updated-13 Feb, 2025 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationDebian GNU/LinuxFedora Project
Product-wireless-ac_9560killer_wireless-ac_1550i\/skillerwi-fi_6e_ax211wi-fi_6e_ax210wireless-ac_9462killer_wi-fi_6e_ax1675x\/wuefi_firmwarewireless-ac_9461killer_wi-fi_6e_ax1675i\/sdebian_linuxkiller_wi-fi_6_ax1650i\/sfedorawi-fi_6_ax201killer_wi-fi_6e_ax1690i\/swi-fi_6e_ax411proset\/wireless_wifiIntel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software
CWE ID-CWE-284
Improper Access Control
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 8
  • 9
  • Next
Details not found