Intel
Products by Intel Sorted by Most Security Vulnerabilities since 2018
@intel Tweets

Thu Mar 16 15:30:43 +0000 2023
By the Year
In 2023 there have been 54 vulnerabilities in Intel with an average score of 7.2 out of ten. Last year Intel had 101 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Intel in 2023 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2023 is greater by 0.22.
Year | Vulnerabilities | Average Score |
---|---|---|
2023 | 54 | 7.19 |
2022 | 101 | 6.97 |
2021 | 49 | 7.18 |
2020 | 114 | 6.92 |
2019 | 150 | 6.54 |
2018 | 72 | 6.65 |
It may take a day or so for new Intel vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Intel Security Vulnerabilities
Uncaught exception in the FCS Server software maintained by Intel before version 1.1.79.3 may
CVE-2022-36287
4.3 - Medium
- February 16, 2023
Uncaught exception in the FCS Server software maintained by Intel before version 1.1.79.3 may allow a privileged user to potentially enable denial of service via physical access.
Improper Handling of Exceptional Conditions
Insufficiently protected credentials in the Intel(R) ON Event Series Android application before version 2.0 may
CVE-2022-41614
5.5 - Medium
- February 16, 2023
Insufficiently protected credentials in the Intel(R) ON Event Series Android application before version 2.0 may allow an authenticated user to potentially enable information disclosure via local access.
Insufficiently Protected Credentials
Improper access control in the Intel(R) OFU software before version 14.1.28 may
CVE-2021-33104
5.5 - Medium
- February 16, 2023
Improper access control in the Intel(R) OFU software before version 14.1.28 may allow an authenticated user to potentially enable denial of service via local access.
Improper access control in the Crypto API Toolkit for Intel(R) SGX before version 2.0 commit ID 91ee496 may
CVE-2022-21163
7.8 - High
- February 16, 2023
Improper access control in the Crypto API Toolkit for Intel(R) SGX before version 2.0 commit ID 91ee496 may allow an authenticated user to potentially enable escalation of privilege via local access.
Server-side request forgery in the CVAT software maintained by Intel(R) before version 2.0.1 may
CVE-2022-27234
6.5 - Medium
- February 16, 2023
Server-side request forgery in the CVAT software maintained by Intel(R) before version 2.0.1 may allow an authenticated user to potentially enable information disclosure via network access.
XSPA
Improper access control in some QATzip software maintained by Intel(R) before version 1.0.9 may
CVE-2022-36369
7.8 - High
- February 16, 2023
Improper access control in some QATzip software maintained by Intel(R) before version 1.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect default permissions in the software installer for some Intel(R) QAT drivers for Linux before version 4.17 may
CVE-2022-36397
7.8 - High
- February 16, 2023
Incorrect default permissions in the software installer for some Intel(R) QAT drivers for Linux before version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Uncontrolled search path in some Intel(R) QAT drivers for Windows before version 1.6 may
CVE-2022-37340
7.3 - High
- February 16, 2023
Uncontrolled search path in some Intel(R) QAT drivers for Windows before version 1.6 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper neutralization in the Intel(R) EMA software before version 1.8.1.0 may
CVE-2022-38056
5.3 - Medium
- February 16, 2023
Improper neutralization in the Intel(R) EMA software before version 1.8.1.0 may allow a privileged user to potentially enable escalation of privilege via network access.
Uncontrolled search path in some Intel(R) Network Adapter installer software may
CVE-2022-41314
7.8 - High
- February 16, 2023
Uncontrolled search path in some Intel(R) Network Adapter installer software may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Out-of-bounds write in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may
CVE-2022-32575
7.8 - High
- February 16, 2023
Out-of-bounds write in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
Memory Corruption
Integer overflow in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may
CVE-2022-34843
7.8 - High
- February 16, 2023
Integer overflow in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
Integer Overflow or Wraparound
Out-of-bounds read in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may
CVE-2022-34864
7.8 - High
- February 16, 2023
Out-of-bounds read in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
Out-of-bounds Read
Improper access control in the Intel(R) SUR software before version 2.4.8902 may
CVE-2022-29514
9.8 - Critical
- February 16, 2023
Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Improper conditions check in the Intel(R) SUR software before version 2.4.8902 may
CVE-2022-30692
7.5 - High
- February 16, 2023
Improper conditions check in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable denial of service via network access.
Improper Check for Unusual or Exceptional Conditions
Improper access control in the Intel(R) SUR software before version 2.4.8902 may
CVE-2022-31476
5.5 - Medium
- February 16, 2023
Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable denial of service via local access.
Improper authentication in the Intel(R) SUR software before version 2.4.8902 may
CVE-2022-32971
7.2 - High
- February 16, 2023
Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow a privileged user to potentially enable escalation of privilege via network access.
authentification
Improper input validation in the Intel(R) SUR software before version 2.4.8902 may
CVE-2022-33190
7.8 - High
- February 16, 2023
Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.
Improper Input Validation
Improper authentication in the Intel(R) SUR software before version 2.4.8902 may
CVE-2022-33946
7.8 - High
- February 16, 2023
Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.
authentification
Improper input validation in the Intel(R) SUR software before version 2.4.8902 may
CVE-2022-33964
9.8 - Critical
- February 16, 2023
Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Improper Input Validation
Out-of-bounds read in the Intel(R) Media SDK software before version 22.2.2 may
CVE-2022-34346
7.8 - High
- February 16, 2023
Out-of-bounds read in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Out-of-bounds Read
Improper access control in the Intel(R) SUR software before version 2.4.8902 may
CVE-2022-34854
7.8 - High
- February 16, 2023
Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.
NULL pointer dereference in the Intel(R) Media SDK software before version 22.2.2 may
CVE-2022-35883
5.5 - Medium
- February 16, 2023
NULL pointer dereference in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable denial of service via local access.
NULL Pointer Dereference
Protection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may
CVE-2022-36289
5.5 - Medium
- February 16, 2023
Protection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable denial of service via local access.
Protection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may
CVE-2022-27170
7.8 - High
- February 16, 2023
Protection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Improper buffer restrictions in the Intel(R) Media SDK software before version 22.2.2 may
CVE-2022-34841
7.8 - High
- February 16, 2023
Improper buffer restrictions in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Buffer Overflow
Cross-site scripting in the Intel(R) Quartus Prime Pro and Standard edition software may
CVE-2022-26888
4.1 - Medium
- February 16, 2023
Cross-site scripting in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable information disclosure via local access.
XSS
Out-of-bounds read in firmware for the Intel(R) Integrated Sensor Solution before versions 5.4.2.4579v3, 5.4.1.4479 and 5.0.0.4143 may
CVE-2022-30339
4.4 - Medium
- February 16, 2023
Out-of-bounds read in firmware for the Intel(R) Integrated Sensor Solution before versions 5.4.2.4579v3, 5.4.1.4479 and 5.0.0.4143 may allow a privileged user to potentially enable denial of service via local access.
Out-of-bounds Read
Improper authentication in the Intel(R) Quartus Prime Pro and Standard edition software may
CVE-2022-32570
7.8 - High
- February 16, 2023
Improper authentication in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.
authentification
Improper access control in the Intel(R) FPGA SDK for OpenCL(TM) with Intel(R) Quartus(R) Prime Pro Edition software before version 22.1 may
CVE-2022-34157
7.8 - High
- February 16, 2023
Improper access control in the Intel(R) FPGA SDK for OpenCL(TM) with Intel(R) Quartus(R) Prime Pro Edition software before version 22.1 may allow authenticated user to potentially enable escalation of privilege via local access.
Active debug code in some Intel (R) SPS firmware before version SPS_E5_04.04.04.300.0 may
CVE-2022-36348
7.8 - High
- February 16, 2023
Active debug code in some Intel (R) SPS firmware before version SPS_E5_04.04.04.300.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Improper condition check in some Intel(R) SPS firmware before version SPS_E3_06.00.03.300.0 may
CVE-2022-36794
4.4 - Medium
- February 16, 2023
Improper condition check in some Intel(R) SPS firmware before version SPS_E3_06.00.03.300.0 may allow a privileged user to potentially enable denial of service via local access.
Improper Check for Unusual or Exceptional Conditions
Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro and Standard Edition software may
CVE-2022-37329
7.3 - High
- February 16, 2023
Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro and Standard Edition software may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Protection mechanism failure in the Intel(R) DSA software before version 22.4.26 may
CVE-2022-30530
7.8 - High
- February 16, 2023
Protection mechanism failure in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local access.
Description: Race condition in the Intel(R) DSA software before version 22.4.26 may
CVE-2022-32764
7 - High
- February 16, 2023
Description: Race condition in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local access.
Race Condition
Improper initialization in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may
CVE-2022-34153
7.8 - High
- February 16, 2023
Improper initialization in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Improper Initialization
Insufficient control flow management in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may
CVE-2022-36278
7.8 - High
- February 16, 2023
Insufficient control flow management in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Always-Incorrect Control Flow Implementation
Uncontrolled search path in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may
CVE-2022-36398
7.8 - High
- February 16, 2023
Uncontrolled search path in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may
CVE-2022-25905
7.3 - High
- February 16, 2023
Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Insecure inherited permissions in the Intel(R) oneAPI Toolkits oneapi-cli before version 0.2.0 may
CVE-2022-25992
7.8 - High
- February 16, 2023
Insecure inherited permissions in the Intel(R) oneAPI Toolkits oneapi-cli before version 0.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Uncontrolled search path element in the Intel(R) Distribution for Python programming language before version 2022.1 for Intel(R) oneAPI Toolkits may
CVE-2022-26032
7.3 - High
- February 16, 2023
Uncontrolled search path element in the Intel(R) Distribution for Python programming language before version 2022.1 for Intel(R) oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path element in the Intel(R) MPI Library before version 2021.6 for Intel(R) oneAPI HPC Toolkit may
CVE-2022-26052
7.3 - High
- February 16, 2023
Uncontrolled search path element in the Intel(R) MPI Library before version 2021.6 for Intel(R) oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path element in the Intel(R) Trace Analyzer and Collector before version 2021.6 for Intel(R) oneAPI HPC Toolkit may
CVE-2022-26062
7.3 - High
- February 16, 2023
Uncontrolled search path element in the Intel(R) Trace Analyzer and Collector before version 2021.6 for Intel(R) oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path element in the Intel(R) oneAPI Deep Neural Network (oneDNN) before version 2022.1 may
CVE-2022-26076
7.3 - High
- February 16, 2023
Uncontrolled search path element in the Intel(R) oneAPI Deep Neural Network (oneDNN) before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path element in the Intel(R) oneAPI Toolkit OpenMP before version 2022.1 may
CVE-2022-26345
7.3 - High
- February 16, 2023
Uncontrolled search path element in the Intel(R) oneAPI Toolkit OpenMP before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path element in the Intel(R) oneAPI DPC++/C++ Compiler Runtime before version 2022.0 may
CVE-2022-26421
7.3 - High
- February 16, 2023
Uncontrolled search path element in the Intel(R) oneAPI DPC++/C++ Compiler Runtime before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path element in the Intel(R) oneAPI Collective Communications Library (oneCCL) before version 2021.6 for Intel(R) oneAPI Base Toolkit may
CVE-2022-26425
7.3 - High
- February 16, 2023
Uncontrolled search path element in the Intel(R) oneAPI Collective Communications Library (oneCCL) before version 2021.6 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path element in the Intel(R) FPGA Add-on for Intel(R) oneAPI Base Toolkit before version 2022.2 may
CVE-2022-26512
7.3 - High
- February 16, 2023
Uncontrolled search path element in the Intel(R) FPGA Add-on for Intel(R) oneAPI Base Toolkit before version 2022.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper neutralization in the Intel(R) Quartus Prime Pro and Standard edition software may
CVE-2022-26840
7.8 - High
- February 16, 2023
Improper neutralization in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.
Path traversal in the Intel(R) Quartus Prime Pro and Standard edition software may
CVE-2022-33892
7.8 - High
- February 16, 2023
Path traversal in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.
Directory traversal
Insufficient control flow management in the Intel(R) Quartus Prime Pro and Standard edition software may
CVE-2022-33902
7.8 - High
- February 16, 2023
Insufficient control flow management in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.
Uncontrolled search path in the Intel(R) oneAPI DPC++/C++ Compiler for Windows and Intel Fortran Compiler for Windows before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may
CVE-2022-38136
7.3 - High
- February 06, 2023
Uncontrolled search path in the Intel(R) oneAPI DPC++/C++ Compiler for Windows and Intel Fortran Compiler for Windows before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 and Intel C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may
CVE-2022-40196
7.8 - High
- February 06, 2023
Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 and Intel C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Improper buffer restrictions in the Intel(R) C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may
CVE-2022-41342
7.8 - High
- February 06, 2023
Improper buffer restrictions in the Intel(R) C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.
Buffer Overflow
Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may
CVE-2022-26047
6.5 - Medium
- November 11, 2022
Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local access.
Improper Input Validation
Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may
CVE-2022-26341
8.8 - High
- November 11, 2022
Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may allow an authenticated user to potentially enable escalation of privilege via network access.
Insufficiently Protected Credentials
Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may
CVE-2021-33159
6.7 - Medium
- November 11, 2022
Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access.
authentification
Uncontrolled search path in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may
CVE-2022-26028
7.3 - High
- November 11, 2022
Uncontrolled search path in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may
CVE-2022-26086
7.3 - High
- November 11, 2022
Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Toolkit may
CVE-2021-26251
6.5 - Medium
- November 11, 2022
Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Toolkit may allow an authenticated user to potentially enable denial of service via network access.
Improper Input Validation
Improper authentication in the Intel(R) SDP Tool before version 3.0.0 may
CVE-2022-26508
7.5 - High
- November 11, 2022
Improper authentication in the Intel(R) SDP Tool before version 3.0.0 may allow an unauthenticated user to potentially enable information disclosure via network access.
authentification
Improper buffer restrictions in the Hyperscan library maintained by Intel(R) all versions downloaded before 04/29/2022 may
CVE-2022-29486
9.8 - Critical
- November 11, 2022
Improper buffer restrictions in the Hyperscan library maintained by Intel(R) all versions downloaded before 04/29/2022 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Buffer Overflow
Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may
CVE-2022-29515
5.5 - Medium
- November 11, 2022
Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local access.
Memory Leak
Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may
CVE-2022-29893
8.8 - High
- November 11, 2022
Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an authenticated user to potentially enable escalation of privilege via network access.
authentification
Cross-site scripting in the Intel(R) EMA software before version 1.8.0 may
CVE-2022-30297
7.8 - High
- November 11, 2022
Cross-site scripting in the Intel(R) EMA software before version 1.8.0 may allow a privileged user to potentially enable escalation of privilege via local access.
XSS
Uncontrolled search path element in the Intel(R) Glorp software may
CVE-2022-30548
7.8 - High
- November 11, 2022
Uncontrolled search path element in the Intel(R) Glorp software may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled resource consumption in the Intel(R) Support Android application before version 22.02.28 may
CVE-2022-30691
5.5 - Medium
- November 11, 2022
Uncontrolled resource consumption in the Intel(R) Support Android application before version 22.02.28 may allow an authenticated user to potentially enable denial of service via local access.
Resource Exhaustion
Protection mechanism failure in the Intel(R) DCM software before version 5.0 may
CVE-2022-33942
8.8 - High
- November 11, 2022
Protection mechanism failure in the Intel(R) DCM software before version 5.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may
CVE-2022-26845
9.8 - Critical
- November 11, 2022
Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
authentification
Null pointer dereference in firmware for Intel(R) AMT before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may
CVE-2022-27497
7.5 - High
- November 11, 2022
Null pointer dereference in firmware for Intel(R) AMT before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable denial of service via network access.
NULL Pointer Dereference
Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may
CVE-2022-27499
4.4 - Medium
- November 11, 2022
Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access.
Uncontrolled search path element in the Intel(R) Advanced Link Analyzer Pro before version 22.2 and Standard edition software before version 22.1.1 STD may
CVE-2022-27638
7.8 - High
- November 11, 2022
Uncontrolled search path element in the Intel(R) Advanced Link Analyzer Pro before version 22.2 and Standard edition software before version 22.1.1 STD may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700.0 may
CVE-2022-29466
5.5 - Medium
- November 11, 2022
Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700.0 may allow an authenticated user to potentially enable denial of service via local access.
Improper Input Validation
Incorrect default permissions in the Intel(R) Support Android application before version v22.02.28 may
CVE-2022-36367
4.4 - Medium
- November 11, 2022
Incorrect default permissions in the Intel(R) Support Android application before version v22.02.28 may allow a privileged user to potentially enable information disclosure via local access.
Incorrect Default Permissions
Uncontrolled search path in the software installer for Intel(R) System Studio for all versions, may
CVE-2021-33064
7.8 - High
- November 11, 2022
Uncontrolled search path in the software installer for Intel(R) System Studio for all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may
CVE-2022-27187
7.8 - High
- November 11, 2022
Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
XML injection in the Quartus(R) Prime Programmer included in the Intel(R) Quartus Prime Pro and Standard edition software may
CVE-2022-27233
7.5 - High
- November 11, 2022
XML injection in the Quartus(R) Prime Programmer included in the Intel(R) Quartus Prime Pro and Standard edition software may allow an unauthenticated user to potentially enable information disclosure via network access.
aka Blind XPath Injection
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may
CVE-2022-30944
5.5 - Medium
- August 18, 2022
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable information disclosure via local access.
Insufficiently Protected Credentials
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may
CVE-2022-30601
9.8 - Critical
- August 18, 2022
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable information disclosure and escalation of privilege via network access.
Insufficiently Protected Credentials
Improper access control in firmware for Intel(R) AMT and Intel(R) Standard Manageability may
CVE-2022-28697
6.8 - Medium
- August 18, 2022
Improper access control in firmware for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Improper neutralization in the Intel(R) Data Center Manager software before version 4.1 may
CVE-2022-21225
8 - High
- August 18, 2022
Improper neutralization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.
Improper authentication in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may
CVE-2022-22730
9.8 - Critical
- August 18, 2022
Improper authentication in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
authentification
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may
CVE-2022-21152
5.5 - Medium
- August 18, 2022
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable information disclosure via local access.
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may
CVE-2022-21148
7.8 - High
- August 18, 2022
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Improper Privilege Management
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may
CVE-2022-25966
7.8 - High
- August 18, 2022
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Improper Privilege Management
Improper access control in the Intel(R) Data Center Manager software before version 4.1 may
CVE-2022-23182
8.8 - High
- August 18, 2022
Improper access control in the Intel(R) Data Center Manager software before version 4.1 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
AuthZ
Incorrect default permissions for the Intel(R) Connect M Android application before version 1.7.4 may
CVE-2021-44470
5.5 - Medium
- August 18, 2022
Incorrect default permissions for the Intel(R) Connect M Android application before version 1.7.4 may allow an authenticated user to potentially enable information disclosure via local access.
Incorrect Default Permissions
Improper initialization in the Intel(R) Data Center Manager software before version 4.1 may
CVE-2022-24378
5.5 - Medium
- August 18, 2022
Improper initialization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access.
Improper Initialization
Improper input validation in the Intel(R) Data Center Manager software before version 4.1 may
CVE-2022-23403
5.5 - Medium
- August 18, 2022
Improper input validation in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access.
Improper Input Validation
Improper access control in the Intel(R) HAXM software before version 7.7.1 may
CVE-2022-21812
7.8 - High
- August 18, 2022
Improper access control in the Intel(R) HAXM software before version 7.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
AuthZ
Insufficiently protected credentials in the Intel(R) Datacenter Group Event iOS application, all versions, may
CVE-2022-30296
7.5 - High
- August 18, 2022
Insufficiently protected credentials in the Intel(R) Datacenter Group Event iOS application, all versions, may allow an unauthenticated user to potentially enable information disclosure via network access.
Insufficiently Protected Credentials
Insufficiently protected credentials in the installation binaries for Intel(R) SEAPI in all versions may
CVE-2022-26844
7.8 - High
- August 18, 2022
Insufficiently protected credentials in the installation binaries for Intel(R) SEAPI in all versions may allow an authenticated user to potentially enable escalation of privilege via local access.
Insufficiently Protected Credentials
Insufficiently protected credentials in the Intel(R) Team Blue mobile application in all versions may
CVE-2022-29507
5.5 - Medium
- August 18, 2022
Insufficiently protected credentials in the Intel(R) Team Blue mobile application in all versions may allow an authenticated user to potentially enable information disclosure via local access.
Insufficiently Protected Credentials
Authentication bypass for the Open AMT Cloud Toolkit software maintained by Intel(R) before versions 2.0.2 and 2.2.2 may
CVE-2022-25899
9.8 - Critical
- August 18, 2022
Authentication bypass for the Open AMT Cloud Toolkit software maintained by Intel(R) before versions 2.0.2 and 2.2.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
AuthZ
Uncontrolled search path elements in the Intel(R) Datacenter Group Event Android application, all versions, may
CVE-2022-25841
7.8 - High
- August 18, 2022
Uncontrolled search path elements in the Intel(R) Datacenter Group Event Android application, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may
CVE-2022-27500
5.5 - Medium
- August 18, 2022
Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may allow an authenticated user to potentially enable information disclosure via local access.
Incorrect Default Permissions
Improper access control in the Intel(R) DSA software for before version 22.2.14 may
CVE-2022-26017
8 - High
- August 18, 2022
Improper access control in the Intel(R) DSA software for before version 22.2.14 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.
AuthZ
Incorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may
CVE-2022-26344
7.8 - High
- August 18, 2022
Incorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Incomplete cleanup in a firmware subsystem for Intel(R) SPS before versions SPS_E3_04.08.04.330.0 and SPS_E3_04.01.04.530.0 may
CVE-2022-26074
4.4 - Medium
- August 18, 2022
Incomplete cleanup in a firmware subsystem for Intel(R) SPS before versions SPS_E3_04.08.04.330.0 and SPS_E3_04.01.04.530.0 may allow a privileged user to potentially enable denial of service via local access.
Insufficient Cleanup
Uncontrolled search path elements in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may
CVE-2022-21807
7.8 - High
- August 18, 2022
Uncontrolled search path elements in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading