Intel Intel

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Intel product.

RSS Feeds for Intel security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Intel products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Intel Sorted by Most Security Vulnerabilities since 2018

Intel Graphics Driver52 vulnerabilities

Intel Quartus Prime32 vulnerabilities

Intel Data Center Manager31 vulnerabilities

Intel Thunderbolt Dch Driver25 vulnerabilities

Intel Driver Support Assistant22 vulnerabilities

Known Exploited Intel Vulnerabilities

The following Intel vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability Intel ethernet diagnostics driver for Windows IQVW32.sys and IQVW64.sys contain an unspecified vulnerability that allows for a denial-of-service.
CVE-2015-2291 Exploit Probability: 3.4%
February 10, 2023
Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageabilit Intel products contain a vulnerability which can allow attackers to perform privilege escalation.
CVE-2017-5689 Exploit Probability: 94.3%
January 28, 2022

The vulnerability CVE-2017-5689: Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageabilit is in the top 1% of the currently known exploitable vulnerabilities.

By the Year

In 2025 there have been 0 vulnerabilities in Intel. Last year, in 2024 Intel had 148 security vulnerabilities published. Right now, Intel is on track to have less security vulnerabilities in 2025 than it did last year.




Year Vulnerabilities Average Score
2025 0 0.00
2024 148 6.91
2023 182 7.18
2022 121 6.98
2021 52 7.13
2020 114 6.92
2019 150 6.54
2018 72 6.65

It may take a day or so for new Intel vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Intel Security Vulnerabilities

Intel(R) SDP Tool for Windows: Privilege Escalation via Incorrect Default Permissions

CVE-2024-35201 7.8 - High - November 13, 2024

Incorrect default permissions in the Intel(R) SDP Tool for Windows software all versions may allow an authenticated user to enable escalation of privilege via local access.

Incorrect Default Permissions

Intel(R) Quartus(R) Prime Pro Edition: Uncontrolled Search Path Privilege Escalation Vulnerability

CVE-2024-38383 7.8 - High - November 13, 2024

Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition software for Windows before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Intel(R) CIP Software Insecure Inherited Permissions Privilege Escalation Vulnerability

CVE-2024-36276 7.8 - High - November 13, 2024

Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Permission Assignment for Critical Resource

Intel(R) CIP Software Privilege Escalation Vulnerability

CVE-2024-36482 6.7 - Medium - November 13, 2024

Improper input validation in some Intel(R) CIP software before version 2.4.10852 may allow a privileged user to potentially enable escalation of privilege via local access.

Improper Input Validation

Intel VROC Software Privilege Escalation Vulnerability

CVE-2024-29079 7.8 - High - November 13, 2024

Insufficient control flow management in some Intel(R) VROC software before version 8.6.0.3001 may allow an authenticated user to potentially enable escalation of privilege via local access.

Insufficient Control Flow Management

Intel(R) Xeon(R) Processor Family (E-Core) SPP Protection Mechanism Failure Privilege Escalation Vul

CVE-2024-38660 - November 13, 2024

Protection mechanism failure in the SPP for some Intel(R) Xeon(R) processor family (E-Core) may allow an authenticated user to potentially enable escalation of privilege via local access.

Protection Mechanism Failure

Intel(R) Distribution of OpenVINO(TM) Model Server: Improper Input Validation Vulnerability

CVE-2024-32048 - November 13, 2024

Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Model Server software before version 2024.0 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Improper Input Validation

Intel Server Board M70KLP UEFI Firmware Privilege Escalation Vulnerability

CVE-2024-39609 6.7 - Medium - November 13, 2024

Improper Access Control in UEFI firmware for some Intel(R) Server Board M70KLP may allow a privileged user to potentially enable escalation of privilege via local access.

Authorization

Intel(R) SDP Tool for Windows: Uncontrolled Search Path Privilege Escalation Vulnerability

CVE-2024-36253 7.8 - High - November 13, 2024

Uncontrolled search path in the Intel(R) SDP Tool for Windows software all version may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Intel(R) oneAPI Math Kernel Library: Uncontrolled Search Path Privilege Escalation Vulnerability

CVE-2024-28950 - November 13, 2024

Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library software for Windows before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Intel(R) DSA Software Insecure Inherited Permissions Privilege Escalation Vulnerability

CVE-2024-36294 7.8 - High - November 13, 2024

Insecure inherited permissions for some Intel(R) DSA software before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Permission Assignment for Critical Resource

Intel Server Board M10JNP2SB Family UEFI Firmware Privilege Escalation Vulnerability

CVE-2024-41167 6.7 - Medium - November 13, 2024

Improper input validation in UEFI firmware in some Intel(R) Server Board M10JNP2SB Family may allow a privileged user to potentially enable escalation of privilege via local access.

Intel(R) DSA Improper Access Control Privilege Escalation Vulnerability

CVE-2024-36488 7.8 - High - November 13, 2024

Improper Access Control in some Intel(R) DSA before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access.

Authorization

Intel(R) Xeon(R) Processors UEFI Firmware Control Flow Management Vulnerability

CVE-2024-25565 - November 13, 2024

Insufficient control flow management in UEFI firmware for some Intel(R) Xeon(R) Processors may allow an authenticated user to enable denial of service via local access.

Insufficient Control Flow Management

Intel(R) Graphics Driver: Uncontrolled Search Path Vulnerability

CVE-2024-38387 - November 13, 2024

Uncontrolled search path in the Intel(R) Graphics Driver installers for versions 15.40 and 15.45 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Intel Graphics Drivers: Out-of-Bounds Write Privilege Escalation Vulnerability

CVE-2024-38665 - November 13, 2024

Out-of-bounds write in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access.

Memory Corruption

Intel VROC Software: Improper Input Validation Denial of Service Vulnerability

CVE-2024-32485 5.5 - Medium - November 13, 2024

Improper Input Validation in some Intel(R) VROC software before version 8.6.0.2003 may allow an authenticated user to potentially enable denial of service via local access.

Improper Input Validation

Intel(R) Quartus(R) Prime Standard Edition: Uncontrolled Search Path Privilege Escalation Vulnerabil

CVE-2024-38668 7.8 - High - November 13, 2024

Uncontrolled search path for some Intel(R) Quartus(R) Prime Standard Edition software for Windows before version 23.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Intel(R) VTune(TM) Profiler: Improper Input Validation Vulnerability

CVE-2024-37027 - November 13, 2024

Improper Input validation in some Intel(R) VTune(TM) Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable denial of service via local access.

Improper Input Validation

Intel SGX SDK: Out-of-Bounds Write Privilege Escalation Vulnerability

CVE-2024-34776 - November 13, 2024

Out-of-bounds write in some Intel(R) SGX SDK software may allow an authenticated user to potentially enable escalation of privilege via local access.

Memory Corruption

Intel Graphics Drivers: Improper Buffer Restrictions Leading to Denial of Service

CVE-2024-34170 - November 13, 2024

Improper buffer restrictions in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access.

DEPRECATED: Improper Sanitization of Custom Special Characters

Intel VTune Profiler Uncontrolled Search Path Element Privilege Escalation Vulnerability

CVE-2024-36245 - November 13, 2024

Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Intel(R) Distribution for Python: Incorrect Default Permissions Leading to Privilege Escalation

CVE-2024-29083 - November 13, 2024

Incorrect default permissions in some Intel(R) Distribution for Python software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Default Permissions

Intel Graphics Drivers: Untrusted Pointer Dereference Privilege Escalation Vulnerability

CVE-2024-34023 - November 13, 2024

Untrusted pointer dereference in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access.

Untrusted Pointer Dereference

Improper access control in Intel(R) RAID Web Console all versions may

CVE-2024-28170 5.5 - Medium - September 16, 2024

Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable information disclosure via local access.

Authorization

NULL pointer dereference in Intel(R) RAID Web Console software for all versions may

CVE-2024-32666 5.5 - Medium - September 16, 2024

NULL pointer dereference in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable denial of service via local access.

NULL Pointer Dereference

Improper access control in Intel(R) RAID Web Console software for all versions may

CVE-2024-34543 7.8 - High - September 16, 2024

Improper access control in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Authorization

Uncaught exception in Intel(R) RAID Web Console software all versions may

CVE-2024-33848 5.5 - Medium - September 16, 2024

Uncaught exception in Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable denial of service via local access.

Uncaught Exception

Improper input validation in some Intel(R) RAID Web Console software all versions may

CVE-2024-34545 5.7 - Medium - September 16, 2024

Improper input validation in some Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable information disclosure via adjacent access.

Improper access control in Intel(R) RAID Web Console software for all versions may

CVE-2024-32940 5.7 - Medium - September 16, 2024

Improper access control in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable denial of service via adjacent access.

Authorization

Improper access control in Intel(R) RAID Web Console software all versions may

CVE-2024-36261 5.7 - Medium - September 16, 2024

Improper access control in Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable denial of service via adjacent access.

Authorization

Uncontrolled search path element in Intel(R) RAID Web Console software for all versions may

CVE-2024-34153 7.8 - High - September 16, 2024

Uncontrolled search path element in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Improper access control in Intel(R) RAID Web Console all versions may

CVE-2024-36247 5.7 - Medium - September 16, 2024

Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable denial of service via adjacent access.

Authorization

Improper access control for some Intel(R) CIP software before version 2.4.10717 may

CVE-2023-43489 5.5 - Medium - August 14, 2024

Improper access control for some Intel(R) CIP software before version 2.4.10717 may allow an authenticated user to potentially enable denial of service via local access.

improper access control in firmware for some Intel(R) FPGA products before version 24.1 may

CVE-2024-25576 7.9 - High - August 14, 2024

improper access control in firmware for some Intel(R) FPGA products before version 24.1 may allow a privileged user to enable escalation of privilege via local access.

Uncontrolled search path in some Intel(R) IPP software before version 2021.11 may

CVE-2024-28887 7.8 - High - August 14, 2024

Uncontrolled search path in some Intel(R) IPP software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Improper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may

CVE-2024-28947 8.2 - High - August 14, 2024

Improper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may allow a privileged user to potentially enable escalation of privilege via local access.

Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may

CVE-2024-25561 7.8 - High - August 14, 2024

Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Permission Assignment for Critical Resource

Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may

CVE-2024-39283 7.8 - High - August 14, 2024

Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncontrolled search path for some Intel(R) VROC software before version 8.6.0.1191 may

CVE-2024-23489 7.3 - High - August 14, 2024

Uncontrolled search path for some Intel(R) VROC software before version 8.6.0.1191 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Uncontrolled search path in some Intel(R) VTune(TM) Profiler software before versions 2024.1 may

CVE-2024-29015 7.8 - High - August 14, 2024

Uncontrolled search path in some Intel(R) VTune(TM) Profiler software before versions 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software before version 23.4 may

CVE-2024-23907 7.8 - High - August 14, 2024

Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Protection mechanism failure in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 28.3 may

CVE-2024-23499 7.5 - High - August 14, 2024

Protection mechanism failure in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 28.3 may allow an unauthenticated user to potentially enable denial of service via network access.

Out-of-bounds write in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may

CVE-2024-23497 8.8 - High - August 14, 2024

Out-of-bounds write in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Memory Corruption

Uncontrolled search path for some Intel(R) License Manager for FLEXlm product software before version 11.19.5.0 may

CVE-2024-24977 7.8 - High - August 14, 2024

Uncontrolled search path for some Intel(R) License Manager for FLEXlm product software before version 11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Improper access control in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may

CVE-2024-24986 8.8 - High - August 14, 2024

Improper access control in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncontrolled search path in some Intel(R) FPGA SDK for OpenCL(TM) software technology may

CVE-2024-23909 7.8 - High - August 14, 2024

Uncontrolled search path in some Intel(R) FPGA SDK for OpenCL(TM) software technology may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may

CVE-2024-23981 8.8 - High - August 14, 2024

Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Calculation

Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before version v11.19.5.0 may

CVE-2024-23908 7.8 - High - August 14, 2024

Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before version v11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Incorrect Permission Assignment for Critical Resource

Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition Design Software before version 24.1 may

CVE-2024-22184 7.8 - High - August 14, 2024

Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition Design Software before version 24.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

DLL preloading

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.