Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-32661

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-14 Nov, 2023 | 19:04
Updated At-30 Aug, 2024 | 17:09
Rejected At-
Credits

Improper authentication in some Intel(R) NUC Kits NUC7PJYH and NUC7CJYH Realtek* SD Card Reader Driver installation software before version 10.0.19041.29098 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:14 Nov, 2023 | 19:04
Updated At:30 Aug, 2024 | 17:09
Rejected At:
▼CVE Numbering Authority (CNA)

Improper authentication in some Intel(R) NUC Kits NUC7PJYH and NUC7CJYH Realtek* SD Card Reader Driver installation software before version 10.0.19041.29098 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Products
Vendor
n/a
Product
Intel(R) NUC Kits NUC7PJYH and NUC7CJYH Realtek* SD Card Reader Driver installation software
Default Status
unaffected
Versions
Affected
  • before version 10.0.19041.29098
Problem Types
TypeCWE IDDescription
N/AN/Aescalation of privilege
CWECWE-287Improper authentication
Type: N/A
CWE ID: N/A
Description: escalation of privilege
Type: CWE
CWE ID: CWE-287
Description: Improper authentication
Metrics
VersionBase scoreBase severityVector
3.16.7MEDIUM
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html
N/A
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html
x_transferred
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Vendor
Intel Corporationintel_nuc_kits_nuc7pjyh_and_nuc7cjyh_realtek_sd_card_reader_driver_installation_software
Product
intel_nuc_kits_nuc7pjyh_and_nuc7cjyh_realtek_sd_card_reader_driver_installation_software
CPEs
  • cpe:2.3:a:intel_nuc_kits_nuc7pjyh_and_nuc7cjyh_realtek_sd_card_reader_driver_installation_software:intel_nuc_kits_nuc7pjyh_and_nuc7cjyh_realtek_sd_card_reader_driver_installation_software:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 10.0.19041.29098 (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:14 Nov, 2023 | 19:15
Updated At:20 Nov, 2023 | 20:57

Improper authentication in some Intel(R) NUC Kits NUC7PJYH and NUC7CJYH Realtek* SD Card Reader Driver installation software before version 10.0.19041.29098 may allow an authenticated user to potentially enable escalation of privilege via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
CPE Matches
Intel Corporation
intel
>>realtek_sd_card_reader_driver>>Versions before 10.0.19041.29098(exclusive)
cpe:2.3:a:intel:realtek_sd_card_reader_driver:*:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc_kit_nuc7cjyh>>-
cpe:2.3:h:intel:nuc_kit_nuc7cjyh:-:*:*:*:*:*:*:*
Intel Corporation
intel
>>nuc_kit_nuc7pjyh>>-
cpe:2.3:h:intel:nuc_kit_nuc7pjyh:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-287Primarynvd@nist.gov
CWE-287Secondarysecure@intel.com
CWE ID: CWE-287
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-287
Type: Secondary
Source: secure@intel.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.htmlsecure@intel.com
Patch
Vendor Advisory
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html
Source: secure@intel.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

610Records found
CVE-2021-0143
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-17 Jun, 2021 | 11:12
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Intel(R) Brand Verification Tool before version 11.0.0.1225 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-brand_verification_toolIntel(R) Brand Verification Tool
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-0106
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.43%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 19:13
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in the Intel(R) Optane(TM) DC Persistent Memory for Windows software versions before 2.00.00.3842 or 1.00.00.3515 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_gold_6246rxeon_platinum_8276lxeon_platinum_8358xeon_platinum_9222xeon_gold_5315yxeon_gold_5217xeon_gold_6230txeon_platinum_8362xeon_gold_6230nxeon_platinum_8354hxeon_gold_5218nxeon_gold_6338xeon_silver_4309yxeon_platinum_8352yxeon_platinum_8368xeon_gold_5220xeon_gold_6246xeon_silver_4214rxeon_gold_6326xeon_gold_6254xeon_silver_4310txeon_gold_6269yxeon_gold_6240yxeon_gold_6234xeon_platinum_8380xeon_gold_6238rxeon_silver_4316xeon_platinum_8351nxeon_gold_6208uxeon_platinum_8268xeon_gold_5215xeon_platinum_8352vxeon_gold_6336yxeon_gold_6262vxeon_gold_5222xeon_gold_5218xeon_platinum_8284xeon_silver_4209txeon_platinum_8380hxeon_gold_5215lxeon_platinum_8360hlxeon_silver_4215rxeon_gold_6252nxeon_platinum_9221xeon_platinum_8376hxeon_gold_6244xeon_gold_6330xeon_silver_4210txeon_platinum_8321hcxeon_gold_6248xeon_gold_6212uxeon_gold_6314uxeon_platinum_8280xeon_gold_6248rxeon_gold_6354xeon_gold_6258rxeon_gold_6240xeon_gold_6238lxeon_platinum_8352mxeon_gold_6240lxeon_gold_6250xeon_platinum_8353hxeon_platinum_8256xeon_gold_6348hxeon_gold_6262xeon_gold_6330hxeon_gold_5219yxeon_gold_6222vxeon_gold_5318hxeon_platinum_8376hlxeon_gold_6242xeon_gold_5320hxeon_gold_5320xeon_platinum_8360yxeon_platinum_8274xeon_platinum_8260yxeon_platinum_8270xeon_gold_6242rxeon_gold_6338txeon_gold_6346xeon_gold_5218txeon_silver_4215xeon_gold_5220rxeon_gold_5318sxeon_gold_6338nxeon_silver_4214xeon_platinum_8276xeon_platinum_8360hxeon_gold_6238txeon_silver_4210rxeon_gold_6250lxeon_silver_4214yxeon_gold_6210uxeon_gold_6348xeon_gold_6330nxeon_gold_5218bxeon_platinum_8380hlxeon_gold_5318nxeon_platinum_8358pxeon_platinum_8368qxeon_silver_4216xeon_gold_6230xeon_platinum_8253xeon_gold_6240rxeon_silver_4310xeon_gold_6222xeon_gold_5317xeon_gold_6334ipmctlxeon_platinum_8356hxeon_gold_6209uxeon_gold_6226xeon_gold_6256xeon_gold_6342xeon_gold_6230rxeon_gold_6238xeon_gold_6252xeon_gold_5320txeon_silver_4208xeon_platinum_8260xeon_platinum_8352sxeon_gold_5318yxeon_gold_5218rxeon_bronze_3206rxeon_gold_6226rxeon_gold_6312uxeon_gold_6328hxeon_gold_5220sxeon_platinum_9242xeon_platinum_9282xeon_platinum_8260lxeon_platinum_8280lxeon_bronze_3204xeon_gold_6328hlxeon_silver_4314xeon_gold_5220txeon_silver_4210Intel(R) Optane(TM) DC Persistent Memory for Windows software versions
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-0109
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:36
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions for the Intel(R) SOC driver package for STK1A32SC before version 604 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_stick_stk1a32sccompute_stick_stk1a32sc_firmwareIntel(R) SOC driver package for STK1A32SC
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-42773
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.07% / 22.75%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-28 Aug, 2025 | 01:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper neutralization in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationMicrosoft Corporation
Product-windowspower_gadgetIntel(R) Power Gadget software for Windowspower_gadget_software
CWE ID-CWE-707
Improper Neutralization
CVE-2022-38787
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.04% / 8.82%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) FPGA products before version 2.7.0 Hotfix may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-stratix_10_sx_650_fpgastratix_10_gx_400_fpga_firmwareagilex_7_fpga_f-series_006_firmwareagilex_7_fpga_i-series_022stratix_10_tx_2500_fpga_firmwarestratix_10_gx_10m_fpga_firmwarestratix_10_sx_1650_fpgastratix_10_gx_2800_fpga_firmwarestratix_10_tx_850_fpga_firmwarestratix_10_tx_1650_fpgastratix_10_gx_850_fpgastratix_10_gx_1660_fpgastratix_10_sx_400_fpga_firmwareagilex_7_fpga_i-series_022_firmwarestratix_10_dx_2100_fpgaagilex_7_fpga_i-series_035_firmwarestratix_10_tx_400_fpga_firmwarestratix_10_mx_2100_fpga_firmwareagilex_7_fpga_m-series_039stratix_10_gx_2500_fpga_firmwarestratix_10_gx_10m_fpgaagilex_7_fpga_f-series_012_firmwareagilex_7_fpga_f-series_023stratix_10_gx_2100_fpga_firmwarestratix_10_tx_1100_fpga_firmwarestratix_10_tx_1650_fpga_firmwareagilex_7_fpga_m-series_039_firmwareagilex_7_fpga_f-series_019_firmwarestratix_10_sx_1100_fpgaagilex_7_fpga_f-series_022stratix_10_tx_2800_fpga_firmwarestratix_10_tx_2800_fpgaagilex_7_fpga_i-series_023_firmwarestratix_10_sx_2500_fpga_firmwarestratix_10_gx_650_fpgaagilex_7_fpga_i-series_041agilex_7_fpga_i-series_040stratix_10_tx_1100_fpgaagilex_7_fpga_f-series_008stratix_10_gx_2100_fpgastratix_10_gx_1650_fpgaagilex_7_fpga_f-series_022_firmwarestratix_10_gx_1100_fpga_firmwarestratix_10_sx_400_fpgastratix_10_dx_1100_fpgastratix_10_sx_1100_fpga_firmwarestratix_10_gx_2110_fpga_firmwareagilex_7_fpga_f-series_027stratix_10_sx_650_fpga_firmwareagilex_7_fpga_i-series_027_firmwareagilex_7_fpga_i-series_027stratix_10_sx_850_fpgastratix_10_nx_2100_fpga_firmwareagilex_7_fpga_f-series_012stratix_10_nx_2100_fpgastratix_10_dx_1100_fpga_firmwareagilex_7_fpga_f-series_008_firmwarestratix_10_sx_850_fpga_firmwarestratix_10_sx_1650_fpga_firmwarestratix_10_gx_400_fpgastratix_10_mx_1650_fpgastratix_10_sx_2100_fpgastratix_10_gx_1660_fpga_firmwarestratix_10_tx_2100_fpga_firmwareagilex_7_fpga_i-series_040_firmwarestratix_10_sx_2800_fpgastratix_10_tx_400_fpgaagilex_7_fpga_i-series_035agilex_7_fpga_i-series_041_firmwareagilex_7_fpga_f-series_006agilex_7_fpga_f-series_027_firmwarestratix_10_tx_2100_fpgastratix_10_gx_650_fpga_firmwareagilex_7_fpga_f-series_014agilex_7_fpga_f-series_014_firmwarestratix_10_tx_2500_fpgaagilex_7_fpga_f-series_023_firmwarestratix_10_gx_1650_fpga_firmwarestratix_10_sx_2100_fpga_firmwarestratix_10_dx_2800_fpga_firmwarestratix_10_dx_2800_fpgastratix_10_tx_850_fpgastratix_10_sx_2500_fpgastratix_10_dx_2100_fpga_firmwareagilex_7_fpga_i-series_019_firmwarestratix_10_gx_850_fpga_firmwareagilex_7_fpga_i-series_019stratix_10_sx_2800_fpga_firmwarestratix_10_gx_1100_fpgaagilex_7_fpga_f-series_019stratix_10_gx_2110_fpgastratix_10_mx_1650_fpga_firmwarestratix_10_gx_2500_fpgaagilex_7_fpga_i-series_023stratix_10_gx_2800_fpgastratix_10_mx_2100_fpgaIntel(R) FPGA products
CWE ID-CWE-20
Improper Input Validation
CVE-2023-41961
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 29.65%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) GPA software before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzersIntel(R) GPA softwaregraphics_performance_analyzers
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-8750
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.58%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:07
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Kernel Mode Driver for Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trusted_execution_engineIntel(R) TXE
CWE ID-CWE-416
Use After Free
CVE-2020-8763
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:14
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Intel(R) RealSense(TM) D400 Series UWP driver for Windows* 10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-realsense_d435_firmwarerealsense_d415_firmwarerealsense_d435i_firmwarewindows_10Intel(R) RealSense(TM) D400 Series Advisory
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-42433
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.41%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-02 Aug, 2024 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in some Endurance Gaming Mode software installers before version 1.3.937.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Endurance Gaming Mode software installersendurance_gaming_mode_software_installers
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-8760
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 32.30%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:08
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-cloud_backupactive_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-42668
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.41%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-02 Aug, 2024 | 19:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions in some onboard video driver software before version 1.14 for Intel(R) Server Boards based on Intel(R) 62X Chipset may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-onboard video driver software for Intel(R) Server Boards based on Intel(R) 62X Chipset62x_chipset
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-42766
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 15.60%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel NUC 8 Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_8_compute_element_cm8v5cb_firmwarenuc_8_compute_element_cm8v7cb_firmwarenuc_8_compute_element_cm8v7cbnuc_8_compute_element_cm8v5cbIntel NUC 8 Compute Element BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2020-8687
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.13%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 03:16
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-rste_software_raidIntel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB Advisory
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-41091
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 35.35%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-24 Oct, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) MPI Library Software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-mpi_libraryIntel(R) MPI Library Software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-39932
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 29.15%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-24 Oct, 2024 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) SUR for Gameplay Software before version 2.0.1901 may allow a privillaged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_usage_report_for_gameplayIntel(R) SUR for Gameplay Softwaresystem_usage_report
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-39432
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.92%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-24 Oct, 2024 | 19:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control element in some Intel(R) Ethernet tools and driver install software, before versions 28.2, may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_adapter_complete_driverIntel(R) Ethernet tools and driver install software,ethernet_adapter_complete_driver_pack
CWE ID-CWE-284
Improper Access Control
CVE-2015-2291
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.54% / 84.86%
||
7 Day CHG+0.28%
Published-09 Aug, 2017 | 18:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-03-03||Apply updates per vendor instructions.

(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-ethernet_diagnostics_driver_iqvw32.sysethernet_diagnostics_driver_iqvw64.syswindowsn/aEthernet Diagnostics Driver for Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2023-40156
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 36.45%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-25 Oct, 2024 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element in some Intel(R) SSU software before version 3.0.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_support_utilityIntel(R) SSU softwaresystem_support_utility
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-39425
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.08% / 25.35%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-24 Oct, 2024 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) DSA software before version 23.4.33 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-driver_\&_support_assistantIntel(R) DSA softwaredriver\&support_assistant
CWE ID-CWE-284
Improper Access Control
CVE-2023-40071
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.07% / 21.50%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzersIntel(R) GPA software installers
CWE ID-CWE-284
Improper Access Control
CVE-2023-40161
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.6||MEDIUM
EPSS-0.06% / 19.63%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-23 Oct, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in some Intel Unite(R) Client software before version 4.2.35041 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-uniteIntel Unite(R) Client software
CWE ID-CWE-284
Improper Access Control
CVE-2023-38411
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-3.9||LOW
EPSS-0.04% / 12.02%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:05
Updated-30 Aug, 2024 | 15:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the Intel Smart Campus android application before version 9.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-smart_campusIntel Smart Campus android application
CWE ID-CWE-284
Improper Access Control
CVE-2023-39230
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.93%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-rapid_storage_technologyIntel Rapid Storage Technology software
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-14570
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.83%
||
7 Day CHG~0.00%
Published-11 Oct, 2019 | 17:58
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Action-Not Available
Vendor-Intel Corporation
Product-nuc_kit_dn2820fykhnuc_board_de3815tybe_firmwarenuc_8_mainstream_game_kitnuc_kit_de3815tykhe_firmwarenuc_8_mainstream_game_mini_computer_firmwarenuc_8_mainstream_game_kit_firmwarenuc_kit_de3815tykhenuc_kit_dn2820fykh_firmwarenuc_board_de3815tybenuc_8_mainstream_game_mini_computerNUC Advisory
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14605
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.25%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:09
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for the Intel(R) SCS Platform Discovery Utility, all versions, may allow an authenticated user to potentially enable escalation of privilege via local attack.

Action-Not Available
Vendor-n/aIntel Corporation
Product-setup_and_configuration_software_platform_discovery_utilityIntel(R) SCS Platform Discovery Utility
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-38587
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.23%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc8i7bek_firmwarenuc_8_home_nuc8i3behfa_firmwarenuc_kit_nuc8i5behnuc_kit_nuc8i7beknuc_kit_nuc8i5behs_firmwarenuc_kit_nuc8i3beh_firmwarenuc_kit_nuc8i7behnuc_8_enthusiast_nuc8i7bekqa_firmwarenuc_8_enthusiast_nuc8i7bekqanuc_8_home_nuc8i5behfanuc_8_home_nuc8i5bekpa_firmwarenuc_kit_nuc8i7beh_firmwarenuc_kit_nuc8i3behsnuc_kit_nuc8i3beknuc_kit_nuc8i5beh_firmwarenuc_8_enthusiast_nuc8i7behganuc_kit_nuc8i5beknuc_kit_nuc8i5behsnuc_kit_nuc8i3behnuc_kit_nuc8i3bek_firmwarenuc_kit_nuc8i5bek_firmwarenuc_8_home_nuc8i5bekpanuc_8_home_nuc8i3behfanuc_8_enthusiast_nuc8i7behga_firmwarenuc_8_home_nuc8i5behfa_firmwarenuc_kit_nuc8i3behs_firmwareIntel NUC BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-38570
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.07% / 21.56%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Access of memory location after end of buffer for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationApple Inc.Google LLCMicrosoft Corporation
Product-androidwindowsunison_softwareiphone_osIntel Unison software
CWE ID-CWE-788
Access of Memory Location After End of Buffer
CVE-2019-14601
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-17 Jan, 2020 | 17:35
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for Intel(R) RWC 3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-raid_web_console_3Intel(R) RWC 3 for Windows
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-38566
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 35.35%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-24 Oct, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) ISPC software before version 1.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-implicit_spmd_program_compilerIntel(R) ISPC softwareispc
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-14610
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.19% / 40.69%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:11
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc7i7dnke_firmwarenuc8i3cysmnuc7i5dnke_firmwarenuc6i5syh_firmwarestk2mv64cc_firmwarestk2m3w64ccd34010wybnuc7cjyhnuc_8_mainstream_game_kitstk2m3w64cc_firmwarenuc8i7hnknuc_8_mainstream_game_mini_computer_firmwarenuc6i5syhcd1iv128mknuc8i7bek_firmwarenuc7i3dnhenuc8i7hnk_firmwarecd1iv128mk_firmwarenuc6i7kykcd1m3128mk_firmwared34010wyb_firmwarecd1m3128mknuc7cjyh_firmwarecd1p64gknuc7i3dnhe_firmwarenuc_8_mainstream_game_mini_computerde3815tybe_firmwarenuc7i5dnkenuc6cayscd1p64gk_firmwarenuc_8_mainstream_game_kit_firmwarede3815tybenuc7i7dnkestk2mv64ccnuc6i7kyk_firmwarenuc6cays_firmwarenuc8i7beknuc8i3cysm_firmwareIntel(R) NUC(R)
CVE-2019-11111
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.24% / 47.24%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 19:04
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-graphics_drivercloud_backupsteelstore_cloud_integrated_storagesolidfire_baseboard_management_controller_firmwaresolidfire_baseboard_management_controllerdata_availability_services2019.2 IPU – Intel(R) Graphics Driver for Windows* and Linux
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-11181
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.41%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:38
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hpcr1304wftysrbbs2600bpbhns2600bpb24rhpcr2208wf0zsrr1304wftysrhpcr2208wftzsrr2208wftzsrr2208wf0zsrr1208wftysr1304wf0ysr2224wfqzshns2600bpqbbs2600stqhpcr2312wftzsrhns2600bpbrhpcr2224wftzsrhns2600bpblchpcr2208wftzsrxbbs2600stbr2208wf0zsr2208wftzshns2600bpsrr1208wftysrr2208wftzsrxbbs2600stbrhns2600bpbrxr2312wf0nphns2600bpblcrs2600stbr2224wftzsrr2208wfqzsrr2224wftzsbbs2600bpqrbbs2600stqrr2208wfqzsbbs2600bpshns2600bpshpcr2312wf0nprhns2600bpq24rhns2600bpb24hns2600bps24hns2600bpq24hns2600bpblc24r2312wfqzshpcr1208wftysrs9256wk1hlchpchns2600bpsrbbs2600bpsrr2312wf0nprs2600stbrs2600wftrhns2600bpbhpcr2208wfqzsrs9248wk2hlcr1304wftysbbs2600bpbrs9248wk2hachpcr1208wfqysrhns2600bpblc24rs2600wf0rs2600stqrs9232wk1hlcs2600stqs9232wk2hacr2308wftzss9248wk1hlcs2600wfqrhpcr2308wftzsrr1208wfqysrhpchns2600bpbrr2312wftzsrr2308wftzsrhpcr1304wf0ysrhpchns2600bpqrs2600wf0hns2600bps24rs9232wk2hlchns2600bpqrs2600wfqbbs2600bpqr1304wf0ysrbaseboard_management_controller_firmwares2600wfthns2600bpb24rxr2312wftzsIntel(R) BMC
