Skip to main content

Intel

1699 CVEs vendor

Monthly

CVE-2020-8747 CRITICAL Act Now

Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure and/or. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Intel Information Disclosure Active Management Technology Firmware +1
NVD
CVSS 3.1
9.1
EPSS
1.7%
CVE-2020-8746 MEDIUM This Month

Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable denial of service via adjacent. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Integer Overflow Active Management Technology Firmware Cloud Backup
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-8745 MEDIUM PATCH This Month

Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Intel Converged Security And Manageability Engine Trusted Execution Technology Simatic Drive Controller Firmware +19
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2020-8744 HIGH PATCH This Week

Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 4.0.30 Intel(R) SPS versions before E3_05.01.04.200. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Converged Security And Management Engine Server Platform Services Trusted Execution Engine +3
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-8740 MEDIUM This Month

Out of bounds write in Intel BIOS platform sample code for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Memory Corruption Bios +5
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2020-8739 HIGH This Week

Use of potentially dangerous function in Intel BIOS platform sample code for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Bios Aff Bios Fas Bios +3
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-8738 MEDIUM This Month

Improper conditions check in Intel BIOS platform sample code for some Intel(R) Processors before may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Bios Cloud Backup Fas Aff Bios +3
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8737 MEDIUM PATCH This Month

Improper buffer restrictions in the Intel(R) Stratix(R) 10 FPGA firmware provided with the Intel(R) Quartus(R) Prime Pro software before version 20.1 may allow an unauthenticated user to potentially. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Intel Information Disclosure Quartus Prime Stratix 10 Fpga Firmware
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2020-8705 MEDIUM This Month

Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Converged Security And Manageability Engine Trusted Execution Technology Server Platform Services
NVD
CVSS 3.1
6.8
EPSS
0.5%
CVE-2020-8698 MEDIUM This Month

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Microcode Clustered Data Ontap Hci Compute Node Bios +14
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2020-8696 MEDIUM This Month

Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Microcode Clustered Data Ontap Hcl Compute Node Bios +4
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-8695 MEDIUM This Month

Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Core I7 8510Y Firmware Core I7 8500Y Firmware Core I5 8310Y Firmware +298
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-8694 MEDIUM This Month

Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Linux Intel Information Disclosure Core I7 8510Y Firmware Core I7 8500Y Firmware +297
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-8693 MEDIUM This Month

Improper buffer restrictions in the firmware of the Intel(R) Ethernet 700 Series Controllers may allow a privileged user to potentially enable escalation of privilege and/or denial of service via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Intel V710 At2 Firmware X710 Tm4 Firmware +6
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8692 MEDIUM This Month

Insufficient access control in the firmware of the Intel(R) Ethernet 700 Series Controllers before version 7.3 may allow a privileged user to potentially enable escalation of privilege and/or denial. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Intel V710 At2 Firmware X710 Tm4 Firmware +6
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8691 MEDIUM This Month

A logic issue in the firmware of the Intel(R) Ethernet 700 Series Controllers may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Intel V710 At2 Firmware X710 Tm4 Firmware +6
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2020-8690 MEDIUM This Month

Protection mechanism failure in Intel(R) Ethernet 700 Series Controllers before version 7.3 may allow a privileged user to potentially enable escalation of privilege and/or denial of service via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Intel V710 At2 Firmware X710 Tm4 Firmware +6
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8677 MEDIUM This Month

Improper access control in the Intel(R) Visual Compute Accelerator 2, all versions, may allow a privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Visual Compute Accelerator 2 Firmware
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2020-8676 MEDIUM This Month

Improper access control in the Intel(R) Visual Compute Accelerator 2, all versions, may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Visual Compute Accelerator 2 Firmware
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-12356 MEDIUM This Month

Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable information disclosure via local. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Intel Information Disclosure Active Management Technology Firmware Cloud Backup
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2020-12355 MEDIUM This Month

Authentication bypass by capture-replay in RPMB protocol message authentication subsystem in Intel(R) TXE versions before 4.0.30 may allow an unauthenticated user to potentially enable escalation of. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Authentication Bypass Trusted Execution Engine
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2020-12354 HIGH This Week

Incorrect default permissions in Windows(R) installer in Intel(R) AMT SDK versions before 14.0.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Microsoft Active Management Technology Software Development Kit
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-12322 MEDIUM PATCH This Month

Improper input validation in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Intel Dual Band Wireless Ac 3168 Firmware Dual Band Wireless Ac 8260 Firmware Dual Band Wireless Ac 8265 Firmware +8
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2020-12321 HIGH PATCH This Week

Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Intel Dual Band Wireless Ac 3168 Firmware Dual Band Wireless Ac 8260 Firmware Dual Band Wireless Ac 8265 Firmware +8
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2020-12319 MEDIUM PATCH This Month

Insufficient control flow management in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Intel Proset Wireless Wifi
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2020-12318 HIGH PATCH This Week

Protection mechanism failure in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Proset Wireless Wifi
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-12317 MEDIUM PATCH This Month

Improper buffer restriction in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Intel Proset Wireless Wifi
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2020-12314 MEDIUM PATCH This Month

Improper input validation in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Intel Proset Wireless Wifi
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2020-12312 MEDIUM This Month

Improper buffer restrictions in the Intel(R) Stratix(R) 10 FPGA firmware provided with the Intel(R) Quartus(R) Prime Pro software before version 20.2 may allow an unauthenticated user to potentially. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Quartus Prime Pro Stratix 10 Fpga Firmware
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2020-12311 MEDIUM This Month

Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Ssd Pro 6000P Firmware Ssd Pro 5450S Firmware Ssd E 5100S Firmware +12
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2020-12310 MEDIUM This Month

Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Ssd Pro 6000P Firmware Ssd Pro 5450S Firmware Ssd E 5100S Firmware +12
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2020-12309 MEDIUM This Month

Insufficiently protected credentialsin subsystem in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Ssd Pro 6000P Firmware Ssd Pro 5450S Firmware Ssd E 5100S Firmware +12
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2020-12308 MEDIUM This Month

Improper access control for the Intel(R) Computing Improvement Program before version 2.4.5982 may allow an unprivileged user to potentially enable information disclosure via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Information Disclosure Computing Improvement Program
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-12307 HIGH This Week

Improper permissions in some Intel(R) High Definition Audio drivers before version 9.21.00.4561 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel High Definition Audio Driver
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-12306 HIGH This Week

Incorrect default permissions in the Intel(R) RealSense(TM) D400 Series Dynamic Calibration Tool before version 2.11, may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Realsense D400 Series Dynamic Calibration Tool
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-12304 HIGH This Week

Improper access control in Installer for Intel(R) DAL SDK before version 2.1 for Windows may allow an authenticated user to potentially enable escalation of privileges via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Microsoft Dynamic Application Loader Software Developement Kit
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-12303 HIGH This Week

Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE 3.1.80, 4.0.30 may allow an authenticated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Use After Free Intel Memory Corruption Converged Security And Manageability Engine +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-12297 HIGH This Week

Improper access control in Installer for Intel(R) CSME Driver for Windows versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel TXE 3.1.80, 4.0.30 may. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Microsoft Converged Security And Manageability Engine Trusted Execution Technology
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-0593 MEDIUM This Month

Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Bios
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-0592 MEDIUM This Month

Out of bounds write in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Privilege Escalation Memory Corruption Intel +1
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-0591 MEDIUM This Month

Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Bios Simatic Cpu 1518 4 Firmware Simatic Cpu 1518F 4 Firmware
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-0590 HIGH PATCH This Week

Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Xeon Bronze 3206R Firmware Xeon Gold 5218R Firmware Xeon Gold 5220R Firmware +134
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-0588 MEDIUM This Month

Improper conditions check in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Bios
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-0587 MEDIUM This Month

Improper conditions check in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Bios
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-0584 MEDIUM PATCH This Month

Buffer overflow in firmware for Intel(R) SSD DC P4800X and P4801X Series, Intel(R) Optane(TM) SSD 900P and 905P Series may allow an unauthenticated user to potentially enable a denial of service via. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Denial Of Service Intel Ssd Dc P4800X Firmware Ssd Dc P4801X Firmware +2
NVD
CVSS 3.1
6.2
EPSS
0.3%
CVE-2020-0575 MEDIUM PATCH This Month

Improper buffer restrictions in the Intel(R) Unite Client for Windows* before version 4.2.13064 may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Microsoft Information Disclosure Unite
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8353 MEDIUM POC This Month

Prior to August 10, 2020, some Lenovo Desktop and Workstation systems were shipped with the Embedded Host Based Configuration (EHBC) feature of Intel AMT enabled. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Lenovo Intel Information Disclosure Thinkcentre M80T Firmware Thinkcentre M80S Firmware +12
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2020-7207 MEDIUM This Month

A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Apollo 2000 Firmware Apollo 4200 Gen10 Firmware Apollo 4500 Firmware +18
NVD
CVSS 3.1
6.8
EPSS
0.5%
CVE-2020-5939 HIGH This Week

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, and 13.1.0-13.1.3.4, BIG-IP Virtual Edition (VE) systems on VMware, with an Intel-based 85299 Network Interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Intel VMware Big Ip Access Policy Manager Big Ip Advanced Firewall Manager +12
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2020-8671 MEDIUM This Month

Insufficient control flow management in BIOS firmware 8th, 9th Generation Intel(R) Core(TM) Processors and Intel(R) Celeron(R) Processor 4000 Series may allow an authenticated user to potentially. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Bios
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-12302 HIGH This Week

Improper permissions in the Intel(R) Driver & Support Assistant before version 20.7.26.7 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Driver Support Assistant
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-0571 MEDIUM This Month

Improper conditions check in BIOS firmware for 8th Generation Intel(R) Core(TM) Processors and Intel(R) Pentium(R) Silver Processor Series may allow an authenticated user to potentially enable. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Bios
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-24718 HIGH POC This Week

bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Intel Authentication Bypass Freebsd Omnios Openindiana +1
NVD GitHub
CVSS 3.1
8.2
EPSS
0.6%
CVE-2020-25602 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.14.x. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Intel Amd Xen Fedora +2
NVD
CVSS 3.1
6.0
EPSS
0.3%
CVE-2020-25596 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.14.x. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Amd Xen Fedora +2
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2020-24457 HIGH This Week

Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processors may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Intel Information Disclosure Core I7 8665Ue Firmware +48
NVD
CVSS 3.1
7.6
EPSS
0.4%
CVE-2020-8758 CRITICAL Act Now

Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Standard Manageability Active Management Technology Firmware Steelstore Cloud Integrated Storage
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2020-8720 MEDIUM This Month

Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable denial of service via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8689 MEDIUM PATCH This Month

Improper buffer restrictions in the Intel(R) Wireless for Open Source before version 1.5 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Intel Inet Wireless Daemon
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2020-8688 HIGH PATCH This Week

Improper input validation in the Intel(R) RAID Web Console 3 for Windows* may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Intel Microsoft Raid Web Console 3
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-8687 HIGH PATCH This Week

Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Rste Software Raid
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8685 MEDIUM PATCH This Month

Improper authentication in subsystem for Intel (R) LED Manager for NUC before version 1.2.3 may allow privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Denial Of Service Intel Authentication Bypass Led Manager For Nuc
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2020-8684 MEDIUM PATCH This Month

Improper access control in firmware for Intel(R) PAC with Arria(R) 10 GX FPGA before Intel Acceleration Stack version 1.2.1 may allow a privileged user to potentially enable escalation of privilege. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel Acceleration Stack
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8683 MEDIUM PATCH This Month

Improper buffer restrictions in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Graphics Drivers
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8682 MEDIUM PATCH This Month

Out of bounds read in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Intel Information Disclosure Graphics Drivers
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8681 HIGH PATCH This Week

Out of bounds write in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Privilege Escalation Intel Memory Corruption Graphics Drivers
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-8680 HIGH PATCH This Week

Race condition in some Intel(R) Graphics Drivers before version 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.0).

Race Condition Privilege Escalation Intel Graphics Drivers
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2020-8679 MEDIUM PATCH This Month

Out-of-bounds write in Kernel Mode Driver for some Intel(R) Graphics Drivers before version 26.20.100.7755 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Intel Memory Corruption Graphics Drivers
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-12301 HIGH PATCH This Week

Improper initialization in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Intel S2600Wftr Firmware S2600Wf0R Firmware S2600Wfqr Firmware +5
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2020-12300 HIGH PATCH This Week

Uninitialized pointer in BIOS firmware for Intel(R) Server Board Families S2600CW, S2600KP, S2600TP, and S2600WT may allow a privileged user to potentially enable escalation of privilege via local. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Intel Memory Corruption S2600Cw2 Firmware S2600Cw2S Firmware +21
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2020-12299 HIGH PATCH This Week

Improper input validation in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Intel S2600Stqr Firmware S2600Stbr Firmware S2600Bpsr Firmware +5
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2020-0559 HIGH PATCH This Week

Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 8.1 before version 21.40.5.1 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Privilege Escalation Intel Microsoft Ac 3165 Firmware Ac 3168 Firmware +74
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-0555 HIGH PATCH This Week

Improper input validation for some Intel(R) Wireless Bluetooth(R) products may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Ax201 Firmware Ax200 Firmware Ac 9560 Firmware +8
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-0554 HIGH PATCH This Week

Race condition in software installer for some Intel(R) Wireless Bluetooth(R) products on Windows* 7, 8.1 and 10 may allow an unprivileged user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Race Condition Privilege Escalation Intel Microsoft Ac 3165 Firmware +10
NVD
CVSS 3.1
7.0
EPSS
0.9%
CVE-2020-0553 MEDIUM PATCH This Month

Out-of-bounds read in kernel mode driver for some Intel(R) Wireless Bluetooth(R) products on Windows* 10, may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Buffer Overflow Intel Microsoft Information Disclosure Ac 3165 Firmware +10
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2020-0513 HIGH PATCH This Week

Out of bounds write for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Privilege Escalation Intel Memory Corruption Graphics Drivers
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-0512 MEDIUM PATCH This Month

Uncaught exception in the system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Graphics Drivers
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-0510 HIGH PATCH This Week

Out of bounds read in some Intel(R) Graphics Drivers before versions 15.45.31.5127 and 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Privilege Escalation Intel Information Disclosure Graphics Drivers
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8763 HIGH PATCH This Week

Improper permissions in the installer for the Intel(R) RealSense(TM) D400 Series UWP driver for Windows* 10 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Intel Privilege Escalation Microsoft Realsense D415 Firmware Realsense D435 Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8759 MEDIUM PATCH This Month

Improper access control in the installer for Intel(R) SSD DCT versions before 3.0.23 may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel Ssd Data Center Tool
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8743 HIGH This Week

Improper permissions in the installer for the Intel(R) Mailbox Interface driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Mailbox Interface Driver
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8742 MEDIUM PATCH This Month

Improper input validation in the firmware for Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel Nuc8I7Behga Firmware Nuc8I7Bekqa Firmware Nuc8I3Behfa Firmware +70
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8736 HIGH This Week

Improper access control in subsystem for the Intel(R) Computing Improvement Program before version 2.4.5718 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Computing Improvement Program
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8733 MEDIUM PATCH This Month

Improper buffer restrictions in the firmware for Intel(R) Server Board M10JNP2SB before version 7.210 may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel M10Jnp2Sb Firmware
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8732 HIGH This Week

Heap-based buffer overflow in the firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Memory Corruption Server Board S2600Wt Firmware +17
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-8731 HIGH This Week

Incorrect execution-assigned permissions in the file system for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware Server System R2000Wt Firmware +15
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2020-8730 HIGH This Week

Heap-based overflow for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Memory Corruption Server Board S2600Wt Firmware +17
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2020-8729 HIGH This Week

Buffer copy without checking size of input for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8723 MEDIUM This Month

Cross-site scripting for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
6.3
EPSS
0.6%
CVE-2020-8722 HIGH This Week

Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
8.2
EPSS
0.4%
EPSS 2% CVSS 9.1
CRITICAL Act Now

Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure and/or. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Intel +3
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable denial of service via adjacent. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Integer Overflow +2
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Intel Converged Security And Manageability Engine +21
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 4.0.30 Intel(R) SPS versions before E3_05.01.04.200. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Converged Security And Management Engine +5
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Out of bounds write in Intel BIOS platform sample code for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel +7
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Use of potentially dangerous function in Intel BIOS platform sample code for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Bios +5
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Improper conditions check in Intel BIOS platform sample code for some Intel(R) Processors before may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Bios +5
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Improper buffer restrictions in the Intel(R) Stratix(R) 10 FPGA firmware provided with the Intel(R) Quartus(R) Prime Pro software before version 20.1 may allow an unauthenticated user to potentially. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Intel Information Disclosure +2
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Converged Security And Manageability Engine +2
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Microcode +16
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Microcode +6
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Core I7 8510Y Firmware +300
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Linux Intel Information Disclosure +299
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Improper buffer restrictions in the firmware of the Intel(R) Ethernet 700 Series Controllers may allow a privileged user to potentially enable escalation of privilege and/or denial of service via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Intel +8
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Insufficient access control in the firmware of the Intel(R) Ethernet 700 Series Controllers before version 7.3 may allow a privileged user to potentially enable escalation of privilege and/or denial. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Intel +8
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A logic issue in the firmware of the Intel(R) Ethernet 700 Series Controllers may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Intel +8
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Protection mechanism failure in Intel(R) Ethernet 700 Series Controllers before version 7.3 may allow a privileged user to potentially enable escalation of privilege and/or denial of service via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Intel +8
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Improper access control in the Intel(R) Visual Compute Accelerator 2, all versions, may allow a privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Visual Compute Accelerator 2 Firmware
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Improper access control in the Intel(R) Visual Compute Accelerator 2, all versions, may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Visual Compute Accelerator 2 Firmware
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable information disclosure via local. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Intel Information Disclosure +2
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Authentication bypass by capture-replay in RPMB protocol message authentication subsystem in Intel(R) TXE versions before 4.0.30 may allow an unauthenticated user to potentially enable escalation of. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Authentication Bypass +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Incorrect default permissions in Windows(R) installer in Intel(R) AMT SDK versions before 14.0.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Microsoft +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Improper input validation in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Intel Dual Band Wireless Ac 3168 Firmware +10
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Intel Dual Band Wireless Ac 3168 Firmware +10
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Insufficient control flow management in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Intel Proset Wireless Wifi
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Protection mechanism failure in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Proset Wireless Wifi
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Improper buffer restriction in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Intel Proset Wireless Wifi
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Improper input validation in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Intel Proset Wireless Wifi
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Improper buffer restrictions in the Intel(R) Stratix(R) 10 FPGA firmware provided with the Intel(R) Quartus(R) Prime Pro software before version 20.2 may allow an unauthenticated user to potentially. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Quartus Prime Pro +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Ssd Pro 6000P Firmware +14
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Ssd Pro 6000P Firmware +14
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Insufficiently protected credentialsin subsystem in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Ssd Pro 6000P Firmware +14
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Improper access control for the Intel(R) Computing Improvement Program before version 2.4.5982 may allow an unprivileged user to potentially enable information disclosure via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Information Disclosure Computing Improvement Program
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper permissions in some Intel(R) High Definition Audio drivers before version 9.21.00.4561 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel High Definition Audio Driver
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Incorrect default permissions in the Intel(R) RealSense(TM) D400 Series Dynamic Calibration Tool before version 2.11, may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Realsense D400 Series Dynamic Calibration Tool
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper access control in Installer for Intel(R) DAL SDK before version 2.1 for Windows may allow an authenticated user to potentially enable escalation of privileges via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Microsoft +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE 3.1.80, 4.0.30 may allow an authenticated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Use After Free Intel +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper access control in Installer for Intel(R) CSME Driver for Windows versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel TXE 3.1.80, 4.0.30 may. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Microsoft +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Bios
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Out of bounds write in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Privilege Escalation +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Bios +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Xeon Bronze 3206R Firmware +136
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Improper conditions check in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Bios
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Improper conditions check in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Bios
NVD
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

Buffer overflow in firmware for Intel(R) SSD DC P4800X and P4801X Series, Intel(R) Optane(TM) SSD 900P and 905P Series may allow an unauthenticated user to potentially enable a denial of service via. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Denial Of Service Intel +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Improper buffer restrictions in the Intel(R) Unite Client for Windows* before version 4.2.13064 may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Microsoft Information Disclosure +1
NVD
EPSS 1% CVSS 6.7
MEDIUM POC This Month

Prior to August 10, 2020, some Lenovo Desktop and Workstation systems were shipped with the Embedded Host Based Configuration (EHBC) feature of Intel AMT enabled. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Lenovo Intel Information Disclosure +14
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Intel Information Disclosure Apollo 2000 Firmware +20
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, and 13.1.0-13.1.3.4, BIG-IP Virtual Edition (VE) systems on VMware, with an Intel-based 85299 Network Interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Intel VMware +14
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Insufficient control flow management in BIOS firmware 8th, 9th Generation Intel(R) Core(TM) Processors and Intel(R) Celeron(R) Processor 4000 Series may allow an authenticated user to potentially. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Bios
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper permissions in the Intel(R) Driver & Support Assistant before version 20.7.26.7 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Driver Support Assistant
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper conditions check in BIOS firmware for 8th Generation Intel(R) Core(TM) Processors and Intel(R) Pentium(R) Silver Processor Series may allow an authenticated user to potentially enable. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Bios
NVD
EPSS 1% CVSS 8.2
HIGH POC This Week

bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Intel Authentication Bypass Freebsd +3
NVD GitHub
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

An issue was discovered in Xen through 4.14.x. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Intel Amd +4
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

An issue was discovered in Xen through 4.14.x. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Amd +4
NVD
EPSS 0% CVSS 7.6
HIGH This Week

Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processors may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Intel +50
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Standard Manageability +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable denial of service via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Intel +18
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Improper buffer restrictions in the Intel(R) Wireless for Open Source before version 1.5 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Intel Inet Wireless Daemon
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Improper input validation in the Intel(R) RAID Web Console 3 for Windows* may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Intel Microsoft +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Rste Software Raid
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Improper authentication in subsystem for Intel (R) LED Manager for NUC before version 1.2.3 may allow privileged user to potentially enable denial of service via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Denial Of Service Intel Authentication Bypass +1
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Improper access control in firmware for Intel(R) PAC with Arria(R) 10 GX FPGA before Intel Acceleration Stack version 1.2.1 may allow a privileged user to potentially enable escalation of privilege. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel Acceleration Stack
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Improper buffer restrictions in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Graphics Drivers
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Out of bounds read in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Intel +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Out of bounds write in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Privilege Escalation Intel +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Race condition in some Intel(R) Graphics Drivers before version 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.0).

Race Condition Privilege Escalation Intel +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Out-of-bounds write in Kernel Mode Driver for some Intel(R) Graphics Drivers before version 26.20.100.7755 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Intel +2
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Improper initialization in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Intel S2600Wftr Firmware +7
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Uninitialized pointer in BIOS firmware for Intel(R) Server Board Families S2600CW, S2600KP, S2600TP, and S2600WT may allow a privileged user to potentially enable escalation of privilege via local. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Intel Memory Corruption +23
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Improper input validation in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Intel S2600Stqr Firmware +7
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 8.1 before version 21.40.5.1 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Privilege Escalation Intel Microsoft +76
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper input validation for some Intel(R) Wireless Bluetooth(R) products may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Ax201 Firmware +10
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Race condition in software installer for some Intel(R) Wireless Bluetooth(R) products on Windows* 7, 8.1 and 10 may allow an unprivileged user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Race Condition Privilege Escalation Intel +12
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Out-of-bounds read in kernel mode driver for some Intel(R) Wireless Bluetooth(R) products on Windows* 10, may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Buffer Overflow Intel Microsoft +12
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Out of bounds write for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Privilege Escalation Intel +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Uncaught exception in the system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Graphics Drivers
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Out of bounds read in some Intel(R) Graphics Drivers before versions 15.45.31.5127 and 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Privilege Escalation Intel +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper permissions in the installer for the Intel(R) RealSense(TM) D400 Series UWP driver for Windows* 10 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Intel Privilege Escalation Microsoft +3
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Improper access control in the installer for Intel(R) SSD DCT versions before 3.0.23 may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel Ssd Data Center Tool
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper permissions in the installer for the Intel(R) Mailbox Interface driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Mailbox Interface Driver
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Improper input validation in the firmware for Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel Nuc8I7Behga Firmware +72
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper access control in subsystem for the Intel(R) Computing Improvement Program before version 2.4.5718 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Computing Improvement Program
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Improper buffer restrictions in the firmware for Intel(R) Server Board M10JNP2SB before version 7.210 may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel M10Jnp2Sb Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Heap-based buffer overflow in the firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel +19
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Incorrect execution-assigned permissions in the file system for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Server Board S2600Wt Firmware +17
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Heap-based overflow for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel +19
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Buffer copy without checking size of input for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel +18
NVD
EPSS 1% CVSS 6.3
MEDIUM This Month

Cross-site scripting for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Privilege Escalation Intel +18
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel +18
NVD
Prev Page 13 of 19 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy