Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-32656

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-11 Aug, 2023 | 02:37
Updated At-04 Oct, 2024 | 13:05
Rejected At-
Credits

Improper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:11 Aug, 2023 | 02:37
Updated At:04 Oct, 2024 | 13:05
Rejected At:
▼CVE Numbering Authority (CNA)

Improper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Products
Vendor
n/a
Product
Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA
Default Status
unaffected
Versions
Affected
  • version 0.25.0
Problem Types
TypeCWE IDDescription
N/AN/Aescalation of privilege
CWECWE-92Improper buffer restrictions
Type: N/A
CWE ID: N/A
Description: escalation of privilege
Type: CWE
CWE ID: CWE-92
Description: Improper buffer restrictions
Metrics
VersionBase scoreBase severityVector
3.15.3MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00912.html
N/A
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00912.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00912.html
x_transferred
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00912.html
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:11 Aug, 2023 | 03:15
Updated At:07 Nov, 2023 | 04:14

Improper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.15.3MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CPE Matches
Intel Corporation
intel
>>realsense_450_fa_firmware>>Versions up to 0.25.0(inclusive)
cpe:2.3:o:intel:realsense_450_fa_firmware:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>realsense_450_fa>>-
cpe:2.3:h:intel:realsense_450_fa:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE-92Secondarysecure@intel.com
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-92
Type: Secondary
Source: secure@intel.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00912.htmlsecure@intel.com
Vendor Advisory
Hyperlink: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00912.html
Source: secure@intel.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

824Records found
CVE-2024-28887
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 6.68%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-12 Sep, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) IPP software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-integrated_performance_primitivesoneapi_base_toolkitIntel(R) IPP softwareipp_software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-28046
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 6.68%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-06 Sep, 2024 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) GPA software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzersIntel(R) GPA softwaregraphics_performance_analyzer
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-35003
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 26.58%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-28 Oct, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path transversal in some Intel(R) VROC software before version 8.0.8.1001 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-virtual_raid_on_cpuIntel(R) VROC softwarevroc_software
CWE ID-CWE-249
DEPRECATED: Often Misused: Path Manipulation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-26027
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 6.68%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-06 Sep, 2024 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) Simics Package Manager software before version 1.8.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-simics_package_managerIntel(R) Simics Package Manager softwaresimics_package_manager
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-26025
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.02% / 3.67%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-06 Sep, 2024 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions for some Intel(R) Advisor software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_base_toolkitadvisorIntel(R) Advisor softwareadvisor
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-21861
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 30.55%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) GPA Framework software before version 2023.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzers_frameworkIntel(R) GPA Framework softwaregraphics_performance_analyzer
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-26022
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.5||HIGH
EPSS-0.03% / 7.29%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-06 Sep, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) UEFI Integrator Tools on Aptio V for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-aptio_v_uefi_firmware_integrator_toolsIntel(R) UEFI Integrator Tools on Aptio V for Intel(R) NUCuefi_integrator_tools_on_aptio_v_for_intel_nuc_lnxuefi_integrator_tools_on_aptio_v_for_intel_nuc_win
CWE ID-CWE-284
Improper Access Control
CVE-2024-24977