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-11103
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.31%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwareIntel(R) CSME
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11097
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.25%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper directory permissions in the installer for Intel(R) Management Engine Consumer Driver for Windows before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45,13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trusted_execution_engine_firmwareIntel(R) Management Engine
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-36493
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 32.73%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-29 Oct, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) SDK for OpenCL(TM) Applications software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-software_development_kit_for_openclIntel(R) SDK for OpenCL(TM) Applications softwarefield_programmable_gate_array_software_development_kit_for_opencl
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-11112
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.24% / 47.49%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:41
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-graphics_drivercloud_backupdata_availability_servicessteelstore_cloud_integrated_storage2019.2 IPU – Intel(R) Graphics Driver for Windows* and Linux
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-11117
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.25%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in the installer for Intel(R) Omni-Path Fabric Manager GUI before version 10.9.2.1.1 may allow an authenticated user to potentially enable escalation of privilege via local attack.

Action-Not Available
Vendor-n/aIntel Corporation
Product-omni-path_fabric_manager_guiIntel(R) Omni-Path Fabric Manager GUI
CVE-2019-11156
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.07%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:54
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logic errors in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, denial of service, and information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wireless-ac_9461wireless-ac_9560wi-fi_6_ax201dual_band_wireless-ac_3165dual_band_wireless-ac_7265_\(rev_d\)dual_band_wireless-ac_8260wireless-ac_9260dual_band_wireless-ac_3168wireless_7265_\(rev_d\)wi-fi_6_ax200wireless-ac_9462dual_band_wireless-n_7265_\(rev_d\)dual_band_wireless-ac_8265proset\/wireless_wifiIntel(R) PROSet/Wireless WiFi Software Security
CVE-2023-34427
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 18.18%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-04 Oct, 2024 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Protection mechanism failure in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-realsense_450_fa_firmwarerealsense_450_faIntel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2023-35192
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.12% / 32.23%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-23 Jan, 2025 | 18:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) GPA Framework software before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_performance_analyzers_frameworkIntel(R) GPA Framework softwaregraphics_performance_analyzer
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-11120
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-11 Oct, 2019 | 17:56
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient path checking in the installer for Intel(R) Active System Console before version 8.0 Build 24 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-Intel Corporation
Product-62x_chipsetactive_system_consoleActive System Console Advisory
CVE-2023-35060
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 35.35%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-29 Oct, 2024 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) Battery Life Diagnostic Tool software before version 2.3.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-battery_life_diagnostic_toolIntel(R) Battery Life Diagnostic Tool softwarebattery_life_diagnostic_tool
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-11145
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-19 Aug, 2019 | 16:12
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper file verification in Intel® Driver & Support Assistant before 19.7.30.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-driver_\&_support_assistantIntel(R) Driver & Support Assistant Advisory
CWE ID-CWE-275
Not Available
CVE-2019-11151
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 36.40%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:55
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable escalation of privilege, denial of service, and information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wireless-ac_9560wireless-n_7265wi-fi_6_ax201_firmwarewireless-ac_9461_firmwaredual_band_wireless-ac_8260_firmwaredual_band_wireless-ac_8265_firmwarewireless-ac_9260_firmwaredual_band_wireless-ac_7265wireless-ac_9462_firmwarewireless-ac_9560_firmwaredual_band_wireless-ac_7265_firmwarewi-fi_6_ax200wireless-ac_9462dual_band_wireless-n_7265wireless-ac_9461dual_band_wireless-ac_3168_firmwarewi-fi_6_ax200_firmwarewi-fi_6_ax201dual_band_wireless-ac_3165dual_band_wireless-ac_8260wireless-ac_9260dual_band_wireless-ac_3168dual_band_wireless-ac_3165_firmwaredual_band_wireless-n_7265_firmwaredual_band_wireless-ac_8265wireless-n_7265_firmwareIntel(R) WIFI Drivers and Intel(R) PROSet/Wireless WiFi Software extension DLL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34314
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 21.01%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions in some Intel(R) Simics Simulator software before version 1.7.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-simics_simulatorIntel(R) Simics Simulator software
CWE ID-CWE-277
Insecure Inherited Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-34355
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 24.80%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-17 Oct, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path element for some Intel(R) Server Board M10JNP2SB integrated BMC video drivers before version 3.0 for Microsoft Windows and before version 1.13.4 for linux may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-integrated_bmc_video_driverserver_board_m10jnp2sbIntel(R) Server Board M10JNP2SB integrated BMC video driversintel_server_board_m10jnp2sb_integrated_bmc_video_drive
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-11147
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.30%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:07
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL-SA-00125 Detection Tool version 1.0.45.0 or before may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwaresa-00086_detection_tooltrusted_execution_engine_firmwareintel-sa-00125_detection_toolIntel(R) CSME
CVE-2019-11153
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 36.40%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:55
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption issues in Intel(R) PROSet/Wireless WiFi Software extension DLL before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and a denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wireless-ac_9461wireless-ac_9560proset\/wireless_wifiwi-fi_6_ax201dual_band_wireless-ac_3165dual_band_wireless-ac_7265_\(rev_d\)dual_band_wireless-ac_8260wireless-ac_9260dual_band_wireless-ac_3168wireless_7265_\(rev_d\)wi-fi_6_ax200wireless-ac_9462dual_band_wireless-ac_8265dual_band_wireless-n_7265_\(rev_d\)Intel(R) WIFI Drivers and Intel(R) PROSet/Wireless WiFi Software extension DLL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33867
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 10.20%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-03 Oct, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-realsense_450_fa_firmwarerealsense_450_faIntel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA
CWE ID-CWE-92
DEPRECATED: Improper Sanitization of Custom Special Characters
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-33878
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 27.59%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Path transversal in some Intel(R) NUC P14E Laptop Element Audio Install Package software before version 156 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_p14e_laptop_element_cmcn1ccaudio_install_packageIntel(R) NUC P14E Laptop Element Audio Install Package softwareintel_nuc_p14e_laptop_element_audio_install_package_software
CWE ID-CWE-249
DEPRECATED: Often Misused: Path Manipulation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 12
  • 13
  • Next
Details not found