Intel
Products by Intel Sorted by Most Security Vulnerabilities since 2018
Known Exploited Intel Vulnerabilities
The following Intel vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability | Intel ethernet diagnostics driver for Windows IQVW32.sys and IQVW64.sys contain an unspecified vulnerability that allows for a denial-of-service. CVE-2015-2291 | February 10, 2023 |
| Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageabilit | Intel products contain a vulnerability which can allow attackers to perform privilege escalation. CVE-2017-5689 | January 28, 2022 |
By the Year
In 2023 there have been 181 vulnerabilities in Intel with an average score of 7.2 out of ten. Last year Intel had 101 security vulnerabilities published. That is, 80 more vulnerabilities have already been reported in 2023 as compared to last year. However, the average CVE base score of the vulnerabilities in 2023 is greater by 0.21.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 181 | 7.18 |
| 2022 | 101 | 6.97 |
| 2021 | 52 | 7.13 |
| 2020 | 114 | 6.92 |
| 2019 | 150 | 6.54 |
| 2018 | 72 | 6.65 |
It may take a day or so for new Intel vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Intel Security Vulnerabilities
Protection mechanism failure in some Intel(R) oneAPI HPC Toolkit 2023.1 and Intel(R)MPI Library software before version 2021.9 may
CVE-2023-27383
6.8 - Medium
- November 14, 2023
Protection mechanism failure in some Intel(R) oneAPI HPC Toolkit 2023.1 and Intel(R)MPI Library software before version 2021.9 may allow a privileged user to potentially enable escalation of privilege via adjacent access.
Uncontrolled search path element in some Intel(R) Server Information Retrieval Utility software before version 16.0.9 may
CVE-2023-27513
7.8 - High
- November 14, 2023
Uncontrolled search path element in some Intel(R) Server Information Retrieval Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path element in some Intel(R) Chipset Device Software before version 10.1.19444.8378 may
CVE-2023-28388
7.8 - High
- November 14, 2023
Uncontrolled search path element in some Intel(R) Chipset Device Software before version 10.1.19444.8378 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper access control for some Intel Unison software may
CVE-2022-41659
4.4 - Medium
- November 14, 2023
Improper access control for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.
Improper buffer restrictions in some Intel(R) QAT Library software before version 22.07.1 may
CVE-2023-22313
2.3 - Low
- November 14, 2023
Improper buffer restrictions in some Intel(R) QAT Library software before version 22.07.1 may allow a privileged user to potentially enable information disclosure via local access.
Buffer Overflow
Path traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023.1 may
CVE-2023-24592
7.8 - High
- November 14, 2023
Path traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023.1 may allow authenticated user to potentially enable escalation of privilege via local access.
Directory traversal
Unquoted search path in the installer for some Intel Server Configuration Utility software before version 16.0.9 may
CVE-2023-25075
7.8 - High
- November 14, 2023
Unquoted search path in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
Unquoted Search Path or Element
Protection mechanism failure in some Intel(R) Distribution of OpenVINO toolkit software before version 2023.0.0 may
CVE-2023-25080
5.5 - Medium
- November 14, 2023
Protection mechanism failure in some Intel(R) Distribution of OpenVINO toolkit software before version 2023.0.0 may allow an authenticated user to potentially enable information disclosure via local access.
Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before version 2.0.21.0 may
CVE-2022-33898
7.8 - High
- November 14, 2023
Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before version 2.0.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Improper access control in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may
CVE-2022-38786
7.8 - High
- November 14, 2023
Improper access control in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Improper access control in some Intel In-Band Manageability software before version 3.0.14 may
CVE-2022-41689
7.8 - High
- November 14, 2023
Improper access control in some Intel In-Band Manageability software before version 3.0.14 may allow an authenticated user to potentially enable escalation of privilege via local access.
Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software before version 2.0.0.9 may
CVE-2022-41700
7.8 - High
- November 14, 2023
Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software before version 2.0.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Protection mechanism failure in some Intel DCM software before version 5.2 may
CVE-2023-31273
9.8 - Critical
- November 14, 2023
Protection mechanism failure in some Intel DCM software before version 5.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Improper Privilege Management
Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may
CVE-2023-32641
8.8 - High
- November 14, 2023
Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access.
Improper authorization in some Intel Battery Life Diagnostic Tool installation software before version 2.2.1 may
CVE-2023-32662
6.7 - Medium
- November 14, 2023
Improper authorization in some Intel Battery Life Diagnostic Tool installation software before version 2.2.1 may allow a privilaged user to potentially enable escalation of privilege via local access.
Improper access control in the Intel Support android application all verions may
CVE-2023-33872
5.5 - Medium
- November 14, 2023
Improper access control in the Intel Support android application all verions may allow an authenticated user to potentially enable information disclosure via local access.
Insecure inherited permissions in some Intel(R) Simics Simulator software before version 1.7.2 may
CVE-2023-34314
7.8 - High
- November 14, 2023
Insecure inherited permissions in some Intel(R) Simics Simulator software before version 1.7.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Uncontrolled search path element in some Intel(R) XTU software before version 7.12.0.15 may
CVE-2023-34350
7.8 - High
- November 14, 2023
Uncontrolled search path element in some Intel(R) XTU software before version 7.12.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may
CVE-2023-34430
7.8 - High
- November 14, 2023
Uncontrolled search path in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Insecure inherited permissions in the installer for some Intel Server Configuration Utility software before version 16.0.9 may
CVE-2023-34997
7.8 - High
- November 14, 2023
Insecure inherited permissions in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Uncontrolled search path element in some Intel(R) RealSense(TM) Dynamic Calibration software before version 2.13.1.0 may
CVE-2023-29504
7.8 - High
- November 14, 2023
Uncontrolled search path element in some Intel(R) RealSense(TM) Dynamic Calibration software before version 2.13.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper input validation in some OpenVINO Model Server software before version 2022.3 for Intel Distribution of OpenVINO toolkit may
CVE-2023-31203
7.5 - High
- November 14, 2023
Improper input validation in some OpenVINO Model Server software before version 2022.3 for Intel Distribution of OpenVINO toolkit may allow an unauthenticated user to potentially enable denial of service via network access.
Improper access control in user mode driver for some Intel(R) Connectivity Performance Suite before version 2.1123.214.2 may
CVE-2023-32279
7.5 - High
- November 14, 2023
Improper access control in user mode driver for some Intel(R) Connectivity Performance Suite before version 2.1123.214.2 may allow unauthenticated user to potentially enable information disclosure via network access.
Insertion of sensitive information into log file in some Intel(R) On Demand software before versions 1.16.2, 2.1.1, 3.1.0 may
CVE-2023-32283
5.5 - Medium
- November 14, 2023
Insertion of sensitive information into log file in some Intel(R) On Demand software before versions 1.16.2, 2.1.1, 3.1.0 may allow an authenticated user to potentially enable information disclosure via local access.
Insertion of Sensitive Information into Log File
Incorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may
CVE-2023-32638
7.8 - High
- November 14, 2023
Incorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Improper access control in the Intel Smart Campus android application before version 9.4 may
CVE-2023-38411
7.8 - High
- November 14, 2023
Improper access control in the Intel Smart Campus android application before version 9.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may
CVE-2023-39230
7.8 - High
- November 14, 2023
Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Improper access control in some Intel(R) OFU software before version 14.1.31 may
CVE-2023-29157
7.8 - High
- November 14, 2023
Improper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.
Uncontrolled search path in some Intel(R) OFU software before version 14.1.31 may
CVE-2023-29161
7.8 - High
- November 14, 2023
Uncontrolled search path in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper access control in some Intel(R) OFU software before version 14.1.31 may
CVE-2023-32204
7.8 - High
- November 14, 2023
Improper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.
Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R) Quartus(R) Prime Pro Edition for linux before version 22.4 may
CVE-2023-24478
5.5 - Medium
- August 15, 2023
Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R) Quartus(R) Prime Pro Edition for linux before version 22.4 may allow an authenticated user to potentially enable information disclosure via local access.
Use of Insufficiently Random Values
Uncontrolled search path element in some Intel(R) PSR SDK before version 1.0.0.20 may
CVE-2023-29151
7.8 - High
- August 11, 2023
Uncontrolled search path element in some Intel(R) PSR SDK before version 1.0.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper access control in some Intel(R) VROC software before version 8.0.0.4035 may
CVE-2022-45112
7.8 - High
- August 11, 2023
Improper access control in some Intel(R) VROC software before version 8.0.0.4035 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect default permissions in some Intel(R) SDP Tool software before version 1.4 build 5 may
CVE-2023-31246
7.8 - High
- August 11, 2023
Incorrect default permissions in some Intel(R) SDP Tool software before version 1.4 build 5 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Improper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may
CVE-2023-22840
5.5 - Medium
- August 11, 2023
Improper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable denial of service via local access.
Uncontrolled search path for the Intel(R) AI Hackathon software before version 2.0.0 may
CVE-2023-28380
8.8 - High
- August 11, 2023
Uncontrolled search path for the Intel(R) AI Hackathon software before version 2.0.0 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
DLL preloading
Uncontrolled search path in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2022.3.0 may
CVE-2023-28405
7.8 - High
- August 11, 2023
Uncontrolled search path in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2022.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Insufficient control flow management in the Hyperscan Library maintained by Intel(R) before version 5.4.1 may
CVE-2023-28711
5.5 - Medium
- August 11, 2023
Insufficient control flow management in the Hyperscan Library maintained by Intel(R) before version 5.4.1 may allow an authenticated user to potentially enable denial of service via local access.
Always-Incorrect Control Flow Implementation
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may
CVE-2023-28823
7.3 - High
- August 11, 2023
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Cross-site scripting (XSS) for the Intel(R) DSA software before version 23.1.9 may
CVE-2023-27515
9.6 - Critical
- August 11, 2023
Cross-site scripting (XSS) for the Intel(R) DSA software before version 23.1.9 may allow unauthenticated user to potentially enable escalation of privilege via network access.
XSS
Incorrect default permissions in the Intel(R) ITS sofware before version 3.1 may
CVE-2023-32543
7.8 - High
- August 11, 2023
Incorrect default permissions in the Intel(R) ITS sofware before version 3.1 may allow authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may
CVE-2023-25775
9.8 - Critical
- August 11, 2023
Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Uncontrolled search path element in some Intel(R) VCUST Tool software downloaded before February 3nd 2023 may
CVE-2023-25944
7.8 - High
- August 11, 2023
Uncontrolled search path element in some Intel(R) VCUST Tool software downloaded before February 3nd 2023 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path in some Intel(R) oneMKL software before version 2022.0 may
CVE-2022-25864
7.8 - High
- August 11, 2023
Uncontrolled search path in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path in some Intel(R) RST software before versions 16.8.5.1014.5, 17.11.3.1010.2, 18.7.6.1011.2 and 19.5.2.1049.5 may
CVE-2022-43456
7.8 - High
- August 11, 2023
Uncontrolled search path in some Intel(R) RST software before versions 16.8.5.1014.5, 17.11.3.1010.2, 18.7.6.1011.2 and 19.5.2.1049.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
Untrusted Path
Improper input validation for the Intel(R) Easy Streaming Wizard software may
CVE-2023-26587
7.8 - High
- August 11, 2023
Improper input validation for the Intel(R) Easy Streaming Wizard software may allow an authenticated user to potentially enable escalation of privilege via local access.
Improper Input Validation
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may
CVE-2023-27391
6.7 - Medium
- August 11, 2023
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.
Incorrect default permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may
CVE-2023-27505
7.8 - High
- August 11, 2023
Incorrect default permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Insecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may
CVE-2023-28658
7.8 - High
- August 11, 2023
Insecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Incorrect default permissions in some Intel(R) RealSense(TM) SDKs in version 2.53.1 may
CVE-2023-32663
7.8 - High
- August 11, 2023
Incorrect default permissions in some Intel(R) RealSense(TM) SDKs in version 2.53.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Improper access control in the Intel® DTT Software before version 8.7.10400.15482 may
CVE-2022-29470
7.8 - High
- August 11, 2023
Improper access control in the Intel® DTT Software before version 8.7.10400.15482 may allow an authenticated user to potentially enable escalation of privilege via local access.
Improper access control in some Intel(R) ISPC software installers before version 1.19.0 may
CVE-2023-27509
7.8 - High
- August 11, 2023
Improper access control in some Intel(R) ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access.
Improper access control in some Intel(R) Unison(TM) software before version 10.12 may
CVE-2023-25757
7.2 - High
- August 11, 2023
Improper access control in some Intel(R) Unison(TM) software before version 10.12 may allow a privileged user to potentially enable escalation of privilege via network access.
Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may
CVE-2022-29887
9.6 - Critical
- August 11, 2023
Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
XSS
Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may
CVE-2022-44612
5.5 - Medium
- August 11, 2023
Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access.
Use of Hard-coded Credentials
Out-of-bounds read in some Intel(R) oneVPL GPU software before version 22.6.5 may
CVE-2023-22338
5.5 - Medium
- August 11, 2023
Out-of-bounds read in some Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable information disclosure via local access.
Out-of-bounds Read
Uncontrolled search path element in the Intel(R) Unite(R) Client software for Mac before version 4.2.11 may
CVE-2023-25182
7.8 - High
- August 11, 2023
Uncontrolled search path element in the Intel(R) Unite(R) Client software for Mac before version 4.2.11 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper access control in the Intel(R) Unite(R) Hub software installer for Windows before version 4.2.34962 may
CVE-2023-25773
7.8 - High
- August 11, 2023
Improper access control in the Intel(R) Unite(R) Hub software installer for Windows before version 4.2.34962 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect default permissions in the Intel(R) Support android application before version v23.02.07 may
CVE-2023-27392
4.4 - Medium
- August 11, 2023
Incorrect default permissions in the Intel(R) Support android application before version v23.02.07 may allow a privileged user to potentially enable information disclosure via local access.
Incorrect Default Permissions
Improper buffer restrictions in the Intel(R) Optimization for Tensorflow software before version 2.12 may
CVE-2023-27506
7.8 - High
- August 11, 2023
Improper buffer restrictions in the Intel(R) Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access.
Buffer Overflow
Improper access control in the Intel Unite(R) android application before version 4.2.3504 may
CVE-2023-32609
5.5 - Medium
- August 11, 2023
Improper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enable information disclosure via local access.
Improper access control for Intel(R) oneAPI Toolkits before version 2021.1 Beta 10 may
CVE-2023-29242
7.8 - High
- May 12, 2023
Improper access control for Intel(R) oneAPI Toolkits before version 2021.1 Beta 10 may allow an authenticated user to potentially enable escalation of privilege via local access.
Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may
CVE-2023-30763
6.7 - Medium
- May 12, 2023
Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may allow a privileged user to potentially enable escalation of privilege via local access.
Memory Corruption
Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may
CVE-2023-31197
7.8 - High
- May 12, 2023
Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper access control in the Intel(R) Solid State Drive Toolbox(TM) before version 3.4.5 may
CVE-2023-31199
6.7 - Medium
- May 12, 2023
Improper access control in the Intel(R) Solid State Drive Toolbox(TM) before version 3.4.5 may allow a privileged user to potentially enable escalation of privilege via local access.
Incorrect default permissions for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may
CVE-2022-36391
7.8 - High
- May 10, 2023
Incorrect default permissions for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Out-of-bounds write in software for the Intel QAT Driver for Windows before version 1.9.0-0008 may
CVE-2022-21804
7.8 - High
- May 10, 2023
Out-of-bounds write in software for the Intel QAT Driver for Windows before version 1.9.0-0008 may allow an authenticated user to potentially enable escalation of privilege via local access.
Memory Corruption
Out-of-bounds read in software for the Intel QAT Driver for Windows before version 1.9.0-0008 may
CVE-2022-21239
5.5 - Medium
- May 10, 2023
Out-of-bounds read in software for the Intel QAT Driver for Windows before version 1.9.0-0008 may allow an authenticated user to potentially enable information disclosure via local access.
Out-of-bounds Read
Uncontrolled search path for the Intel(R) HDMI Firmware Update tool for NUC before version 1.79.1.1 may
CVE-2022-21162
7.3 - High
- May 10, 2023
Uncontrolled search path for the Intel(R) HDMI Firmware Update tool for NUC before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper buffer restriction in software for the Intel QAT Driver for Linux before version 1.7.l.4.12 may
CVE-2022-41808
5.5 - Medium
- May 10, 2023
Improper buffer restriction in software for the Intel QAT Driver for Linux before version 1.7.l.4.12 may allow an authenticated user to potentially enable denial of service via local access.
Buffer Overflow
Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may
CVE-2022-41771
5.5 - Medium
- May 10, 2023
Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable information disclosure via local access.
Incorrect Permission Assignment for Critical Resource
Insufficiently protected credentials in the Intel(R) DCM software before version 5.0.1 may
CVE-2022-40685
6.5 - Medium
- May 10, 2023
Insufficiently protected credentials in the Intel(R) DCM software before version 5.0.1 may allow an authenticated user to potentially enable information disclosure via network access.
Insufficiently Protected Credentials
Exposure of data element to wrong session in the Intel DCM software before version 5.0.1 may
CVE-2022-40210
7.8 - High
- May 10, 2023
Exposure of data element to wrong session in the Intel DCM software before version 5.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Exposure of Resource to Wrong Sphere
Incorrect default permissions in the Intel(R) VROC software before version 7.7.6.1003 may
CVE-2022-30338
7.8 - High
- May 10, 2023
Incorrect default permissions in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Use after free in the Intel(R) VROC software before version 7.7.6.1003 may
CVE-2022-29919
7.8 - High
- May 10, 2023
Use after free in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access.
Dangling pointer
Null pointer dereference in the Intel(R) VROC software before version 7.7.6.1003 may
CVE-2022-29508
7.8 - High
- May 10, 2023
Null pointer dereference in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access.
NULL Pointer Dereference
Improper input validation in the Intel(R) VROC software before version 7.7.6.1003 may
CVE-2022-25976
5.5 - Medium
- May 10, 2023
Improper input validation in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable denial of service via local access.
Improper Input Validation
Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may
CVE-2022-41699
7.8 - High
- May 10, 2023
Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may
CVE-2022-41621
5.5 - Medium
- May 10, 2023
Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable information disclosure via local access.
Incomplete cleanup in the Intel(R) IPP Cryptography software before version 2021.6 may
CVE-2022-40974
5.5 - Medium
- May 10, 2023
Incomplete cleanup in the Intel(R) IPP Cryptography software before version 2021.6 may allow a privileged user to potentially enable information disclosure via local access.
Insufficient Cleanup
Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may
CVE-2022-40972
7.8 - High
- May 10, 2023
Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Insecure inherited permissions in the Intel(R) NUC Software Studio Service installer before version 1.17.38.0 may
CVE-2022-38103
7.8 - High
- May 10, 2023
Insecure inherited permissions in the Intel(R) NUC Software Studio Service installer before version 1.17.38.0 may allow an authenticated user to potentially enable escalation of privilege via local access
Incorrect Permission Assignment for Critical Resource
Improper authentication in the Intel(R) DCM software before version 5.1 may
CVE-2022-44610
8.8 - High
- May 10, 2023
Improper authentication in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via network access.
authentification
Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may
CVE-2022-43475
7.8 - High
- May 10, 2023
Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Insecure Storage of Sensitive Information
Improper authorization in the Intel(R) SCS software all versions may
CVE-2022-43465
5.5 - Medium
- May 10, 2023
Improper authorization in the Intel(R) SCS software all versions may allow an authenticated user to potentially enable denial of service via local access.
AuthZ
Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may
CVE-2022-42878
5.5 - Medium
- May 10, 2023
Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.
NULL Pointer Dereference
Protection mechanism failure in the Intel(R) DCM software before version 5.1 may
CVE-2022-41979
8.8 - High
- May 10, 2023
Protection mechanism failure in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via network access.
Incorrect default permissions in the software installer for Intel(R) Unite(R) Client software for Windows before version 4.2.34870 may
CVE-2022-33963
7.8 - High
- May 10, 2023
Incorrect default permissions in the software installer for Intel(R) Unite(R) Client software for Windows before version 4.2.34870 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Out-of-bounds write for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may
CVE-2023-23910
7.8 - High
- May 10, 2023
Out-of-bounds write for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access.
Memory Corruption
Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may
CVE-2023-23909
5.5 - Medium
- May 10, 2023
Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.
Out-of-bounds Read
Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may
CVE-2023-23580
7.8 - High
- May 10, 2023
Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access.
Memory Corruption
Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may
CVE-2023-23569
7.8 - High
- May 10, 2023
Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable escalation of privilege via local access.
Memory Corruption
Improper authorization in the Intel(R) EMA software before version 1.9.0.0 may
CVE-2022-45128
5.5 - Medium
- May 10, 2023
Improper authorization in the Intel(R) EMA software before version 1.9.0.0 may allow an authenticated user to potentially enable denial of service via local access.
AuthZ
Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may
CVE-2022-44619
7.8 - High
- May 10, 2023
Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Insecure Storage of Sensitive Information
Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may
CVE-2022-42465
6.7 - Medium
- May 10, 2023
Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may allow a privileged user to potentially enable escalation of privilege via local access.
Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may
CVE-2022-41784
7.8 - High
- May 10, 2023
Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may allow an authenticated user to potentially enable escalation of privilege via local access
Improper access control in the Intel(R) Retail Edge android application before version 3.0.301126-RELEASE may
CVE-2022-46279
5.5 - Medium
- May 10, 2023
Improper access control in the Intel(R) Retail Edge android application before version 3.0.301126-RELEASE may allow an authenticated user to potentially enable information disclosure via local access.
Uncontrolled search path in the Intel(R) MacCPUID software before version 3.2 may
CVE-2022-27180
7.8 - High
- May 10, 2023
Uncontrolled search path in the Intel(R) MacCPUID software before version 3.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path in the Intel(R) Unite(R) Plugin SDK before version 4.2 may
CVE-2022-32576
7.8 - High
- May 10, 2023
Uncontrolled search path in the Intel(R) Unite(R) Plugin SDK before version 4.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper buffer restrictions in the Intel(R) QAT Engine for OpenSSL before version 0.6.16 may
CVE-2022-43507
8.8 - High
- May 10, 2023
Improper buffer restrictions in the Intel(R) QAT Engine for OpenSSL before version 0.6.16 may allow a privileged user to potentially enable escalation of privilege via network access.
Classic Buffer Overflow