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.02% / 4.62%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-12 Sep, 2024 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) License Manager for FLEXlm product software before version 11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-license_manager_for_fleximIntel(R) License Manager for FLEXlm product softwarelicense_manager_for_flexlm_product_software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-23907
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 6.68%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-06 Sep, 2024 | 20:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-high_level_synthesis_compileroneapi_dpc\+\+\/c\+\+_compilerquartus_primeIntel(R) High Level Synthesis Compiler softwarehigh_level_synthesis_compiler_software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-23909
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 6.68%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-06 Sep, 2024 | 20:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) FPGA SDK for OpenCL(TM) software technology may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-field_programmable_gate_array_software_development_kit_for_openclIntel(R) FPGA SDK for OpenCL(TM) software technologyfield_programmable_gate_array_software_development_kit_for_opencl
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-23908
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.02% / 3.67%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-12 Sep, 2024 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before version v11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-flexlm_license_daemons_for_intel_fpgaFlexlm License Daemons for Intel(R) FPGA softwarefpga_add-on
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-23495
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.02% / 3.67%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-31 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_base_toolkitdistribution_for_gdbIntel(R) Distribution for GDB softwaredistribution_for_gdb_software
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-21835
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.12%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-01 Aug, 2024 | 22:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-extreme_tuning_utilityIntel(R) XTU softwareextreme_tuning_utility
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-22184
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 6.68%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-04 Feb, 2025 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition Design Software before version 24.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus(R) Prime Pro Edition Design Softwarequartus_prime_pro
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24525
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.84%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:16
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_board_h27002-404nuc_8_mainstream-g_kit_nuc8i7inhnuc_8_pro_kit_nuc8i3pnknuc_8_pro_board_nuc8i3pnbnuc_8_pro_kit_nuc8i3pnhnuc_kit_h26998-402nuc_board_h27002-400nuc_8_mainstream-g_mini_pc_nuc8i7inhnuc_board_nuc8cchbnuc_8_pro_mini_pc_nuc8i3pnknuc_kit_h26998-405_firmwarenuc_8_mainstream-g_kit_nuc8i7inh_firmwarenuc_8_mainstream-g_mini_pc_nuc8i5inhnuc_kit_h26998-500_firmwarenuc_kit_h26998-402_firmwarenuc_8_pro_board_nuc8i3pnb_firmwarenuc_8_rugged_kit_nuc8cchkrnuc_board_h27002-404_firmwarenuc_8_mainstream-g_kit_nuc8i5inh_firmwarenuc_8_mainstream-g_kit_nuc8i5inhnuc_board_nuc8cchb_firmwarenuc_kit_h26998-500nuc_kit_h26998-404nuc_board_h27002-500_firmwarenuc_8_rugged_kit_nuc8cchkr_firmwarenuc_board_h27002-400_firmwarenuc_board_h27002-402_firmwarenuc_kit_h26998-403_firmwarenuc_kit_h26998-403nuc_board_h27002-402nuc_kit_h26998-401nuc_kit_h26998-405nuc_8_pro_mini_pc_nuc8i3pnk_firmwarenuc_8_mainstream-g_mini_pc_nuc8i5inh_firmwarenuc_board_h27002-401_firmwarenuc_8_pro_kit_nuc8i3pnh_firmwarenuc_board_h27002-401nuc_kit_h26998-401_firmwarenuc_board_h27002-500nuc_9_pro_kit_nuc9v7qnxnuc_9_pro_kit_nuc9vxqnx_firmwarenuc_9_pro_kit_nuc9vxqnxnuc_9_pro_kit_nuc9v7qnx_firmwarenuc_8_mainstream-g_mini_pc_nuc8i7inh_firmwarenuc_8_pro_kit_nuc8i3pnk_firmwarenuc_kit_h26998-404_firmwareIntel(R) NUCs
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-24453
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.87%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:46
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) EPID SDK before version 8, may allow an authenticated user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-epid_software_development_kitIntel(R) EPID SDK
CWE ID-CWE-20
Improper Input Validation
CVE-2024-21831
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.25% / 47.86%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-27 Aug, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) Processor Diagnostic Tool software before version 4.1.9.41 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-processor_diagnostic_toolIntel(R) Processor Diagnostic Tool softwareprocessor_diagnostic_tool
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24450
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.87%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:47
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper conditions check in some Intel(R) Graphics Drivers before versions 26.20.100.8141, 15.45.32.5145 and 15.40.46.5144 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) Graphics Drivers
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2024-21784
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 6.23%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 13:45
Updated-27 Aug, 2025 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) IPP Cryptography software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-integrated_performance_primitives_cryptographyoneapi_base_toolkitIntel(R) IPP Cryptography softwareipp_cryptography
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-21788
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 16.52%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) GPA software before version 2023.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzersIntel(R) GPA softwaregraphics_performance_analyzer
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-21772
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 7.79%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-27 Aug, 2025 | 16:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) Advisor software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_base_toolkitadvisorIntel(R) Advisor softwareoneapi_base_toolkitadvisor
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24462
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.87%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:49
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds write in the Intel(R) Graphics Driver before version 15.33.53.5161, 15.36.40.5162, 15.40.47.5166, 15.45.33.5164 and 27.20.100.8336 may allow an authenticated user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) Graphics Driver
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-24456
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.84%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:56
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the Intel(R) Board ID Tool version v.1.01 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-board_id_toolIntel(R) Board ID Tool
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-33878
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 27.58%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path transversal in some Intel(R) NUC P14E Laptop Element Audio Install Package software before version 156 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_p14e_laptop_element_cmcn1ccaudio_install_packageIntel(R) NUC P14E Laptop Element Audio Install Package softwareintel_nuc_p14e_laptop_element_audio_install_package_software
CWE ID-CWE-249
DEPRECATED: Often Misused: Path Manipulation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2020-24481
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.29%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:45
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions for the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartusIntel(R) Quartus Prime Pro and Standard edition software
CVE-2020-24473
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.87%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:01
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds write in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_system_r2312wfqzsserver_system_r1304wftysserver_board_s2600bpsserver_board_s2600bpqrserver_system_r2208wf0zsserver_board_s2600wftcompute_module_hns2600bpb24rserver_system_r2312wftzsrserver_system_r1208wftysserver_board_s2600bpbserver_board_s2600stqrserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r2308wftzsrserver_board_s2600bpqcompute_module_hns2600bps24rserver_system_r1304wftysrserver_board_s2600stbserver_board_s2600wfqserver_system_r2208wfqzsrserver_board_s2600bpsrcompute_module_hns2600bpsrserver_system_r2312wf0npserver_system_r2312wf0nprserver_system_r2224wfqzsserver_board_s2600stbrserver_system_r1208wfqysrserver_system_r2312wftzsserver_board_s2600wfqrserver_board_s2600stqserver_system_r2224wftzscompute_module_hns2600bpqrserver_system_r2208wf0zsrcompute_module_hns2600bpbrserver_system_r2308wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_r2208wftzsrserver_system_r1208wftysrserver_system_r2208wftzsserver_board_s2600bpbrcompute_module_hns2600bpq24rserver_system_r2224wftzsrbaseboard_management_controller_firmwareserver_board_s2600wftrserver_board_s2600wf0Intel(R) Server Boards, Server Systems and Compute Modules
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33870
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 15.29%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-25 Oct, 2024 | 13:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel(R) Ethernet tools and driver install software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-administrative_tools_for_intel_network_adaptersethernet_connections_boot_utility\,_preboot_images\,_and_efi_driversIntel(R) Ethernet tools and driver install software
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-38056
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-3.8||LOW
EPSS-0.04% / 9.60%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper neutralization in the Intel(R) EMA software before version 1.8.1.0 may allow a privileged user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-endpoint_management_assistantIntel(R) EMA software
CVE-2022-36377
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.48%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:49
Updated-05 Feb, 2025 | 14:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel(R) Wireless Adapter Driver installation software for Intel(R) NUC Kits & Mini PCs before version 22.190.0.3 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc6caysnuc_kit_nuc5ppyhnuc_kit_nuc5pgyhnuc_8_rugged_kit_nuc8cchkrnuc_kit_wireless_adapter_driver_installernuc_board_nuc8cchbnuc_kit_nuc6cayhIntel(R) Wireless Adapter Driver installation software for Intel(R) NUC Kits & Mini PCs
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-36370
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.06% / 17.27%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_board_nuc5i3mybe_firmwarenuc_kit_nuc5i3myhenuc_board_nuc5i3mybenuc_kit_nuc5i3myhe_firmwareIntel(R) NUC Boards and Intel(R) NUC Kits
CWE ID-CWE-287
Improper Authentication
CVE-2022-36391
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 15.84%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_pro_software_suiteIntel(R) NUC Pro Software Suite
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-36339
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 15.09%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for Intel(R) NUC 8 Compute Element, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element may allow a privileged user to enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-cm11ebi58w_firmwarecm8i3cb4ncm11ebc4wcm11ebi38w_firmwarecm8pcb4r_firmwareelm12hbccm8pcb4relm12hbc_firmwareelm12hbi5_firmwareelm12hbi3_firmwarecm11ebi716welm12hbi5elm12hbi3cm8i3cb4n_firmwarecm11ebi716w_firmwarecm8i7cb8n_firmwarecm8i5cb8n_firmwarecm11ebi38wcm8ccb4r_firmwarecm8ccb4rcm8i7cb8nelm12hbi7_firmwareelm12hbi7cm11ebi58wcm11ebc4w_firmwarecm8i5cb8nIntel(R) NUC 8 Compute Element, Intel(R) NUC 11 Compute Element, Intel(R) NUC 12 Compute Element
CWE ID-CWE-20
Improper Input Validation
CVE-2022-36789
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.79%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:48
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in BIOS firmware for some Intel(R) NUC 10 Performance Kits and Intel(R) NUC 10 Performance Mini PCs before version FNCML357.0053 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_10_performance_mini_pc_nuc10i7fnkpanuc_10_performance_kit_nuc10i7fnk_firmwarenuc_10_performance_mini_pc_nuc10i7fnhjanuc_10_performance_kit_nuc10i5fnhnnuc_10_performance_kit_nuc10i7fnhc_firmwarenuc_10_performance_kit_nuc10i3fnh_firmwarenuc_10_performance_kit_nuc10i5fnhjnuc_10_performance_kit_nuc10i7fnhnuc_10_performance_kit_nuc10i3fnhn_firmwarenuc_10_performance_mini_pc_nuc10i3fnhja_firmwarenuc_10_performance_kit_nuc10i3fnknnuc_10_performance_kit_nuc10i3fnk_firmwarenuc_10_performance_kit_nuc10i5fnhn_firmwarenuc_10_performance_mini_pc_nuc10i5fnhja_firmwarenuc_10_performance_mini_pc_nuc10i3fnhfanuc_10_performance_kit_nuc10i7fnhcnuc_10_performance_kit_nuc10i5fnkn_firmwarenuc_10_performance_kit_nuc10i3fnhnuc_10_performance_kit_nuc10i3fnhf_firmwarenuc_10_performance_mini_pc_nuc10i5fnhcanuc_10_performance_kit_nuc10i5fnknnuc_10_performance_kit_nuc10i7fnhn_firmwarenuc_10_performance_kit_nuc10i3fnhnnuc_10_performance_kit_nuc10i5fnhj_firmwarenuc_10_performance_kit_nuc10i3fnhfnuc_10_performance_mini_pc_nuc10i7fnhaanuc_10_performance_mini_pc_nuc10i7fnkpa_firmwarenuc_10_performance_kit_nuc10i5fnkpnuc_10_performance_kit_nuc10i7fnhnnuc_10_performance_mini_pc_nuc10i7fnhja_firmwarenuc_10_performance_kit_nuc10i5fnkp_firmwarenuc_10_performance_kit_nuc10i5fnhnuc_10_performance_mini_pc_nuc10i3fnhfa_firmwarenuc_10_performance_kit_nuc10i7fnknnuc_10_performance_kit_nuc10i5fnhfnuc_10_performance_mini_pc_nuc10i7fnhaa_firmwarenuc_10_performance_kit_nuc10i3fnkn_firmwarenuc_10_performance_kit_nuc10i7fnkn_firmwarenuc_10_performance_kit_nuc10i7fnkp_firmwarenuc_10_performance_kit_nuc10i5fnknuc_10_performance_kit_nuc10i5fnh_firmwarenuc_10_performance_kit_nuc10i7fnh_firmwarenuc_10_performance_kit_nuc10i7fnknuc_10_performance_mini_pc_nuc10i3fnhjanuc_10_performance_mini_pc_nuc10i5fnkpanuc_10_performance_kit_nuc10i7fnkpnuc_10_performance_mini_pc_nuc10i5fnhca_firmwarenuc_10_performance_kit_nuc10i5fnk_firmwarenuc_10_performance_mini_pc_nuc10i5fnhjanuc_10_performance_kit_nuc10i5fnhf_firmwarenuc_10_performance_kit_nuc10i3fnknuc_10_performance_mini_pc_nuc10i5fnkpa_firmwareIntel(R) NUC 10 Performance Kits and Intel(R) NUC 10 Performance Mini PCs
CWE ID-CWE-284
Improper Access Control
CVE-2022-36348
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.10% / 29.15%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Active debug code in some Intel (R) SPS firmware before version SPS_E5_04.04.04.300.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_platform_servicesIntel (R) SPS firmware
CVE-2022-36398
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.05%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-battery_life_diagnostic_toolIntel(R) Battery Life Diagnostic Tool software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-31271
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 25.35%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-28 Oct, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) VROC software before version 8.0.8.1001 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-virtual_raid_on_cpuIntel(R) VROC softwarevroc_software
CWE ID-CWE-284
Improper Access Control
CVE-2022-36397
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.06% / 19.16%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the software installer for some Intel(R) QAT drivers for Linux before version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT drivers for Linux
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-34854
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 28.31%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_usage_reportIntel(R) SUR software
CVE-2022-34864
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.2||MEDIUM
EPSS-0.06% / 18.20%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trace_analyzer_and_collectorIntel(R) Trace Analyzer and Collector software
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-34848
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 22.05%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_pro_software_suiteIntel(R) NUC Pro Software Suite
CWE ID-CWE-427
Uncontrolled Search Path Element
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2022-34855
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 23.51%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path traversal for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_pro_software_suiteIntel(R) NUC Pro Software Suite
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-34843
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.8||MEDIUM
EPSS-0.06% / 18.20%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trace_analyzer_and_collectorIntel(R) Trace Analyzer and Collector software
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-33209
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.10%
||
7 Day CHG+0.04%
Published-18 Aug, 2022 | 20:03
Updated-18 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-lapbc510lapbc710_firmwarelapbc510_firmwarelapbc710Intel(R) NUC Laptop Kits
CWE ID-CWE-20
Improper Input Validation
CVE-2022-34157
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 29.40%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel(R) FPGA SDK for OpenCL(TM) with Intel(R) Quartus(R) Prime Pro Edition software before version 22.1 may allow authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-fpga_software_development_kitquartus_primeIntel(R) FPGA SDK for OpenCL(TM) with Intel(R) Quartus(R) Prime Pro Edition software
CVE-2022-33902
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.11% / 29.40%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 19:59
Updated-27 Jan, 2025 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient control flow management in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quartus_primeIntel(R) Quartus Prime Pro and Standard edition software
CVE-2023-32618
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.17% / 38.35%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-29 Oct, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapiIntel(R) oneAPI Toolkit and component software installersoneapi_base_toolkitoneapi_ai_analytics_toolkitoneapi_hpc_toolkitinspectoroneapi_deep_neural_networkoneapi_iot_toolkitadvisor
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-33190
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.1||HIGH
EPSS-0.06% / 17.03%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_usage_reportIntel(R) SUR software
CWE ID-CWE-20
Improper Input Validation
CVE-2022-34153
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.10% / 28.52%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper initialization in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-battery_life_diagnostic_toolIntel(R) Battery Life Diagnostic Tool software
CWE ID-CWE-665
Improper Initialization
CVE-2022-33946
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.6||MEDIUM
EPSS-0.05% / 14.18%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_usage_reportIntel(R) SUR software
CWE ID-CWE-287
Improper Authentication
CVE-2022-34346
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.8||MEDIUM
EPSS-0.08% / 24.24%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-media_software_development_kitIntel(R) Media SDK software
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 16
  • 17
  • Next
Details not found