Intel Intel

Do you want an email whenever new security vulnerabilities are reported in any Intel product?

Products by Intel Sorted by Most Security Vulnerabilities since 2018

Intel Graphics Driver50 vulnerabilities

Intel Data Center Manager23 vulnerabilities

Intel Quartus Prime22 vulnerabilities

Intel Core I5 10210y19 vulnerabilities

Intel Core I7 10510u19 vulnerabilities

Intel Core I7 10510y19 vulnerabilities

Intel Core I5 10310y19 vulnerabilities

Intel Core I7 10700k19 vulnerabilities

Intel Core I5 10210u19 vulnerabilities

Intel Core I7 1165g718 vulnerabilities

Intel Core I7 11850h18 vulnerabilities

Intel Core I9 11980hk18 vulnerabilities

Intel Core I7 10710u18 vulnerabilities

Intel Core I5 1145g7e18 vulnerabilities

Intel Core I7 7700k18 vulnerabilities

Intel Core I7 1160g718 vulnerabilities

Intel Core I5 1035g118 vulnerabilities

Intel Core I5 11500h18 vulnerabilities

Intel Xeon Bronze 310618 vulnerabilities

Intel Core I7 1185g7e18 vulnerabilities

Intel Core I7 11700kf18 vulnerabilities

Intel Core I5 11320h18 vulnerabilities

Intel Core I5 11400f18 vulnerabilities

Intel Core I5 1035g718 vulnerabilities

Intel Core I9 11900f18 vulnerabilities

Intel Core I9 11900h18 vulnerabilities

Intel Core I5 11400h18 vulnerabilities

Intel Core I5 11400t18 vulnerabilities

Intel Core I7 1060g718 vulnerabilities

Intel Xeon Bronze 310418 vulnerabilities

Intel Core I9 11950h18 vulnerabilities

Intel Core I7 11700k18 vulnerabilities

Intel Core I9 11900t18 vulnerabilities

Intel Core I5 11260h18 vulnerabilities

Intel Core I5 1130g718 vulnerabilities

Intel Core I5 11300h18 vulnerabilities

Intel Core I5 1135g718 vulnerabilities

Intel Core I9 11900k18 vulnerabilities

Intel Core I5 1150018 vulnerabilities

Intel Core I7 1185g718 vulnerabilities

Intel Core I7 1065g718 vulnerabilities

Intel Core I7 1180g718 vulnerabilities

Intel Core I5 11500t18 vulnerabilities

Intel Core I7 11700f18 vulnerabilities

Intel Core I5 1140g718 vulnerabilities

Intel Core I5 1155g718 vulnerabilities

Intel Core I7 11370h18 vulnerabilities

Intel Core I5 1035g418 vulnerabilities

Intel Core I5 1030g418 vulnerabilities

Intel Core I5 11600t18 vulnerabilities

Intel Core I7 11375h18 vulnerabilities

Intel Core I7 8665u18 vulnerabilities

Intel Core I9 11900kf18 vulnerabilities

Intel Core I7 1170018 vulnerabilities

Intel Core I5 1160018 vulnerabilities

Intel Core I7 11800h18 vulnerabilities

Intel Core I7 1185gre18 vulnerabilities

Intel Core I7 8565u18 vulnerabilities

Intel Core I5 11600k18 vulnerabilities

Intel Core I7 11700t18 vulnerabilities

Intel Core I5 1145g718 vulnerabilities

Intel Core I5 1145gre18 vulnerabilities

Intel Core I5 1030g718 vulnerabilities

Intel Core I7 11390h18 vulnerabilities

Intel Core I7 8500y18 vulnerabilities

Intel Core I7 1195g718 vulnerabilities

Intel Core I9 1190018 vulnerabilities

Intel Core I5 1140018 vulnerabilities

Intel Core I5 11600kf18 vulnerabilities

Intel Core I9 1090017 vulnerabilities

Intel Core I9 10900f17 vulnerabilities

Intel Core I9 10900kf17 vulnerabilities

Intel Core I9 10900k17 vulnerabilities

Intel Core I7 10870h17 vulnerabilities

Intel Core I5 10400f17 vulnerabilities

Intel Core I5 1050017 vulnerabilities

Intel Core I5 10500te17 vulnerabilities

Intel Core I7 10875h17 vulnerabilities

Intel Core I5 10500t17 vulnerabilities

Intel Core I5 1050517 vulnerabilities

Intel Core I5 1060017 vulnerabilities

Intel Core I5 10600k17 vulnerabilities

Intel Core I5 10600kf17 vulnerabilities

Intel Core I9 10900te17 vulnerabilities

Intel Core I7 7740x17 vulnerabilities

Intel Core I7 10810u17 vulnerabilities

Intel Core I7 10700t17 vulnerabilities

Intel Core I7 10700kf17 vulnerabilities

Intel Core I7 10850h17 vulnerabilities

Intel Core I5 10200h17 vulnerabilities

Intel Core I9 10900t17 vulnerabilities

Intel Core I9 10980hk17 vulnerabilities

Intel Core I9 10850k17 vulnerabilities

Intel Core I9 10900e17 vulnerabilities

Intel Core I9 10885h17 vulnerabilities

Intel Core I7 11850he17 vulnerabilities

@intel Tweets

Live that #UnpluggedLife with #IntelEvo laptops long-lasting battery. Say goodbye to chargers holding you back... l… https://t.co/6ZbiuAe1FC
Thu Mar 16 15:30:43 +0000 2023

By the Year

In 2023 there have been 54 vulnerabilities in Intel with an average score of 7.2 out of ten. Last year Intel had 101 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Intel in 2023 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2023 is greater by 0.22.

Year Vulnerabilities Average Score
2023 54 7.19
2022 101 6.97
2021 49 7.18
2020 114 6.92
2019 150 6.54
2018 72 6.65

It may take a day or so for new Intel vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Intel Security Vulnerabilities

Uncaught exception in the FCS Server software maintained by Intel before version 1.1.79.3 may

CVE-2022-36287 4.3 - Medium - February 16, 2023

Uncaught exception in the FCS Server software maintained by Intel before version 1.1.79.3 may allow a privileged user to potentially enable denial of service via physical access.

Improper Handling of Exceptional Conditions

Insufficiently protected credentials in the Intel(R) ON Event Series Android application before version 2.0 may

CVE-2022-41614 5.5 - Medium - February 16, 2023

Insufficiently protected credentials in the Intel(R) ON Event Series Android application before version 2.0 may allow an authenticated user to potentially enable information disclosure via local access.

Insufficiently Protected Credentials

Improper access control in the Intel(R) OFU software before version 14.1.28 may

CVE-2021-33104 5.5 - Medium - February 16, 2023

Improper access control in the Intel(R) OFU software before version 14.1.28 may allow an authenticated user to potentially enable denial of service via local access.

Improper access control in the Crypto API Toolkit for Intel(R) SGX before version 2.0 commit ID 91ee496 may

CVE-2022-21163 7.8 - High - February 16, 2023

Improper access control in the Crypto API Toolkit for Intel(R) SGX before version 2.0 commit ID 91ee496 may allow an authenticated user to potentially enable escalation of privilege via local access.

Server-side request forgery in the CVAT software maintained by Intel(R) before version 2.0.1 may

CVE-2022-27234 6.5 - Medium - February 16, 2023

Server-side request forgery in the CVAT software maintained by Intel(R) before version 2.0.1 may allow an authenticated user to potentially enable information disclosure via network access.

XSPA

Improper access control in some QATzip software maintained by Intel(R) before version 1.0.9 may

CVE-2022-36369 7.8 - High - February 16, 2023

Improper access control in some QATzip software maintained by Intel(R) before version 1.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect default permissions in the software installer for some Intel(R) QAT drivers for Linux before version 4.17 may

CVE-2022-36397 7.8 - High - February 16, 2023

Incorrect default permissions in the software installer for some Intel(R) QAT drivers for Linux before version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Default Permissions

Uncontrolled search path in some Intel(R) QAT drivers for Windows before version 1.6 may

CVE-2022-37340 7.3 - High - February 16, 2023

Uncontrolled search path in some Intel(R) QAT drivers for Windows before version 1.6 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Improper neutralization in the Intel(R) EMA software before version 1.8.1.0 may

CVE-2022-38056 5.3 - Medium - February 16, 2023

Improper neutralization in the Intel(R) EMA software before version 1.8.1.0 may allow a privileged user to potentially enable escalation of privilege via network access.

Uncontrolled search path in some Intel(R) Network Adapter installer software may

CVE-2022-41314 7.8 - High - February 16, 2023

Uncontrolled search path in some Intel(R) Network Adapter installer software may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Out-of-bounds write in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may

CVE-2022-32575 7.8 - High - February 16, 2023

Out-of-bounds write in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

Memory Corruption

Integer overflow in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may

CVE-2022-34843 7.8 - High - February 16, 2023

Integer overflow in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

Integer Overflow or Wraparound

Out-of-bounds read in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may

CVE-2022-34864 7.8 - High - February 16, 2023

Out-of-bounds read in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

Out-of-bounds Read

Improper access control in the Intel(R) SUR software before version 2.4.8902 may

CVE-2022-29514 9.8 - Critical - February 16, 2023

Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Improper conditions check in the Intel(R) SUR software before version 2.4.8902 may

CVE-2022-30692 7.5 - High - February 16, 2023

Improper conditions check in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable denial of service via network access.

Improper Check for Unusual or Exceptional Conditions

Improper access control in the Intel(R) SUR software before version 2.4.8902 may

CVE-2022-31476 5.5 - Medium - February 16, 2023

Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable denial of service via local access.

Improper authentication in the Intel(R) SUR software before version 2.4.8902 may

CVE-2022-32971 7.2 - High - February 16, 2023

Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow a privileged user to potentially enable escalation of privilege via network access.

authentification

Improper input validation in the Intel(R) SUR software before version 2.4.8902 may

CVE-2022-33190 7.8 - High - February 16, 2023

Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper Input Validation

Improper authentication in the Intel(R) SUR software before version 2.4.8902 may

CVE-2022-33946 7.8 - High - February 16, 2023

Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.

authentification

Improper input validation in the Intel(R) SUR software before version 2.4.8902 may

CVE-2022-33964 9.8 - Critical - February 16, 2023

Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Improper Input Validation

Out-of-bounds read in the Intel(R) Media SDK software before version 22.2.2 may

CVE-2022-34346 7.8 - High - February 16, 2023

Out-of-bounds read in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Out-of-bounds Read

Improper access control in the Intel(R) SUR software before version 2.4.8902 may

CVE-2022-34854 7.8 - High - February 16, 2023

Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.

NULL pointer dereference in the Intel(R) Media SDK software before version 22.2.2 may

CVE-2022-35883 5.5 - Medium - February 16, 2023

NULL pointer dereference in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable denial of service via local access.

NULL Pointer Dereference

Protection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may

CVE-2022-36289 5.5 - Medium - February 16, 2023

Protection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable denial of service via local access.

Protection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may

CVE-2022-27170 7.8 - High - February 16, 2023

Protection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper buffer restrictions in the Intel(R) Media SDK software before version 22.2.2 may

CVE-2022-34841 7.8 - High - February 16, 2023

Improper buffer restrictions in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Buffer Overflow

Cross-site scripting in the Intel(R) Quartus Prime Pro and Standard edition software may

CVE-2022-26888 4.1 - Medium - February 16, 2023

Cross-site scripting in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable information disclosure via local access.

XSS

Out-of-bounds read in firmware for the Intel(R) Integrated Sensor Solution before versions 5.4.2.4579v3, 5.4.1.4479 and 5.0.0.4143 may

CVE-2022-30339 4.4 - Medium - February 16, 2023

Out-of-bounds read in firmware for the Intel(R) Integrated Sensor Solution before versions 5.4.2.4579v3, 5.4.1.4479 and 5.0.0.4143 may allow a privileged user to potentially enable denial of service via local access.

Out-of-bounds Read

Improper authentication in the Intel(R) Quartus Prime Pro and Standard edition software may

CVE-2022-32570 7.8 - High - February 16, 2023

Improper authentication in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.

authentification

Improper access control in the Intel(R) FPGA SDK for OpenCL(TM) with Intel(R) Quartus(R) Prime Pro Edition software before version 22.1 may

CVE-2022-34157 7.8 - High - February 16, 2023

Improper access control in the Intel(R) FPGA SDK for OpenCL(TM) with Intel(R) Quartus(R) Prime Pro Edition software before version 22.1 may allow authenticated user to potentially enable escalation of privilege via local access.

Active debug code in some Intel (R) SPS firmware before version SPS_E5_04.04.04.300.0 may

CVE-2022-36348 7.8 - High - February 16, 2023

Active debug code in some Intel (R) SPS firmware before version SPS_E5_04.04.04.300.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper condition check in some Intel(R) SPS firmware before version SPS_E3_06.00.03.300.0 may

CVE-2022-36794 4.4 - Medium - February 16, 2023

Improper condition check in some Intel(R) SPS firmware before version SPS_E3_06.00.03.300.0 may allow a privileged user to potentially enable denial of service via local access.

Improper Check for Unusual or Exceptional Conditions

Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro and Standard Edition software may

CVE-2022-37329 7.3 - High - February 16, 2023

Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro and Standard Edition software may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Protection mechanism failure in the Intel(R) DSA software before version 22.4.26 may

CVE-2022-30530 7.8 - High - February 16, 2023

Protection mechanism failure in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local access.

Description: Race condition in the Intel(R) DSA software before version 22.4.26 may

CVE-2022-32764 7 - High - February 16, 2023

Description: Race condition in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local access.

Race Condition

Improper initialization in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may

CVE-2022-34153 7.8 - High - February 16, 2023

Improper initialization in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper Initialization

Insufficient control flow management in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may

CVE-2022-36278 7.8 - High - February 16, 2023

Insufficient control flow management in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Always-Incorrect Control Flow Implementation

Uncontrolled search path in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may

CVE-2022-36398 7.8 - High - February 16, 2023

Uncontrolled search path in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may

CVE-2022-25905 7.3 - High - February 16, 2023

Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Insecure inherited permissions in the Intel(R) oneAPI Toolkits oneapi-cli before version 0.2.0 may

CVE-2022-25992 7.8 - High - February 16, 2023

Insecure inherited permissions in the Intel(R) oneAPI Toolkits oneapi-cli before version 0.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Default Permissions

Uncontrolled search path element in the Intel(R) Distribution for Python programming language before version 2022.1 for Intel(R) oneAPI Toolkits may

CVE-2022-26032 7.3 - High - February 16, 2023

Uncontrolled search path element in the Intel(R) Distribution for Python programming language before version 2022.1 for Intel(R) oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Uncontrolled search path element in the Intel(R) MPI Library before version 2021.6 for Intel(R) oneAPI HPC Toolkit may

CVE-2022-26052 7.3 - High - February 16, 2023

Uncontrolled search path element in the Intel(R) MPI Library before version 2021.6 for Intel(R) oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Uncontrolled search path element in the Intel(R) Trace Analyzer and Collector before version 2021.6 for Intel(R) oneAPI HPC Toolkit may

CVE-2022-26062 7.3 - High - February 16, 2023

Uncontrolled search path element in the Intel(R) Trace Analyzer and Collector before version 2021.6 for Intel(R) oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Uncontrolled search path element in the Intel(R) oneAPI Deep Neural Network (oneDNN) before version 2022.1 may

CVE-2022-26076 7.3 - High - February 16, 2023

Uncontrolled search path element in the Intel(R) oneAPI Deep Neural Network (oneDNN) before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Uncontrolled search path element in the Intel(R) oneAPI Toolkit OpenMP before version 2022.1 may

CVE-2022-26345 7.3 - High - February 16, 2023

Uncontrolled search path element in the Intel(R) oneAPI Toolkit OpenMP before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Uncontrolled search path element in the Intel(R) oneAPI DPC++/C++ Compiler Runtime before version 2022.0 may

CVE-2022-26421 7.3 - High - February 16, 2023

Uncontrolled search path element in the Intel(R) oneAPI DPC++/C++ Compiler Runtime before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Uncontrolled search path element in the Intel(R) oneAPI Collective Communications Library (oneCCL) before version 2021.6 for Intel(R) oneAPI Base Toolkit may

CVE-2022-26425 7.3 - High - February 16, 2023

Uncontrolled search path element in the Intel(R) oneAPI Collective Communications Library (oneCCL) before version 2021.6 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Uncontrolled search path element in the Intel(R) FPGA Add-on for Intel(R) oneAPI Base Toolkit before version 2022.2 may

CVE-2022-26512 7.3 - High - February 16, 2023

Uncontrolled search path element in the Intel(R) FPGA Add-on for Intel(R) oneAPI Base Toolkit before version 2022.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Improper neutralization in the Intel(R) Quartus Prime Pro and Standard edition software may

CVE-2022-26840 7.8 - High - February 16, 2023

Improper neutralization in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.

Path traversal in the Intel(R) Quartus Prime Pro and Standard edition software may

CVE-2022-33892 7.8 - High - February 16, 2023

Path traversal in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.

Directory traversal

Insufficient control flow management in the Intel(R) Quartus Prime Pro and Standard edition software may

CVE-2022-33902 7.8 - High - February 16, 2023

Insufficient control flow management in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncontrolled search path in the Intel(R) oneAPI DPC++/C++ Compiler for Windows and Intel Fortran Compiler for Windows before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may

CVE-2022-38136 7.3 - High - February 06, 2023

Uncontrolled search path in the Intel(R) oneAPI DPC++/C++ Compiler for Windows and Intel Fortran Compiler for Windows before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 and Intel C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may

CVE-2022-40196 7.8 - High - February 06, 2023

Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 and Intel C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper buffer restrictions in the Intel(R) C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may

CVE-2022-41342 7.8 - High - February 06, 2023

Improper buffer restrictions in the Intel(R) C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.

Buffer Overflow

Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may

CVE-2022-26047 6.5 - Medium - November 11, 2022

Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local access.

Improper Input Validation

Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may

CVE-2022-26341 8.8 - High - November 11, 2022

Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may allow an authenticated user to potentially enable escalation of privilege via network access.

Insufficiently Protected Credentials

Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may

CVE-2021-33159 6.7 - Medium - November 11, 2022

Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access.

authentification

Uncontrolled search path in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may

CVE-2022-26028 7.3 - High - November 11, 2022

Uncontrolled search path in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may

CVE-2022-26086 7.3 - High - November 11, 2022

Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Toolkit may

CVE-2021-26251 6.5 - Medium - November 11, 2022

Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Toolkit may allow an authenticated user to potentially enable denial of service via network access.

Improper Input Validation

Improper authentication in the Intel(R) SDP Tool before version 3.0.0 may

CVE-2022-26508 7.5 - High - November 11, 2022

Improper authentication in the Intel(R) SDP Tool before version 3.0.0 may allow an unauthenticated user to potentially enable information disclosure via network access.

authentification

Improper buffer restrictions in the Hyperscan library maintained by Intel(R) all versions downloaded before 04/29/2022 may

CVE-2022-29486 9.8 - Critical - November 11, 2022

Improper buffer restrictions in the Hyperscan library maintained by Intel(R) all versions downloaded before 04/29/2022 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Buffer Overflow

Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may

CVE-2022-29515 5.5 - Medium - November 11, 2022

Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local access.

Memory Leak

Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may

CVE-2022-29893 8.8 - High - November 11, 2022

Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an authenticated user to potentially enable escalation of privilege via network access.

authentification

Cross-site scripting in the Intel(R) EMA software before version 1.8.0 may

CVE-2022-30297 7.8 - High - November 11, 2022

Cross-site scripting in the Intel(R) EMA software before version 1.8.0 may allow a privileged user to potentially enable escalation of privilege via local access.

XSS

Uncontrolled search path element in the Intel(R) Glorp software may

CVE-2022-30548 7.8 - High - November 11, 2022

Uncontrolled search path element in the Intel(R) Glorp software may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Uncontrolled resource consumption in the Intel(R) Support Android application before version 22.02.28 may

CVE-2022-30691 5.5 - Medium - November 11, 2022

Uncontrolled resource consumption in the Intel(R) Support Android application before version 22.02.28 may allow an authenticated user to potentially enable denial of service via local access.

Resource Exhaustion

Protection mechanism failure in the Intel(R) DCM software before version 5.0 may

CVE-2022-33942 8.8 - High - November 11, 2022

Protection mechanism failure in the Intel(R) DCM software before version 5.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may

CVE-2022-26845 9.8 - Critical - November 11, 2022

Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

authentification

Null pointer dereference in firmware for Intel(R) AMT before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may

CVE-2022-27497 7.5 - High - November 11, 2022

Null pointer dereference in firmware for Intel(R) AMT before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable denial of service via network access.

NULL Pointer Dereference

Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may

CVE-2022-27499 4.4 - Medium - November 11, 2022

Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access.

Uncontrolled search path element in the Intel(R) Advanced Link Analyzer Pro before version 22.2 and Standard edition software before version 22.1.1 STD may

CVE-2022-27638 7.8 - High - November 11, 2022

Uncontrolled search path element in the Intel(R) Advanced Link Analyzer Pro before version 22.2 and Standard edition software before version 22.1.1 STD may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700.0 may

CVE-2022-29466 5.5 - Medium - November 11, 2022

Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700.0 may allow an authenticated user to potentially enable denial of service via local access.

Improper Input Validation

Incorrect default permissions in the Intel(R) Support Android application before version v22.02.28 may

CVE-2022-36367 4.4 - Medium - November 11, 2022

Incorrect default permissions in the Intel(R) Support Android application before version v22.02.28 may allow a privileged user to potentially enable information disclosure via local access.

Incorrect Default Permissions

Uncontrolled search path in the software installer for Intel(R) System Studio for all versions, may

CVE-2021-33064 7.8 - High - November 11, 2022

Uncontrolled search path in the software installer for Intel(R) System Studio for all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may

CVE-2022-27187 7.8 - High - November 11, 2022

Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

XML injection in the Quartus(R) Prime Programmer included in the Intel(R) Quartus Prime Pro and Standard edition software may

CVE-2022-27233 7.5 - High - November 11, 2022

XML injection in the Quartus(R) Prime Programmer included in the Intel(R) Quartus Prime Pro and Standard edition software may allow an unauthenticated user to potentially enable information disclosure via network access.

aka Blind XPath Injection

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may

CVE-2022-30944 5.5 - Medium - August 18, 2022

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable information disclosure via local access.

Insufficiently Protected Credentials

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may

CVE-2022-30601 9.8 - Critical - August 18, 2022

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable information disclosure and escalation of privilege via network access.

Insufficiently Protected Credentials

Improper access control in firmware for Intel(R) AMT and Intel(R) Standard Manageability may

CVE-2022-28697 6.8 - Medium - August 18, 2022

Improper access control in firmware for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Improper neutralization in the Intel(R) Data Center Manager software before version 4.1 may

CVE-2022-21225 8 - High - August 18, 2022

Improper neutralization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.

Improper authentication in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may

CVE-2022-22730 9.8 - Critical - August 18, 2022

Improper authentication in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

authentification

Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may

CVE-2022-21152 5.5 - Medium - August 18, 2022

Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable information disclosure via local access.

Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may

CVE-2022-21148 7.8 - High - August 18, 2022

Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper Privilege Management

Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may

CVE-2022-25966 7.8 - High - August 18, 2022

Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper Privilege Management

Improper access control in the Intel(R) Data Center Manager software before version 4.1 may

CVE-2022-23182 8.8 - High - August 18, 2022

Improper access control in the Intel(R) Data Center Manager software before version 4.1 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

AuthZ

Incorrect default permissions for the Intel(R) Connect M Android application before version 1.7.4 may

CVE-2021-44470 5.5 - Medium - August 18, 2022

Incorrect default permissions for the Intel(R) Connect M Android application before version 1.7.4 may allow an authenticated user to potentially enable information disclosure via local access.

Incorrect Default Permissions

Improper initialization in the Intel(R) Data Center Manager software before version 4.1 may

CVE-2022-24378 5.5 - Medium - August 18, 2022

Improper initialization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access.

Improper Initialization

Improper input validation in the Intel(R) Data Center Manager software before version 4.1 may

CVE-2022-23403 5.5 - Medium - August 18, 2022

Improper input validation in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access.

Improper Input Validation

Improper access control in the Intel(R) HAXM software before version 7.7.1 may

CVE-2022-21812 7.8 - High - August 18, 2022

Improper access control in the Intel(R) HAXM software before version 7.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

AuthZ

Insufficiently protected credentials in the Intel(R) Datacenter Group Event iOS application, all versions, may

CVE-2022-30296 7.5 - High - August 18, 2022

Insufficiently protected credentials in the Intel(R) Datacenter Group Event iOS application, all versions, may allow an unauthenticated user to potentially enable information disclosure via network access.

Insufficiently Protected Credentials

Insufficiently protected credentials in the installation binaries for Intel(R) SEAPI in all versions may

CVE-2022-26844 7.8 - High - August 18, 2022

Insufficiently protected credentials in the installation binaries for Intel(R) SEAPI in all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Insufficiently Protected Credentials

Insufficiently protected credentials in the Intel(R) Team Blue mobile application in all versions may

CVE-2022-29507 5.5 - Medium - August 18, 2022

Insufficiently protected credentials in the Intel(R) Team Blue mobile application in all versions may allow an authenticated user to potentially enable information disclosure via local access.

Insufficiently Protected Credentials

Authentication bypass for the Open AMT Cloud Toolkit software maintained by Intel(R) before versions 2.0.2 and 2.2.2 may

CVE-2022-25899 9.8 - Critical - August 18, 2022

Authentication bypass for the Open AMT Cloud Toolkit software maintained by Intel(R) before versions 2.0.2 and 2.2.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

AuthZ

Uncontrolled search path elements in the Intel(R) Datacenter Group Event Android application, all versions, may

CVE-2022-25841 7.8 - High - August 18, 2022

Uncontrolled search path elements in the Intel(R) Datacenter Group Event Android application, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may

CVE-2022-27500 5.5 - Medium - August 18, 2022

Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may allow an authenticated user to potentially enable information disclosure via local access.

Incorrect Default Permissions

Improper access control in the Intel(R) DSA software for before version 22.2.14 may

CVE-2022-26017 8 - High - August 18, 2022

Improper access control in the Intel(R) DSA software for before version 22.2.14 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.

AuthZ

Incorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may

CVE-2022-26344 7.8 - High - August 18, 2022

Incorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Default Permissions

Incomplete cleanup in a firmware subsystem for Intel(R) SPS before versions SPS_E3_04.08.04.330.0 and SPS_E3_04.01.04.530.0 may

CVE-2022-26074 4.4 - Medium - August 18, 2022

Incomplete cleanup in a firmware subsystem for Intel(R) SPS before versions SPS_E3_04.08.04.330.0 and SPS_E3_04.01.04.530.0 may allow a privileged user to potentially enable denial of service via local access.

Insufficient Cleanup

Uncontrolled search path elements in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may

CVE-2022-21807 7.8 - High - August 18, 2022

Uncontrolled search path elements in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD), Icons by Icons8. Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.