Skip to main content

Privilege Escalation

auth HIGH

Privilege escalation occurs when an attacker leverages flaws in access control mechanisms to gain permissions beyond what they were originally granted.

How It Works

Privilege escalation occurs when an attacker leverages flaws in access control mechanisms to gain permissions beyond what they were originally granted. The attack exploits the gap between what the system thinks a user can do and what they actually can do through manipulation or exploitation.

Vertical escalation is the classic form—a regular user obtaining administrator rights. This happens through kernel exploits that bypass OS-level security, misconfigurations in role-based access control (RBAC) that fail to enforce boundaries, or direct manipulation of authorization tokens and session data. Horizontal escalation involves accessing resources belonging to users at the same privilege level, typically through insecure direct object references (IDOR) where changing an ID in a request grants access to another user's data.

Context-dependent escalation exploits workflow logic by skipping authorization checkpoints. An attacker might access administrative URLs directly without going through proper authentication flows, manipulate parameters to bypass permission checks, or exploit REST API endpoints that don't validate method permissions—like a read-only GET permission that can be leveraged for write operations through protocol upgrades or alternative endpoints.

Impact

  • Full system compromise through kernel-level exploits granting root or SYSTEM privileges
  • Administrative control over applications, allowing configuration changes, user management, and deployment of malicious code
  • Lateral movement across cloud infrastructure, containers, or network segments using escalated service account permissions
  • Data exfiltration by accessing databases, file systems, or API endpoints restricted to higher privilege levels
  • Persistence establishment through creation of backdoor accounts or modification of system configurations

Real-World Examples

Kubernetes clusters have been compromised through kubelet API misconfigurations where read-only GET permissions on worker nodes could be escalated to remote code execution. Attackers upgraded HTTP connections to WebSockets to access the /exec endpoint, gaining shell access to all pods on the node. This affected over 69 Helm charts including widely-deployed monitoring tools like Prometheus, Grafana, and Datadog agents.

Windows Print Spooler vulnerabilities (PrintNightmare class) allowed authenticated users to execute arbitrary code with SYSTEM privileges by exploiting improper privilege checks in the print service. Attackers loaded malicious DLLs through carefully crafted print jobs, escalating from low-privilege user accounts to full domain administrator access.

Cloud metadata services have been exploited where SSRF vulnerabilities combined with over-permissioned IAM roles allowed attackers to retrieve temporary credentials with elevated permissions, pivoting from compromised web applications to broader cloud infrastructure access.

Mitigation

  • Enforce deny-by-default access control where permissions must be explicitly granted rather than implicitly allowed
  • Implement consistent authorization checks at every layer—API gateway, application logic, and data access—never relying on client-side or single-point validation
  • Apply principle of least privilege with time-limited, scope-restricted permissions and just-in-time access for administrative functions
  • Audit permission inheritance and role assignments regularly to identify overly permissive configurations or privilege creep
  • Separate execution contexts using containers, sandboxes, or capability-based security to limit blast radius
  • Deploy runtime monitoring for unusual privilege usage patterns and anomalous access to restricted resources

Recent CVEs (13302)

EPSS 0% CVSS 8.8
HIGH This Week

The Tiger theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 101.2.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The Tiger theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 101.2.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress PHP Privilege Escalation
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The Tiare Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The FindAll Listing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing Functionality Not Properly Constrained by ACLs.23.20.04. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zte Privilege Escalation
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

An unauthenticated administrative access vulnerability exists in the open-source HashTech project (https://github.com/henzljw/hashtech) 1.0 thru commit 5919decaff2681dc250e934814fc3a35f6093ee5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP Authentication Bypass +2
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered in imonnit.com (2025-04-24) allowing malicious actors to gain escalated privileges via crafted password reset to take over arbitrary user accounts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Imonnit
NVD GitHub
EPSS 0% CVSS 6.9
MEDIUM POC PATCH This Month

