Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-39811

Summary
Assigner-intel
Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At-13 Nov, 2024 | 21:10
Updated At-14 Nov, 2024 | 19:42
Rejected At-
Credits

Improper input validation in firmware for some Intel(R) Server M20NTP Family UEFI may allow a privileged user to potentially enable escalation of privilege via local access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:intel
Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce
Published At:13 Nov, 2024 | 21:10
Updated At:14 Nov, 2024 | 19:42
Rejected At:
▼CVE Numbering Authority (CNA)

Improper input validation in firmware for some Intel(R) Server M20NTP Family UEFI may allow a privileged user to potentially enable escalation of privilege via local access.

Affected Products
Vendor
n/a
Product
Intel(R) Server M20NTP Family UEFI
Default Status
unaffected
Versions
Affected
  • See references
Problem Types
TypeCWE IDDescription
N/AN/Aescalation of privilege
CWECWE-20Improper input validation
Type: N/A
CWE ID: N/A
Description: escalation of privilege
Type: CWE
CWE ID: CWE-20
Description: Improper input validation
Metrics
VersionBase scoreBase severityVector
3.16.3MEDIUM
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
4.05.3MEDIUM
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 6.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01175.html
N/A
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01175.html
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Vendor
Intel Corporationintel
Product
m20ntp_firmware
CPEs
  • cpe:2.3:o:intel:m20ntp_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before * (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@intel.com
Published At:13 Nov, 2024 | 21:15
Updated At:15 Nov, 2024 | 14:00

Improper input validation in firmware for some Intel(R) Server M20NTP Family UEFI may allow a privileged user to potentially enable escalation of privilege via local access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.05.3MEDIUM
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.16.3MEDIUM
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Type: Secondary
Version: 4.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 6.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-20Primarysecure@intel.com
CWE ID: CWE-20
Type: Primary
Source: secure@intel.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01175.htmlsecure@intel.com
N/A
Hyperlink: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01175.html
Source: secure@intel.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

254Records found
CVE-2020-8688
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.38% / 58.73%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 03:14
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) RAID Web Console 3 for Windows* may allow an unauthenticated user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-raid_web_console_3Intel(R) RAID Web Console 3 for Windows* Advisory
CWE ID-CWE-20
Improper Input Validation
CVE-2023-42766
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 15.60%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel NUC 8 Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_8_compute_element_cm8v5cb_firmwarenuc_8_compute_element_cm8v7cb_firmwarenuc_8_compute_element_cm8v7cbnuc_8_compute_element_cm8v5cbIntel NUC 8 Compute Element BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-39411
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5||MEDIUM
EPSS-0.05% / 14.57%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validationation for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel CorporationApple Inc.Google LLCMicrosoft Corporation
Product-androidwindowsunison_softwareiphone_osIntel Unison software
CWE ID-CWE-20
Improper Input Validation
CVE-2015-2291
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.54% / 84.86%
||
7 Day CHG+0.28%
Published-09 Aug, 2017 | 18:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-03-03||Apply updates per vendor instructions.

(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-ethernet_diagnostics_driver_iqvw32.sysethernet_diagnostics_driver_iqvw64.syswindowsn/aEthernet Diagnostics Driver for Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14591
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.16% / 37.17%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 19:05
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-graphics_drivercloud_backupsteelstore_cloud_integrated_storagesolidfire_baseboard_management_controller_firmwaresolidfire_baseboard_management_controllerdata_availability_services2019.2 IPU – Intel(R) Graphics Driver for Windows* and Linux
CWE ID-CWE-20
Improper Input Validation
CVE-2023-38587
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.23%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc8i7bek_firmwarenuc_8_home_nuc8i3behfa_firmwarenuc_kit_nuc8i5behnuc_kit_nuc8i7beknuc_kit_nuc8i5behs_firmwarenuc_kit_nuc8i3beh_firmwarenuc_kit_nuc8i7behnuc_8_enthusiast_nuc8i7bekqa_firmwarenuc_8_enthusiast_nuc8i7bekqanuc_8_home_nuc8i5behfanuc_8_home_nuc8i5bekpa_firmwarenuc_kit_nuc8i7beh_firmwarenuc_kit_nuc8i3behsnuc_kit_nuc8i3beknuc_kit_nuc8i5beh_firmwarenuc_8_enthusiast_nuc8i7behganuc_kit_nuc8i5beknuc_kit_nuc8i5behsnuc_kit_nuc8i3behnuc_kit_nuc8i3bek_firmwarenuc_kit_nuc8i5bek_firmwarenuc_8_home_nuc8i5bekpanuc_8_home_nuc8i3behfanuc_8_enthusiast_nuc8i7behga_firmwarenuc_8_home_nuc8i5behfa_firmwarenuc_kit_nuc8i3behs_firmwareIntel NUC BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14609
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 36.20%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:11
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc7i7dnke_firmwarenuc8i3cysmnuc7i5dnke_firmwarenuc6i5syh_firmwarestk2mv64cc_firmwarestk2m3w64ccd34010wybnuc7cjyhnuc_8_mainstream_game_kitstk2m3w64cc_firmwarenuc8i7hnknuc_8_mainstream_game_mini_computer_firmwarenuc6i5syhcd1iv128mknuc8i7bek_firmwarenuc7i3dnhenuc8i7hnk_firmwarecd1iv128mk_firmwarenuc6i7kykcd1m3128mk_firmwared34010wyb_firmwarecd1m3128mknuc7cjyh_firmwarecd1p64gknuc7i3dnhe_firmwarenuc_8_mainstream_game_mini_computerde3815tybe_firmwarenuc7i5dnkenuc6cayscd1p64gk_firmwarenuc_8_mainstream_game_kit_firmwarede3815tybenuc7i7dnkestk2mv64ccnuc6i7kyk_firmwarenuc6cays_firmwarenuc8i7beknuc8i3cysm_firmwareIntel(R) NUC(R)
CWE ID-CWE-20
Improper Input Validation
CVE-2023-47855
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6||MEDIUM
EPSS-0.03% / 5.01%
||
7 Day CHG-0.00%
Published-16 May, 2024 | 20:47
Updated-13 Feb, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) TDX module softwaretrust_domain_extensions_module
CWE ID-CWE-20
Improper Input Validation
CVE-2024-41167
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.7||HIGH
EPSS-0.03% / 8.27%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 21:10
Updated-19 Nov, 2024 | 19:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in UEFI firmware in some Intel(R) Server Board M10JNP2SB Family may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-m10jnp2sb_firmwarem10jnp2sbIntel(R) Server Board M10JNP2SB Familym10jnp2sb_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11175
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.88% / 74.38%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:37
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hpcr1304wftysrbbs2600bpbhns2600bpb24rhpcr2208wf0zsrr1304wftysrhpcr2208wftzsrr2208wftzsrr2208wf0zsrr1208wftysr1304wf0ysr2224wfqzshns2600bpqbbs2600stqhpcr2312wftzsrhns2600bpbrhpcr2224wftzsrhns2600bpblchpcr2208wftzsrxbbs2600stbr2208wf0zsr2208wftzshns2600bpsrr1208wftysrr2208wftzsrxbbs2600stbrhns2600bpbrxr2312wf0nphns2600bpblcrs2600stbr2224wftzsrr2208wfqzsrr2224wftzsbbs2600bpqrbbs2600stqrr2208wfqzsbbs2600bpshns2600bpshpcr2312wf0nprhns2600bpq24rhns2600bpb24hns2600bps24hns2600bpq24hns2600bpblc24r2312wfqzshpcr1208wftysrs9256wk1hlchpchns2600bpsrbbs2600bpsrr2312wf0nprs2600stbrs2600wftrhns2600bpbhpcr2208wfqzsrs9248wk2hlcr1304wftysbbs2600bpbrs9248wk2hachpcr1208wfqysrhns2600bpblc24rs2600wf0rs2600stqrs9232wk1hlcs2600stqs9232wk2hacr2308wftzss9248wk1hlcs2600wfqrhpcr2308wftzsrr1208wfqysrhpchns2600bpbrr2312wftzsrr2308wftzsrhpcr1304wf0ysrhpchns2600bpqrs2600wf0hns2600bps24rs9232wk2hlchns2600bpqrs2600wfqbbs2600bpqr1304wf0ysrbaseboard_management_controller_firmwares2600wfthns2600bpb24rxr2312wftzsIntel(R) BMC
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11180
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.90% / 74.75%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:38
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hpcr1304wftysrbbs2600bpbhns2600bpb24rhpcr2208wf0zsrr1304wftysrhpcr2208wftzsrr2208wftzsrr2208wf0zsrr1208wftysr1304wf0ysr2224wfqzshns2600bpqbbs2600stqhpcr2312wftzsrhns2600bpbrhpcr2224wftzsrhns2600bpblchpcr2208wftzsrxbbs2600stbr2208wf0zsr2208wftzshns2600bpsrr1208wftysrr2208wftzsrxbbs2600stbrhns2600bpbrxr2312wf0nphns2600bpblcrs2600stbr2224wftzsrr2208wfqzsrr2224wftzsbbs2600bpqrbbs2600stqrr2208wfqzsbbs2600bpshns2600bpshpcr2312wf0nprhns2600bpq24rhns2600bpb24hns2600bps24hns2600bpq24hns2600bpblc24r2312wfqzshpcr1208wftysrs9256wk1hlchpchns2600bpsrbbs2600bpsrr2312wf0nprs2600stbrs2600wftrhns2600bpbhpcr2208wfqzsrs9248wk2hlcr1304wftysbbs2600bpbrs9248wk2hachpcr1208wfqysrhns2600bpblc24rs2600wf0rs2600stqrs9232wk1hlcs2600stqs9232wk2hacr2308wftzss9248wk1hlcs2600wfqrhpcr2308wftzsrr1208wfqysrhpchns2600bpbrr2312wftzsrr2308wftzsrhpcr1304wf0ysrhpchns2600bpqrs2600wf0hns2600bps24rs9232wk2hlchns2600bpqrs2600wfqbbs2600bpqr1304wf0ysrbaseboard_management_controller_firmwares2600wfthns2600bpb24rxr2312wftzsIntel(R) BMC
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11103
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.31%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwareIntel(R) CSME
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11137
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.14% / 35.29%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:56
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel CorporationHewlett Packard Enterprise (HPE)
Product-xeon_platinum_8153atom_c3858_firmwarexeon_bronze_3104_firmwarexeon_e5-4610_v4xeon_e7-8894_v4xeon_e5-2608l_v4_firmwarexeon_gold_6146xeon_gold_6126f_firmwareatom_c3830_firmwarexeon_platinum_8168_firmwarexeon_silver_4108_firmwareapollo_4200_gen10_serverxeon_d-1527xeon_e5-2697_v4xeon_gold_5115synergy_620_gen9_compute_modulexeon_platinum_8170xeon_gold_6136xeon_gold_6138f_firmwarexeon_gold_5217_firmwareproliant_bl460c_gen9_server_bladeproliant_dl160_gen9_server_firmwarexeon_gold_6138xeon_e5-4650_v4xeon_e7-8880_v4atom_c3336_firmwarexeon_d-2163it_firmwarexeon_e5-1660_v4proliant_bl660c_gen9_serverxeon_e7-8891_v4xeon_platinum_8164xeon_d-1521_firmwareproliant_ml350_gen9_server_firmwarexeon_gold_6240_firmwarexeon_d-1557_firmwareatom_c3708_firmwareproliant_dl60_gen9_serverxeon_d-1518atom_c2550synergy_620_gen9_compute_module_firmwarexeon_platinum_8268_firmwarexeon_gold_6248_firmwarexeon_gold_6262vxeon_e5-2609_v4_firmwarexeon_platinum_8168xeon_e5-2683_v4atom_c2538_firmwarexeon_e5-2608l_v4xeon_gold_5218xeon_e5-1620_v4xeon_gold_6238m_firmwarexeon_d-1567_firmwarexeon_d-1567xeon_e5-4640_v4xeon_e5-4655_v4_firmwarexeon_gold_6138t_firmwarexeon_silver_4116_firmwarexeon_d-2173it_firmwarexeon_gold_5122xeon_platinum_8180_firmwarexeon_silver_4210_firmwareapollo_4200_gen9_server_firmwarexeon_gold_6126_firmwarexeon_d-2191proliant_dl380_gen9_serverxeon_e7-8870_v4_firmwarexeon_e5-4627_v4_firmwareproliant_ml110_gen9_server_firmwarexeon_platinum_8276_firmwarexeon_e7-8870_v4xeon_gold_6240xeon_gold_6150_firmwarexeon_platinum_8156xeon_bronze_3106_firmwarexeon_d-2177nt_firmwarexeon_gold_6138_firmwarexeon_e7-8893_v4_firmwarexeon_d-1533n_firmwarexeon_e5-2667_v4_firmwarexeon_gold_5220s_firmwarexeon_gold_5215_firmwarexeon_e5-2667_v4proliant_xl230a_gen9_server_firmwarexeon_platinum_8274proliant_dl580_gen9_serverxeon_gold_6126fxeon_d-1539xeon_silver_4109t_firmwarexeon_e5-1680_v4xeon_silver_4114_firmwarexeon_gold_6230_firmwarexeon_d-2146ntproliant_xl250a_gen9_server_firmwarexeon_platinum_8280l_firmwarexeon_platinum_8160fxeon_d-1577_firmwareatom_c2550_firmwarexeon_e5-4660_v4atom_c3538_firmwarexeon_gold_6210uxeon_d-2187ntatom_c2738xeon_e5-4669_v4_firmwarexeon_platinum_8158_firmwarexeon_d-2166ntxeon_gold_5120_firmwarexeon_gold_6140m_firmwarexeon_silver_4216xeon_platinum_8253xeon_gold_6230xeon_e5-2630l_v4xeon_gold_6134_firmwarexeon_e5-4667_v4atom_c3336atom_c3958xeon_e5-2628l_v4xeon_gold_6130t_firmwareproliant_dl380_gen10_server_firmwarexeon_d-2183itxeon_e5-2690_v4_firmwarexeon_e5-2630_v4xeon_d-1622atom_c2350_firmwarexeon_d-2145ntxeon_e5-1650_v4xeon_gold_6238xeon_gold_6126t_firmwarexeon_silver_4208xeon_e5-2623_v4xeon_e5-4620_v4_firmwarexeon_gold_5220sxeon_platinum_8280m_firmwarexeon_e7-8890_v4_firmwareapollo_4200_gen9_serverxeon_platinum_9282xeon_d-1513n_firmwarexeon_platinum_9242_firmwarexeon_e5-1620_v4_firmwarexeon_silver_4108xeon_gold_6130txeon_silver_4210xeon_platinum_8256_firmwarexeon_e5-2618l_v4_firmwarexeon_e5-2637_v4_firmwarexeon_e7-8867_v4atom_c2358_firmwareproliant_ml350_gen10_serverproliant_ml150_gen9_server_firmwarexeon_platinum_8276matom_c2338xeon_bronze_3106synergy_480_gen10_compute_module_firmwarexeon_gold_6238matom_c3708atom_c2518_firmwarexeon_d-1540xeon_platinum_8160txeon_e5-2698_v4xeon_d-1528xeon_e5-4627_v4proliant_e910_server_blade_firmwarexeon_d-2141ixeon_e5-2660_v4xeon_d-1541xeon_e7-4830_v4xeon_silver_4208_firmwarexeon_d-1633n_firmwarexeon_platinum_8268xeon_e5-2650_v4_firmwareproliant_xl230a_gen9_serverxeon_gold_5222proliant_ws460c_gen9_graphics_server_blade_firmwarexeon_e5-2687w_v4xeon_e5-2630_v4_firmwareatom_c2516synergy_680_gen9_compute_module_firmwarexeon_gold_6240mxeon_e5-4667_v4_firmwarexeon_d-1548xeon_e5-2699a_v4_firmwarexeon_d-1649nxeon_d-1529xeon_e5-2603_v4_firmwareatom_c3308_firmwarexeon_platinum_8160xeon_gold_5115_firmwareproliant_ml110_gen10_server_firmwarexeon_platinum_8156_firmwarexeon_e5-4660_v4_firmwareproliant_xl270d_gen10_serverxeon_gold_5118_firmwarexeon_e7-4809_v4proliant_xl450_gen9_serveratom_c2718xeon_gold_6146_firmwarexeon_gold_6148fxeon_e5-2630l_v4_firmwareatom_c2750xeon_gold_5218_firmwarexeon_gold_6132xeon_gold_6238t_firmwareatom_c3338atom_c2316xeon_e5-2618l_v4xeon_e7-8891_v4_firmwarexeon_e5-2650l_v4_firmwareatom_c2358proliant_dl580_gen10_serverxeon_platinum_8160_firmwarexeon_d-1623nproliant_xl170r_gen10_serveratom_c2508_firmwarexeon_e7-8894_v4_firmwareproliant_dl360_gen9_server_firmwareproliant_xl450_gen9_server_firmwarexeon_gold_6148_firmwarexeon_gold_5220t_firmwarexeon_e5-4610_v4_firmwarexeon_platinum_8253_firmwarexeon_gold_5220_firmwarexeon_d-1622_firmwareatom_c2538xeon_e5-2680_v4_firmwareproliant_e910_server_bladexeon_gold_6240m_firmwareatom_c2530_firmwarexeon_e5-1630_v4_firmwarexeon_silver_4214proliant_ml150_gen9_serverxeon_d-2161iatom_c3858xeon_platinum_8164_firmwaresynergy_680_gen9_compute_modulexeon_d-2141i_firmwareproliant_dl80_gen9_server_firmwareatom_c3558_firmwarexeon_gold_5218bproliant_dl160_gen10_server_firmwarexeon_e5-4640_v4_firmwarexeon_e5-1680_v4_firmwareproliant_xl270d_gen10_server_firmwarexeon_silver_4216_firmwarexeon_gold_6254_firmwarexeon_platinum_8284_firmwarexeon_e5-1650_v4_firmwarexeon_e5-2648l_v4xeon_e5-4620_v4proliant_dl380_gen10_serverxeon_d-1513nxeon_d-1537xeon_d-2187nt_firmwarexeon_e7-8880_v4_firmwarexeon_gold_6209uxeon_d-1539_firmwarexeon_silver_4112xeon_d-1559xeon_gold_6130_firmwarexeon_gold_5120txeon_gold_6134proliant_bl460c_gen10_server_blade_firmwarexeon_gold_6222v_firmwarexeon_platinum_8160f_firmwareatom_c3558xeon_platinum_8260_firmwarexeon_e5-2648l_v4_firmwarexeon_d-2183it_firmwareatom_c3308proliant_xl170r_gen9_server_firmwarexeon_d-1557xeon_gold_6148xeon_e7-4850_v4xeon_gold_6144xeon_gold_6140mxeon_platinum_9282_firmwareatom_c3758xeon_d-1553n_firmwarexeon_gold_6128_firmwarexeon_gold_5220tatom_c3830atom_c2750_firmwarexeon_platinum_8276latom_c3750xeon_platinum_8170_firmwareproliant_dl560_gen10_serveratom_c2730xeon_d-1627_firmwareproliant_bl660c_gen9_server_firmwarexeon_gold_6126txeon_gold_6140_firmwarexeon_gold_6238_firmwareatom_c3950_firmwareproliant_xl250a_gen9_serverxeon_e5-2640_v4_firmwareatom_c2758_firmwarexeon_gold_6246xeon_e5-1630_v4atom_c3955_firmwareatom_c2758xeon_d-1527_firmwarexeon_e5-2683_v4_firmwarexeon_e5-2628l_v4_firmwarexeon_e5-4628l_v4_firmwarexeon_e7-4850_v4_firmwarexeon_gold_5215mxeon_gold_5215proliant_xl450_gen10_server_firmwarexeon_d-2143itxeon_e5-2620_v4_firmwareproliant_xl190r_gen10_server_firmwarexeon_d-2163itsynergy_660_gen10_compute_modulexeon_e5-2699_v4xeon_gold_6244_firmwarexeon_d-2161i_firmwareatom_c3538xeon_platinum_8284xeon_silver_4109txeon_e5-2643_v4_firmwareatom_c2308_firmwarexeon_gold_5215lxeon_silver_4215_firmwarexeon_gold_5122_firmwarexeon_e5-4655_v4xeon_gold_6138fxeon_e5-2658_v4xeon_gold_6132_firmwarexeon_gold_6136_firmwareproliant_xl730f_gen9_serversynergy_480_gen9_compute_module_firmwareproliant_ml350_gen9_serverxeon_gold_6212u_firmwareatom_c2316_firmwarexeon_gold_6212uxeon_d-1531_firmwarexeon_e5-2697_v4_firmwarexeon_platinum_8280mxeon_gold_6240l_firmwarexeon_silver_4114atom_c3750_firmwarexeon_d-2123it_firmwaresynergy_480_gen9_compute_moduleatom_c3508xeon_bronze_3104xeon_d-1571xeon_gold_6240lxeon_gold_6238lxeon_e5-2699_v4_firmwarexeon_d-2173itxeon_d-2123itatom_c2338_firmwareatom_c2730_firmwarexeon_d-1627xeon_gold_5218n_firmwareproliant_ml350_gen10_server_firmwarexeon_e5-2637_v4proliant_dl120_gen10_server_firmwareproliant_dl180_gen9_serverxeon_platinum_8260y_firmwarexeon_gold_6144_firmwarexeon_e5-2695_v4_firmwarexeon_d-1602xeon_e7-8890_v4xeon_e5-2680_v4proliant_dl360_gen9_serverxeon_gold_5218txeon_gold_6240y_firmwarexeon_gold_6150xeon_e5-2697a_v4xeon_gold_6242_firmwarexeon_gold_6140xeon_e5-2690_v4xeon_d-1649n_firmwarexeon_e5-2609_v4proliant_dl360_gen10_serverxeon_e5-2658_v4_firmwarexeon_gold_6148f_firmwarexeon_d-2145nt_firmwareproliant_xl450_gen10_serverproliant_xl230k_gen10_serverxeon_d-1537_firmwarexeon_gold_6126xeon_d-1541_firmwarexeon_d-2166nt_firmwarexeon_d-1623n_firmwarexeon_e5-2699a_v4xeon_e5-2643_v4proliant_dl160_gen9_serverxeon_d-1548_firmwareatom_c3850_firmwarexeon_gold_6130f_firmwarexeon_d-1559_firmwareproliant_xl190r_gen10_serverxeon_e5-2698_v4_firmwareproliant_dl580_gen9_server_firmwarexeon_gold_6142fxeon_e7-4809_v4_firmwarexeon_platinum_8153_firmwarexeon_e5-2697a_v4_firmwarexeon_gold_6130xeon_e5-2650l_v4xeon_d-1529_firmwarexeon_d-1540_firmwarexeon_platinum_8260mxeon_silver_4214y_firmwarexeon_d-1637_firmwareproliant_xl170r_gen10_server_firmwareproliant_dl360_gen10_server_firmwarexeon_platinum_8260xeon_platinum_8160t_firmwareproliant_ws460c_gen9_graphics_server_bladeproliant_bl460c_gen10_server_bladexeon_bronze_3204_firmwaresynergy_480_gen10_compute_modulexeon_silver_4214_firmwareatom_c2738_firmwarexeon_d-2142it_firmwareproliant_dl120_gen10_serverproliant_ml110_gen9_serverxeon_d-2143it_firmwarexeon_platinum_9242proliant_dl160_gen10_serversynergy_660_gen10_compute_module_firmwarexeon_platinum_8280lxeon_silver_4110xeon_bronze_3204xeon_d-1523n_firmwarexeon_platinum_8280_firmwareproliant_dl580_gen10_server_firmwarexeon_gold_5217xeon_e5-2687w_v4_firmwareatom_c3758_firmwareatom_c2558_firmwarexeon_gold_5218nxeon_gold_6246_firmwarexeon_gold_5222_firmwarexeon_gold_6138txeon_e5-2620_v4xeon_e7-4820_v4_firmwareproliant_dl80_gen9_serverxeon_gold_5120proliant_dl180_gen10_server_firmwarexeon_d-1523nxeon_gold_5220xeon_gold_6154_firmwarexeon_d-1653nproliant_dl120_gen9_server_firmwarexeon_e7-8860_v4_firmwarexeon_d-1637xeon_gold_6254xeon_silver_4209t_firmwarexeon_d-1577xeon_gold_6240yxeon_platinum_8176_firmwarexeon_e5-4669_v4xeon_gold_6154proliant_ml110_gen10_serverxeon_gold_5215l_firmwarexeon_d-1543n_firmwarexeon_e5-2640_v4xeon_e7-8893_v4xeon_gold_6252n_firmwarexeon_gold_5120t_firmwareproliant_dl560_gen9_server_firmwarexeon_d-1653n_firmwareproliant_xl230k_gen10_server_firmwarexeon_platinum_8270_firmwarexeon_d-1553natom_c3808_firmwarexeon_d-1571_firmwareatom_c3955xeon_silver_4209txeon_silver_4116xeon_d-1633nxeon_gold_6210u_firmwareproliant_xl170r_gen9_serveratom_c3850xeon_gold_6252nxeon_e7-4820_v4xeon_gold_6244xeon_gold_5218t_firmwarexeon_gold_6248xeon_platinum_8260l_firmwarexeon_gold_6226_firmwarexeon_d-1518_firmwarexeon_platinum_8274_firmwarexeon_platinum_8280atom_c2558xeon_gold_6152_firmwarexeon_platinum_8176f_firmwarexeon_d-1520proliant_dl180_gen10_serverproliant_dl380_gen9_server_firmwarexeon_platinum_8256xeon_gold_6152xeon_d-2146nt_firmwarexeon_platinum_8158xeon_gold_6238l_firmwarexeon_e7-4830_v4_firmwareatom_c3508_firmwarexeon_gold_5218b_firmwarexeon_gold_6222vproliant_bl460c_gen9_server_blade_firmwarexeon_d-1520_firmwarexeon_platinum_8176xeon_gold_6242xeon_silver_4112_firmwarexeon_d-1531atom_c2518xeon_gold_6262v_firmwarexeon_e5-2660_v4_firmwarexeon_platinum_8260yxeon_platinum_8270xeon_e5-2650_v4xeon_platinum_8260m_firmwareproliant_dl560_gen9_serverxeon_d-1533nproliant_xl190r_gen9_serverxeon_gold_6128xeon_silver_4215xeon_d-2142itxeon_gold_5118xeon_gold_6130fxeon_e5-2695_v4atom_c2530atom_c2508proliant_xl730f_gen9_server_firmwarexeon_gold_5215m_firmwarexeon_platinum_8276xeon_gold_6142f_firmwarexeon_gold_6238txeon_silver_4214yxeon_e5-2603_v4proliant_xl190r_gen9_server_firmwarexeon_e5-1660_v4_firmwarexeon_e5-4628l_v4xeon_e7-8860_v4atom_c2350atom_c2516_firmwareatom_c3338_firmwarexeon_platinum_8276m_firmwarexeon_platinum_8176fxeon_e7-8867_v4_firmwareatom_c2308xeon_e5-2623_v4_firmwareapollo_4200_gen10_server_firmwareatom_c3808xeon_d-1543nxeon_d-1528_firmwareproliant_dl120_gen9_serverxeon_gold_6226xeon_d-1521xeon_d-2191_firmwarexeon_gold_6252atom_c3950xeon_e5-4650_v4_firmwareproliant_dl560_gen10_server_firmwareatom_c2718_firmwarexeon_gold_6252_firmwarexeon_gold_6209u_firmwarexeon_silver_4110_firmwarexeon_platinum_8260lproliant_dl60_gen9_server_firmwarexeon_d-1602_firmwarexeon_platinum_8180proliant_dl180_gen9_server_firmwarexeon_d-2177ntatom_c3958_firmwarexeon_platinum_8276l_firmware2019.2 IPU – UEFI
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11086
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.14% / 34.73%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:10
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11100
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.28% / 50.69%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:09
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11102
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.14% / 34.86%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:09
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) DAL software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-dynamic_application_loadertrusted_execution_engine_firmwareIntel(R) DAL software for Intel(R) CSME
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11094
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.71%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_dn2820fykhnuc_kit_d54250wybnuc_kit_nuc7cjyhnuc_kit_nuc5i7ryhnuc_kit_nuc6i7kyknuc_kit_de3815tybenuc_kit_nuc8i7hnknuc_kit_nuc5cpyhnuc_kit_nuc7i7bnhnuc_kit_d33217gkenuc_kit_nuc6caysnuc_kit_nuc5pgyhnuc_kit_nuc5i5myhenuc_kit_d53427rkenuc_kit_nuc7i3dnhenuc_kit_nuc6i5syhnuc_kit_nuc7i5dnkenuc_kit_firmwarenuc_kit_nuc5i3myhenuc_kit_nuc7i7dnkeIntel (R) NUC
CWE ID-CWE-20
Improper Input Validation
CVE-2023-34086
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.03% / 8.49%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-09 Oct, 2024 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc7i5bnknuc_board_nuc7i3bnhx1nuc_kit_nuc7i5bnkp_firmwarenuc_kit_nuc7i3bnhx1_firmwarenuc_rugged_kit_nuc8cchbnnuc_board_nuc7i5bnk_firmwarenuc_mini_pc_nuc7i5bnkpnuc_rugged_kit_nuc8cchkrnuc_mini_pc_nuc7i5bnh_firmwarenuc_enthusiast_nuc7i3bnhx1nuc_kit_nuc7i5bnbnuc_kit_nuc7i3bnhxfnuc_kit_nuc7i5bnhnuc_board_nuc7i3bnk_firmwarenuc_mini_pc_nuc7i7bnh_firmwarenuc_enthusiast_nuc7i5bnhxf_firmwarenuc_board_nuc7i5bnbnuc_kit_nuc7i3bnknuc_board_nuc7i3bnb_firmwarenuc_enthusiast_nuc7i5bnkpnuc_board_nuc7i5bnhnuc_enthusiast_nuc7i5bnkp_firmwarenuc_board_nuc7i7bnkq_firmwarenuc_enthusiast_nuc7i7bnh_firmwarenuc_kit_nuc7i7bnhnuc_board_nuc7i5bnh_firmwarenuc_kit_nuc7i3bnh_firmwarenuc_kit_nuc7i3bnhx1nuc_board_nuc7i5bnhx1_firmwarenuc_board_nuc7i7bnhx1nuc_rugged_kit_nuc8cchbn_firmwarenuc_board_nuc7i7bnb_firmwarenuc_board_nuc7i7bnhxg_firmwarenuc_mini_pc_nuc7i7bnkq_firmwarenuc_kit_nuc7i5bnh_firmwarenuc_enthusiast_nuc7i5bnh_firmwarenuc_board_nuc7i7bnhx1_firmwarenuc_mini_pc_nuc7i5bnbnuc_mini_pc_nuc7i7bnbnuc_enthusiast_nuc7i3bnhxf_firmwarenuc_kit_nuc7i5bnhxfnuc_rugged_kit_nuc8cchkr_firmwarenuc_enthusiast_nuc7i3bnh_firmwarenuc_mini_pc_nuc7i5bnhcompute_element_stk2mv64ccnuc_kit_nuc6cayh_firmwarenuc_kit_nuc7i7bnhxgnuc_board_nuc7i3bnhxfnuc_kit_nuc7i5bnhx1_firmwarenuc_board_nuc7i5bnhxfnuc_kit_nuc7i3bnk_firmwarenuc_kit_nuc7i7bnhx1nuc_enthusiast_nuc7i3bnhnuc_mini_pc_nuc7i3bnhnuc_enthusiast_nuc7i7bnbnuc_board_nuc7i5bnkp_firmwarenuc_enthusiast_nuc7i7bnhx1nuc_kit_nuc6cays_firmwarenuc_kit_nuc7i7bnkqnuc_mini_pc_nuc7i3bnk_firmwarenuc_kit_nuc7i7bnbnuc_kit_nuc7i5bnkpnuc_board_nuc7i7bnhnuc_kit_nuc7i3bnbnuc_mini_pc_nuc7i3bnbnuc_enthusiast_nuc7i3bnb_firmwarenuc_mini_pc_nuc7i7bnkqnuc_enthusiast_nuc7i7bnb_firmwarenuc_enthusiast_nuc7i7bnkqnuc_mini_pc_nuc7i5bnhxfnuc_kit_nuc7i3bnhxf_firmwarenuc_rugged_kit_nuc8cchkrnnuc_enthusiast_nuc7i5bnk_firmwarenuc_board_nuc7i3bnhnuc_enthusiast_nuc7i3bnbnuc_enthusiast_nuc7i7bnhxgnuc_enthusiast_nuc7i5bnhxfnuc_board_nuc7i3bnhx1_firmwarenuc_enthusiast_nuc7i7bnhxg_firmwarenuc_mini_pc_nuc7i3bnhxf_firmwarenuc_enthusiast_nuc7i5bnhx1nuc_mini_pc_nuc7i7bnhxgnuc_kit_nuc7i5bnhx1nuc_mini_pc_nuc7i3bnh_firmwarenuc_enthusiast_nuc7i5bnbnuc_board_nuc7i5bnkpnuc_enthusiast_nuc7i5bnb_firmwarecompute_element_stk2mv64cc_firmwarenuc_mini_pc_nuc7i3bnhx1nuc_board_nuc7i3bnh_firmwarenuc_kit_nuc7i3bnb_firmwarenuc_kit_nuc7i7bnb_firmwarenuc_board_nuc7i3bnhxf_firmwarenuc_mini_pc_nuc7i7bnhxg_firmwarenuc_mini_pc_nuc7i3bnhx1_firmwarenuc_enthusiast_nuc7i3bnk_firmwarenuc_mini_pc_nuc7i5bnhxf_firmwarenuc_enthusiast_nuc7i5bnhx1_firmwarenuc_kit_nuc6caysnuc_mini_pc_nuc7i5bnknuc_enthusiast_nuc7i5bnknuc_kit_nuc7i7bnh_firmwarenuc_mini_pc_nuc7i5bnhx1_firmwarenuc_mini_pc_nuc7i7bnb_firmwarenuc_mini_pc_nuc7i5bnkp_firmwarenuc_rugged_kit_nuc8cchbnuc_kit_nuc6cayhnuc_enthusiast_nuc7i3bnknuc_board_nuc7i3bnbnuc_board_nuc7i7bnhxgnuc_kit_nuc7i7bnhxg_firmwarenuc_board_nuc7i3bnknuc_kit_nuc7i5bnhxf_firmwarenuc_mini_pc_nuc7i7bnhx1nuc_kit_nuc7i5bnk_firmwarenuc_mini_pc_nuc7i5bnhx1nuc_mini_pc_nuc7i7bnhnuc_enthusiast_nuc7i5bnhnuc_enthusiast_nuc7i3bnhxfnuc_enthusiast_nuc7i7bnhx1_firmwarenuc_kit_nuc7i7bnhx1_firmwarenuc_enthusiast_nuc7i7bnkq_firmwarenuc_enthusiast_nuc7i3bnhx1_firmwarenuc_rugged_kit_nuc8cchb_firmwarenuc_board_nuc7i7bnkqnuc_board_nuc7i7bnh_firmwarenuc_mini_pc_nuc7i3bnb_firmwarenuc_board_nuc7i5bnhx1nuc_kit_nuc7i7bnkq_firmwarenuc_mini_pc_nuc7i7bnhx1_firmwarenuc_board_nuc7i5bnhxf_firmwarenuc_board_nuc7i5bnb_firmwarenuc_mini_pc_nuc7i3bnhxfnuc_enthusiast_nuc7i7bnhnuc_rugged_kit_nuc8cchkrn_firmwarenuc_mini_pc_nuc7i5bnb_firmwarenuc_mini_pc_nuc7i5bnk_firmwarenuc_mini_pc_nuc7i3bnknuc_board_nuc7i5bnknuc_kit_nuc7i5bnb_firmwarenuc_kit_nuc7i3bnhnuc_board_nuc7i7bnbIntel(R) NUC BIOS firmwarebios
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11123
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 21.14%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient session validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_stick_stk2mv64cccompute_stick_stck1a32wfccompute_stick_firmwarecompute_card_cd1iv128mkcompute_card_firmwarenuc_kit_nuc8i3bexnuc_kit_firmwarecompute_card_cd1c64gkcompute_stick_stck1a8lfccompute_card_cd1m3128mkcompute_stick_stk2m364cccompute_card_cd1p64gkcompute_stick_stk2m3w64ccIntel(R) NUC Firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11101
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.15% / 35.80%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:09
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) CSME, Intel(R) TXE
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11088
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.22% / 45.03%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11089
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.16% / 37.17%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 19:05
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-graphics_drivercloud_backupsteelstore_cloud_integrated_storagesolidfire_baseboard_management_controller_firmwaresolidfire_baseboard_management_controllerdata_availability_services2019.2 IPU – Intel(R) Graphics Driver for Windows* and Linux
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11107
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 62.98%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:09
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) AMT
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11128
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 23.72%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_stick_stk2mv64cccompute_stick_stck1a32wfccompute_stick_firmwarecompute_card_cd1iv128mkcompute_card_firmwarenuc_kit_nuc8i3bexnuc_kit_firmwarecompute_card_cd1c64gkcompute_stick_stck1a8lfccompute_card_cd1m3128mkcompute_stick_stk2m364cccompute_card_cd1p64gkcompute_stick_stk2m3w64ccIntel(R) NUC Firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11140
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.44%
||
7 Day CHG~0.00%
Published-19 Aug, 2019 | 16:13
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient session validation in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_stick_stk2mv64cccompute_stick_firmwarecompute_card_firmwarecompute_card_cd1iv128mknuc_kit_nuc7i5dnxnuc_kit_nuc7i7dnxnuc_kit_firmwarenuc_kit_nuc7i3dnxIntel(R) NUC Advisory
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11085
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 30.98%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-i915_firmwarei915Intel(R) i915 Graphics for Linux
CWE ID-CWE-20
Improper Input Validation
CVE-2023-32641
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.3||HIGH
EPSS-0.09% / 26.89%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT
CWE ID-CWE-20
Improper Input Validation
CVE-2023-32617
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.03% / 8.46%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-02 Aug, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc7i5bnknuc_7_home_nuc7i3bnhxfnuc_board_nuc7i3bnbnuc_7_home_nuc7i3bnhxf_firmwarenuc_kit_nuc7i3bnhx1_firmwarenuc_kit_nuc7i5bnh_firmwarenuc_board_nuc8cchbnuc_kit_nuc7i5bnk_firmwarenuc_kit_nuc7i7bnhx1_firmwarecompute_stick_stk2mv64cc_firmwarenuc_7_enthusiast_nuc7i7bnkq_firmwarenuc_8_rugged_kit_nuc8cchkrn_firmwarenuc_8_rugged_kit_nuc8cchkrnuc_kit_nuc7i5bnhx1nuc_kit_nuc6cayh_firmwarenuc_7_home_nuc7i5bnkpnuc_7_enthusiast_nuc7i7bnhxg_firmwarenuc_kit_nuc7i5bnhx1_firmwarenuc_kit_nuc7i3bnk_firmwarenuc_kit_nuc7i7bnhx1nuc_board_nuc8cchb_firmwarenuc_7_home_nuc7i5bnhxfnuc_8_rugged_board_nuc8cchbn_firmwarenuc_kit_nuc7i5bnhnuc_8_rugged_kit_nuc8cchkr_firmwarenuc_board_nuc7i5bnbnuc_kit_nuc7i3bnknuc_kit_nuc6cays_firmwarenuc_board_nuc7i5bnb_firmwarenuc_board_nuc7i3bnb_firmwarenuc_7_home_nuc7i5bnkp_firmwarenuc_7_enthusiast_nuc7i7bnhxgnuc_kit_nuc7i7bnhnuc_kit_nuc7i3bnh_firmwarenuc_kit_nuc7i3bnhx1nuc_7_home_nuc7i5bnhxf_firmwarecompute_stick_stk2mv64ccnuc_kit_nuc6caysnuc_kit_nuc7i7bnh_firmwarenuc_8_rugged_board_nuc8cchbnnuc_board_nuc7i7bnb_firmwarenuc_8_rugged_kit_nuc8cchkrnnuc_7_enthusiast_nuc7i7bnkqnuc_kit_nuc7i3bnhnuc_board_nuc7i7bnbnuc_kit_nuc6cayhIntel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-31203
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.10% / 27.68%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-14 Aug, 2024 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some OpenVINO Model Server software before version 2022.3 for Intel Distribution of OpenVINO toolkit may allow an unauthenticated user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-openvino_model_serverOpenVINO Model Server software
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0149
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 31.10%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:24
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_x710-at2_firmwareethernet_controller_x710-tm4_firmwareethernet_controller_x710-bm2_firmwareethernet_controller_710-bm1ethernet_controller_xxv710-am2ethernet_controller_xxv710-am1_firmwareethernet_controller_xxv710-am1ethernet_controller_x710-bm2ethernet_controller_xxv710-am2_firmwareethernet_700_series_softwareethernet_controller_x710-at2ethernet_controller_710-bm1_firmwareethernet_controller_x710-tm42019.2 IPU – Intel(R) Ethernet 700 Series Controllers
CWE ID-CWE-20
Improper Input Validation
CVE-2023-29494
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.03% / 8.49%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-18 Oct, 2024 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/abios_firmwareIntel Corporation
Product-nuc_11_pro_kit_nuc11tnhi3_firmwarenuc_11_pro_kit_nuc11tnki70znuc_11_pro_kit_nuc11tnki3_firmwarenuc_11_pro_kit_nuc11tnhi3nuc_11_pro_board_nuc11tnbi7_firmwarenuc_11_pro_board_nuc11tnbi30z_firmwarenuc_11_pro_board_nuc11tnbi5nuc_11_pro_kit_nuc11tnhi70l_firmwarenuc_11_pro_kit_nuc11tnhi5_firmwarenuc_11_pro_board_nuc11tnbi3nuc_11_pro_board_nuc11tnbi70z_firmwarenuc_11_pro_kit_nuc11tnhi30znuc_11_pro_kit_nuc11tnhi30p_firmwarenuc_11_pro_kit_nuc11tnhi30lnuc_11_pro_board_nuc11tnbi70znuc_11_pro_kit_nuc11tnhi70qnuc_11_pro_kit_nuc11tnhi30pnuc_11_pro_board_nuc11tnbi50z_firmwarenuc_11_pro_kit_nuc11tnhi7_firmwarenuc_11_pro_kit_nuc11tnhi70z_firmwarenuc_11_pro_kit_nuc11tnki30znuc_11_pro_kit_nuc11tnhi30z_firmwarenuc_11_pro_kit_nuc11tnhi50l_firmwarenuc_11_pro_kit_nuc11tnhi5nuc_11_pro_kit_nuc11tnki5_firmwarenuc_11_pro_kit_nuc11tnhi70znuc_11_pro_kit_nuc11tnhi50wnuc_11_pro_kit_nuc11tnki50z_firmwarenuc_11_pro_kit_nuc11tnki50znuc_11_pro_kit_nuc11tnhi70q_firmwarenuc_11_pro_kit_nuc11tnki5nuc_11_pro_board_nuc11tnbi30znuc_11_pro_kit_nuc11tnki30z_firmwarenuc_11_pro_kit_nuc11tnhi7nuc_11_pro_kit_nuc11tnki7_firmwarenuc_11_pro_kit_nuc11tnhi50z_firmwarenuc_11_pro_board_nuc11tnbi5_firmwarenuc_11_pro_kit_nuc11tnhi50lnuc_11_pro_kit_nuc11tnki7nuc_11_pro_board_nuc11tnbi7nuc_11_pro_kit_nuc11tnhi50w_firmwarenuc_11_pro_kit_nuc11tnhi30l_firmwarenuc_11_pro_kit_nuc11tnki3nuc_11_pro_board_nuc11tnbi50znuc_11_pro_kit_nuc11tnhi70lnuc_11_pro_kit_nuc11tnhi50znuc_11_pro_kit_nuc11tnki70z_firmwarenuc_11_pro_board_nuc11tnbi3_firmwareIntel(R) NUCsintel_r_nucs
CWE ID-CWE-20
Improper Input Validation
CVE-2023-29495
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.06% / 17.78%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-09 May, 2025 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel NUC BIOS firmware before version IN0048 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_8_mainstream-g_kit_nuc8i5inhnuc_8_mainstream-g_kit_nuc8i5inh_firmwarenuc_8_mainstream-g_kit_nuc8i7inhnuc_8_mainstream-g_kit_nuc8i7inh_firmwareIntel NUC BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0094
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.19% / 40.60%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) Active Management Technology (AMT)
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0157
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 26.01%
||
7 Day CHG~0.00%
Published-13 Jun, 2019 | 15:36
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the Intel(R) SGX driver for Linux may allow an authenticated user to potentially enable a denial of service via local access.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncIntel Corporation
Product-software_guard_extensions_data_center_attestation_primitiveslinux_kernelsoftware_guard_extensionsIntel(R) SGX for Linux
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0168
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.14% / 34.86%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwaretrusted_execution_engine_firmwareIntel(R) CSME, Intel(R) TXE
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0097
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.34% / 56.05%
||
7 Day CHG-0.02%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) Active Management Technology (AMT)
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0147
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 16.32%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:23
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_x710-at2_firmwareethernet_controller_x710-tm4_firmwareethernet_controller_x710-bm2_firmwareethernet_controller_710-bm1ethernet_controller_xxv710-am2ethernet_controller_xxv710-am1_firmwareethernet_controller_xxv710-am1ethernet_controller_x710-bm2ethernet_controller_xxv710-am2_firmwareethernet_700_series_softwareethernet_controller_x710-at2ethernet_controller_710-bm1_firmwareethernet_controller_x710-tm42019.2 IPU – Intel(R) Ethernet 700 Series Controllers
CWE ID-CWE-20
Improper Input Validation
CVE-2023-28743
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.23%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel NUC BIOS firmware before version QN0073 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_9_pro_kit_nuc9v7qnbnuc_9_pro_compute_element_nuc9v7qnbnuc_9_pro_compute_element_nuc9v7qnxnuc_9_pro_compute_element_nuc9v7qnb_firmwarenuc_9_pro_kit_nuc9v7qnx_firmwarenuc_9_pro_kit_nuc9v7qnb_firmwarenuc_pro_compute_element_nuc9v7qnx_firmwarenuc_9_pro_kit_nuc9v7qnxIntel NUC BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0092
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.14% / 34.73%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-active_management_technology_firmwareIntel(R) Active Management Technology (AMT)
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0115
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 32.05%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 15:41
Updated-04 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driverIntel(R) Graphics Driver KMD module
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0163
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.05% / 15.80%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 17:03
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in system firmware for Intel(R) Broadwell U i5 vPro before version MYBDWi5v.86A may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-i5-5350u_firmwarei5-5350uIntel(R) NUC Advisory
CWE ID-CWE-20
Improper Input Validation
CVE-2019-0165
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.13% / 33.81%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 21:08
Updated-04 Aug, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-converged_security_management_engine_firmwareIntel(R) CSME
CWE ID-CWE-20
Improper Input Validation
CVE-2023-28738
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.07% / 20.95%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-21 Oct, 2024 | 12:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel NUC BIOS firmware before version JY0070 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc7cjyhn_firmwarenuc_kit_nuc7cjysalnuc_kit_nuc7cjyhnuc_kit_nuc7cjyh_firmwarenuc_kit_nuc7cjyhnnuc_kit_nuc7pjyh_firmwarenuc_kit_nuc7cjysal_firmwarenuc_kit_nuc7pjyhn_firmwarenuc_kit_nuc7pjyhnnuc_7_essential_nuc7cjysamnnuc_kit_nuc7pjyhnuc_7_essential_nuc7cjysamn_firmwareIntel NUC BIOS firmwareintel_nuc_bios_firmware
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CWE ID-CWE-20
Improper Input Validation
CVE-2023-28374
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.09% / 25.93%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:37
Updated-29 Oct, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-killer_wi-fi_6e_ax1690proset\/wirelesswi-fi_6e_ax211killerkiller_wi-fi_6e_ax1675wi-fi_6e_ax411proset_wi-fi_6e_ax210Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software
CWE ID-CWE-20
Improper Input Validation
CVE-2023-28402
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 16.26%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 20:47
Updated-21 Aug, 2024 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-Intel(R) BIOS Guard firmwarecomet_lake
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14566
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.07%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 16:46
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access.

Action-Not Available
Vendor-Linux Kernel Organization, IncIntel CorporationMicrosoft Corporation
Product-windowssoftware_guard_extensions_sdklinux_kernel2019.2 IPU – Intel(R) SGX
CWE ID-CWE-20
Improper Input Validation
CVE-2023-27519
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.05% / 13.89%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-11 Jun, 2025 | 14:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in firmware for some Intel(R) Optane(TM) SSD products may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-optane_memory_h20_with_solid_state_storageoptane_ssd_dc_p4800x_firmwareoptane_ssd_dc_p4801x_firmwareoptane_ssd_905poptane_ssd_900poptane_ssd_dc_p4801xoptane_memory_h20_with_solid_state_storage_firmwareoptane_ssd_dc_p4800xoptane_ssd_905p_firmwareoptane_ssd_900p_firmwareIntel(R) Optane(TM) SSD products
CWE ID-CWE-20
Improper Input Validation
CVE-2023-25772
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5||MEDIUM
EPSS-0.05% / 16.85%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:40
Updated-24 Jan, 2025 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) Retail Edge Mobile Android application before version 3.0.301126-RELEASE may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-retail_edge_programIntel(R) Retail Edge Mobile Android application
CWE ID-CWE-20
Improper Input Validation
CVE-2023-25776
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6.3||MEDIUM
EPSS-0.06% / 19.90%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-27 Jan, 2025 | 18:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_system_d50tnp1mhcpacserver_system_d50tnp2mhsvac_firmwareserver_system_m50cyp2ur312_firmwareserver_system_d50tnp2mhsvacserver_system_d50tnp1mhcrac_firmwareserver_system_d50tnp2mhstacserver_system_d50tnp2mfalacserver_system_m50cyp2ur208server_system_d50tnp1mhcrlc_firmwareserver_system_m50cyp1ur212_firmwareserver_system_m50cyp2ur208_firmwareserver_system_m50cyp2ur312server_system_m50cyp1ur204_firmwareserver_system_d50tnp1mhcracserver_system_d50tnp1mhcrlcserver_system_d50tnp2mhstac_firmwareserver_system_m50cyp1ur204server_system_d50tnp1mhcpac_firmwareserver_system_d50tnp2mfalac_firmwareserver_system_m50cyp1ur212Intel(R) Server Board BMC firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-25951
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-6||MEDIUM
EPSS-0.07% / 20.55%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:37
Updated-29 Oct, 2024 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-killer_wi-fi_6e_ax1690proset\/wirelesswi-fi_6e_ax211killerkiller_wi-fi_6e_ax1675wi-fi_6e_ax411proset_wi-fi_6e_ax210Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi softwareproset\/wirelesskiller_wifi_software
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found