OneUptime is a solution for monitoring and managing online services. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Privilege Escalation Oneuptime
NVD GitHub
EPSS 0% CVSS 7.1
HIGH This Week

The RupsMon and USBMate services in UPSilon 2000 run with SYSTEM privileges and contain unquoted service paths. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the 'Everyone' group Full Control. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

CMService.exe creates the C:\\usr directory and subdirectories with insecure permissions, granting write access to all authenticated users. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 7.2
HIGH This Week

The CMService.exe service runs with SYSTEM privileges and contains an unquoted service path. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Primakon Pi Portal 1.0.18 API endpoints fail to enforce sufficient authorization checks when processing requests. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Project Contract Management
NVD GitHub
EPSS 0% CVSS 8.6
HIGH This Week

Primakon Pi Portal 1.0.18 REST /api/v2/user/register endpoint suffers from a Broken Access Control vulnerability. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Project Contract Management
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Week

The Primakon Pi Portal 1.0.18 /api/V2/pp_users?email endpoint is used for user data filtering but lacks proper server-side validation against the authenticated session. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Project Contract Management
NVD GitHub
EPSS 0% CVSS 8.0
HIGH This Week

NVIDIA DGX Spark GB10 contains a vulnerability in hardware resources where an attacker could tamper with hardware controls. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Nvidia +2
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT, where an attacker could use privileged access to gain access to SoC protected areas. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE Nvidia +3
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Incorrect default permissions issue exists in Security Point (Windows) of MaLion prior to Ver.5.3.4. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Privilege Escalation +1
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The EduKart Pro plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 8.5
HIGH This Week

A local privilege escalation vulnerability exists in the restore mechanism of ASUS System Control Interface. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

OpenBao is an open source identity-based secrets management system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Openbao Suse
NVD GitHub
EPSS 0% CVSS 5.7
MEDIUM This Month

Insufficient validation within Xilinx Run Time framework could allow a local attacker to escalate privileges from user space to kernel space, potentially compromising confidentiality, integrity,. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 7.3
HIGH This Month

Incorrect default permissions in AMD StoreMI™ could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

RCE Amd Privilege Escalation
NVD
EPSS 0% CVSS 7.3
HIGH This Month

A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

RCE Amd Privilege Escalation
NVD
EPSS 0% CVSS 1.8
LOW POC PATCH Monitor

Wazuh is a free and open source platform used for threat prevention, detection, and response. Rated low severity (CVSS 1.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Privilege Escalation Wazuh
NVD GitHub
EPSS 0% CVSS 7.7
HIGH POC PATCH This Month

Wazuh is a free and open source platform used for threat prevention, detection, and response. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable. Public exploit code available.

RCE Privilege Escalation Wazuh
NVD GitHub
EPSS 0% CVSS 10.0
CRITICAL PATCH This Week

SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Grafana Privilege Escalation Red Hat +1
NVD
EPSS 0% CVSS 8.8
HIGH This Month

The Realty Portal plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'rp_save_property_settings'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass Privilege Escalation +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

The installation directory of LogStare Collector is configured with incorrect access permissions. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Logstare Collector
NVD
EPSS 0% CVSS 8.7
HIGH This Month

SOPlanning is vulnerable to Privilege Escalation in user management tab. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Soplanning
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in dataexport.php at line 118. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Privilege Escalation +2
NVD GitHub
EPSS 0% CVSS 8.7
HIGH POC PATCH This Week

WBCE CMS is a content management system. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP Privilege Escalation Wbce Cms
NVD GitHub
EPSS 0% CVSS 8.5
HIGH POC This Week

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 configure the web document root at C:\\F2MAdmin\\F2E with overly permissive file system permissions. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Privilege Escalation Fax Server +2
NVD
EPSS 0% CVSS 8.5
HIGH POC This Week

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component that controls back-end Windows services using helper batch scripts. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP Microsoft Privilege Escalation +4
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

XWiki AdminTools integrates administrative tools for managing a running XWiki instance. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation
NVD GitHub
EPSS 0% CVSS 6.0
MEDIUM This Month

An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS. Rated low severity (CVSS 1.9). No vendor patch available.

Fortinet Privilege Escalation Fortiproxy +2
NVD VulDB
EPSS 0% CVSS 7.3
HIGH POC This Month

A vulnerability was discovered in Awesome Miner thru 11.2.4 that allows arbitrary read and write to kernel memory and MSRs (such as LSTAR) as an unprivileged user. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Denial Of Service Buffer Overflow +2
NVD
EPSS 0% CVSS 9.1
CRITICAL PATCH This Week

A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Serv U +1
NVD
EPSS 0% CVSS 3.2
LOW Monitor

The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without Hardened Runtime. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation
NVD
EPSS 0% CVSS 8.7
HIGH This Month

A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIO_USH_ADD_RECORD functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. Rated high severity (CVSS 8.7), this vulnerability is low attack complexity. No vendor patch available.

Dell Privilege Escalation
NVD
EPSS 0% CVSS 8.5
HIGH This Month

Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due to a combination of sudo misconfiguration and group-writable application directories. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Log Server
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A flaw was found in libvirt. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Privilege Escalation
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

A vulnerability exists in QuickCMS version 6.8 where sensitive admin credentials are hardcoded in a configuration file and stored in plaintext. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Quick Cms
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contains an Insecure Temporary File vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Privilege Escalation Alienware Command Center
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Catalyst Center
NVD
EPSS 0% CVSS 8.1
HIGH This Month

Inefficient regular expression complexity in certain Zoom Workplace Clients before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Meeting Software Development Kit +1
NVD
EPSS 0% CVSS 8.1
HIGH This Month

Improper authorization handling in Zoom Workplace for Android before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Privilege Escalation Meeting Software Development Kit +2
NVD
EPSS 0% CVSS 7.5
HIGH This Month

Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access. Rated high severity (CVSS 7.5). No vendor patch available.

Jwt Attack Microsoft Privilege Escalation +2
NVD
EPSS 0% CVSS 8.8
HIGH This Month

The LifterLMS - WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to privilege escalation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 7.0
HIGH This Month

An improper permissions vulnerability was reported in Lenovo App Store that could allow a local authenticated user to execute code with elevated privileges during installation of an application. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

Lenovo Privilege Escalation App Store
NVD
EPSS 0% CVSS 5.2
MEDIUM This Month

An improper default permission vulnerability was reported in Lenovo Dock Manager that, under certain conditions during installation, could allow an authenticated local user to redirect log files with. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Lenovo Privilege Escalation
NVD
EPSS 0% CVSS 7.0
HIGH This Month

The Datadog Agent collects events and metrics from hosts and sends them to Datadog. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

Python Microsoft Kubernetes +3
NVD GitHub
EPSS 0% CVSS 8.8
HIGH PATCH This Month

A flaw was found in the Observability Operator. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Kubernetes Privilege Escalation Red Hat
NVD
EPSS 0% CVSS 7.3
HIGH This Month

CWE-276: Incorrect Default Permissions vulnerability exists that could cause elevated system access when the target installation folder is not properly secured.

Privilege Escalation
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

A Execution with Unnecessary Privileges vulnerability in lightdm-kde-greeter allows escalation from the service user to root. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Suse
NVD
EPSS 0% CVSS 8.5
HIGH This Month

A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 8.5
HIGH This Month

A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows 10 1607 +13
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for the Intel MPI Library before version 2021.16 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel Privilege Escalation
NVD
EPSS 0% CVSS 7.1
HIGH This Month

Protection mechanism failure in the UEFI firmware for the Slim Bootloader within firmware may allow an escalation of privilege. Rated high severity (CVSS 7.1). No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 7.3
HIGH This Month

Improper input validation for some Intel QuickAssist Technology before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Quickassist Technology
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Unquoted search path for some PRI Driver software before version 03.03.1002 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Untrusted pointer dereference for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Quickassist Technology
NVD
EPSS 0% CVSS 8.4
HIGH This Month

Incorrect default permissions in some firmware for the Intel(R) Arc(TM) B-series GPUs within Ring 1: Device Drivers may allow an escalation of privilege. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for some FPGA Support Package for the Intel oneAPI DPC++C++ Compiler software before version 2025.0.1 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel Privilege Escalation
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for the Intel(R) Processor Identification Utility before version 8.0.43 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel Privilege Escalation
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Incorrect default permissions for some Intel(R) Thread Director Visualizer software before version 1.1.1 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel Privilege Escalation
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for the Instrumentation and Tracing Technology API (ITT API) software before version 3.25.4 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for some Intel(R) Graphics Software before version 25.22.1502.2 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel Privilege Escalation
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for some System Event Log Viewer Utility software for all versions within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Incorrect default permissions for some Intel(R) PresentMon before version 2.3.1 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel Privilege Escalation
NVD
EPSS 0% CVSS 4.8
MEDIUM Monitor

Improper input validation for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation Quickassist Technology
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for some Intel Driver and Support Assistant before version 25.2 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel RCE Privilege Escalation
NVD
EPSS 0% CVSS 8.3
HIGH This Month

Active debug code for some Intel UEFI reference platforms within Ring 0: Kernel may allow a denial of service and escalation of privilege. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Privilege Escalation
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for some Intel(R) Distribution for Python software installers before version 2025.2.0 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel Python Privilege Escalation
NVD
EPSS 0% CVSS 7.3
HIGH This Month

Out-of-bounds write for some Intel(R) QAT Windows software before version 2.6.0. Rated high severity (CVSS 7.3). No vendor patch available.

Buffer Overflow Intel Microsoft +4
NVD
EPSS 0% CVSS 2.4
LOW Monitor

Improper neutralization for some Intel(R) Neural Compressor software before version v3.4 within Ring 3: User Applications may allow an escalation of privilege. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Privilege Escalation
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Incorrect default permissions for some Intel(R) One Boot Flash Update (Intel(R) OFU) software before version 14.1.31 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel Privilege Escalation
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Incorrect default permissions for the Intel(R) Processor Identification Utility before version 8.0.43 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel RCE Privilege Escalation
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for some Intel(R) One Boot Flash Update (Intel(R) OFU) software before version 14.1.31 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel Privilege Escalation
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Improper link resolution before file access ('link following') for some Intel(R) Server Configuration Utility software and Intel(R) Server Firmware Update Utility software before version 16.0.12. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel Privilege Escalation
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Information Disclosure Privilege Escalation +1
NVD
EPSS 0% CVSS 2.0
LOW Monitor

Unrestricted upload of file with dangerous type for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable. No vendor patch available.

File Upload Intel Privilege Escalation +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.3). No vendor patch available.

Intel Privilege Escalation
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for the Intel(R) System Support Utility before version 4.1.0 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel RCE Privilege Escalation
NVD
EPSS 0% CVSS 7.7
HIGH This Month

Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Privilege Escalation Computing Improvement Program
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Buffer Overflow Microsoft +3
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for some Intel(R) Killer(TM) Performance Suite software before version killer 4.0 40.25.509.1465 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel Privilege Escalation
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Insecure inherited permissions for some Intel(R) Rapid Storage Technology Application before version 20.0.1021 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel RCE Privilege Escalation
NVD
EPSS 0% CVSS 2.3
LOW Monitor

Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.

Intel Privilege Escalation Computing Improvement Program
NVD
Prev Page 20 of 148 Next

Quick Facts

Typical Severity
HIGH
Category
auth
Total CVEs
13302

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy