Intel
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Intel product.
RSS Feeds for Intel security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Intel products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Intel Sorted by Most Security Vulnerabilities since 2018
Known Exploited Intel Vulnerabilities
The following Intel vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
Title | Description | Added |
---|---|---|
Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability |
Intel ethernet diagnostics driver for Windows IQVW32.sys and IQVW64.sys contain an unspecified vulnerability that allows for a denial-of-service. CVE-2015-2291 Exploit Probability: 3.4% |
February 10, 2023 |
Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageabilit |
Intel products contain a vulnerability which can allow attackers to perform privilege escalation. CVE-2017-5689 Exploit Probability: 94.3% |
January 28, 2022 |
The vulnerability CVE-2017-5689: Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageabilit is in the top 1% of the currently known exploitable vulnerabilities.
By the Year
In 2025 there have been 0 vulnerabilities in Intel. Last year, in 2024 Intel had 148 security vulnerabilities published. Right now, Intel is on track to have less security vulnerabilities in 2025 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 0 | 0.00 |
2024 | 148 | 6.91 |
2023 | 182 | 7.18 |
2022 | 121 | 6.98 |
2021 | 52 | 7.13 |
2020 | 114 | 6.92 |
2019 | 150 | 6.54 |
2018 | 72 | 6.65 |
It may take a day or so for new Intel vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Intel Security Vulnerabilities
Intel(R) SDP Tool for Windows: Privilege Escalation via Incorrect Default Permissions
CVE-2024-35201
7.8 - High
- November 13, 2024
Incorrect default permissions in the Intel(R) SDP Tool for Windows software all versions may allow an authenticated user to enable escalation of privilege via local access.
Incorrect Default Permissions
Intel(R) Quartus(R) Prime Pro Edition: Uncontrolled Search Path Privilege Escalation Vulnerability
CVE-2024-38383
7.8 - High
- November 13, 2024
Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition software for Windows before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Intel(R) CIP Software Insecure Inherited Permissions Privilege Escalation Vulnerability
CVE-2024-36276
7.8 - High
- November 13, 2024
Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Intel(R) CIP Software Privilege Escalation Vulnerability
CVE-2024-36482
6.7 - Medium
- November 13, 2024
Improper input validation in some Intel(R) CIP software before version 2.4.10852 may allow a privileged user to potentially enable escalation of privilege via local access.
Improper Input Validation
Intel VROC Software Privilege Escalation Vulnerability
CVE-2024-29079
7.8 - High
- November 13, 2024
Insufficient control flow management in some Intel(R) VROC software before version 8.6.0.3001 may allow an authenticated user to potentially enable escalation of privilege via local access.
Insufficient Control Flow Management
Intel(R) Xeon(R) Processor Family (E-Core) SPP Protection Mechanism Failure Privilege Escalation Vul
CVE-2024-38660
- November 13, 2024
Protection mechanism failure in the SPP for some Intel(R) Xeon(R) processor family (E-Core) may allow an authenticated user to potentially enable escalation of privilege via local access.
Protection Mechanism Failure
Intel(R) Distribution of OpenVINO(TM) Model Server: Improper Input Validation Vulnerability
CVE-2024-32048
- November 13, 2024
Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Model Server software before version 2024.0 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
Improper Input Validation
Intel Server Board M70KLP UEFI Firmware Privilege Escalation Vulnerability
CVE-2024-39609
6.7 - Medium
- November 13, 2024
Improper Access Control in UEFI firmware for some Intel(R) Server Board M70KLP may allow a privileged user to potentially enable escalation of privilege via local access.
Authorization
Intel(R) SDP Tool for Windows: Uncontrolled Search Path Privilege Escalation Vulnerability
CVE-2024-36253
7.8 - High
- November 13, 2024
Uncontrolled search path in the Intel(R) SDP Tool for Windows software all version may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Intel(R) oneAPI Math Kernel Library: Uncontrolled Search Path Privilege Escalation Vulnerability
CVE-2024-28950
- November 13, 2024
Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library software for Windows before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Intel(R) DSA Software Insecure Inherited Permissions Privilege Escalation Vulnerability
CVE-2024-36294
7.8 - High
- November 13, 2024
Insecure inherited permissions for some Intel(R) DSA software before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Intel Server Board M10JNP2SB Family UEFI Firmware Privilege Escalation Vulnerability
CVE-2024-41167
6.7 - Medium
- November 13, 2024
Improper input validation in UEFI firmware in some Intel(R) Server Board M10JNP2SB Family may allow a privileged user to potentially enable escalation of privilege via local access.
Intel(R) DSA Improper Access Control Privilege Escalation Vulnerability
CVE-2024-36488
7.8 - High
- November 13, 2024
Improper Access Control in some Intel(R) DSA before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access.
Authorization
Intel(R) Xeon(R) Processors UEFI Firmware Control Flow Management Vulnerability
CVE-2024-25565
- November 13, 2024
Insufficient control flow management in UEFI firmware for some Intel(R) Xeon(R) Processors may allow an authenticated user to enable denial of service via local access.
Insufficient Control Flow Management
Intel(R) Graphics Driver: Uncontrolled Search Path Vulnerability
CVE-2024-38387
- November 13, 2024
Uncontrolled search path in the Intel(R) Graphics Driver installers for versions 15.40 and 15.45 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Intel Graphics Drivers: Out-of-Bounds Write Privilege Escalation Vulnerability
CVE-2024-38665
- November 13, 2024
Out-of-bounds write in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access.
Memory Corruption
Intel VROC Software: Improper Input Validation Denial of Service Vulnerability
CVE-2024-32485
5.5 - Medium
- November 13, 2024
Improper Input Validation in some Intel(R) VROC software before version 8.6.0.2003 may allow an authenticated user to potentially enable denial of service via local access.
Improper Input Validation
Intel(R) Quartus(R) Prime Standard Edition: Uncontrolled Search Path Privilege Escalation Vulnerabil
CVE-2024-38668
7.8 - High
- November 13, 2024
Uncontrolled search path for some Intel(R) Quartus(R) Prime Standard Edition software for Windows before version 23.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Intel(R) VTune(TM) Profiler: Improper Input Validation Vulnerability
CVE-2024-37027
- November 13, 2024
Improper Input validation in some Intel(R) VTune(TM) Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable denial of service via local access.
Improper Input Validation
Intel SGX SDK: Out-of-Bounds Write Privilege Escalation Vulnerability
CVE-2024-34776
- November 13, 2024
Out-of-bounds write in some Intel(R) SGX SDK software may allow an authenticated user to potentially enable escalation of privilege via local access.
Memory Corruption
Intel Graphics Drivers: Improper Buffer Restrictions Leading to Denial of Service
CVE-2024-34170
- November 13, 2024
Improper buffer restrictions in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access.
DEPRECATED: Improper Sanitization of Custom Special Characters
Intel VTune Profiler Uncontrolled Search Path Element Privilege Escalation Vulnerability
CVE-2024-36245
- November 13, 2024
Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Intel(R) Distribution for Python: Incorrect Default Permissions Leading to Privilege Escalation
CVE-2024-29083
- November 13, 2024
Incorrect default permissions in some Intel(R) Distribution for Python software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Intel Graphics Drivers: Untrusted Pointer Dereference Privilege Escalation Vulnerability
CVE-2024-34023
- November 13, 2024
Untrusted pointer dereference in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access.
Untrusted Pointer Dereference
Improper access control in Intel(R) RAID Web Console all versions may
CVE-2024-28170
5.5 - Medium
- September 16, 2024
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable information disclosure via local access.
Authorization
NULL pointer dereference in Intel(R) RAID Web Console software for all versions may
CVE-2024-32666
5.5 - Medium
- September 16, 2024
NULL pointer dereference in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable denial of service via local access.
NULL Pointer Dereference
Improper access control in Intel(R) RAID Web Console software for all versions may
CVE-2024-34543
7.8 - High
- September 16, 2024
Improper access control in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable escalation of privilege via local access.
Authorization
Uncaught exception in Intel(R) RAID Web Console software all versions may
CVE-2024-33848
5.5 - Medium
- September 16, 2024
Uncaught exception in Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable denial of service via local access.
Uncaught Exception
Improper input validation in some Intel(R) RAID Web Console software all versions may
CVE-2024-34545
5.7 - Medium
- September 16, 2024
Improper input validation in some Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable information disclosure via adjacent access.
Improper access control in Intel(R) RAID Web Console software for all versions may
CVE-2024-32940
5.7 - Medium
- September 16, 2024
Improper access control in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable denial of service via adjacent access.
Authorization
Improper access control in Intel(R) RAID Web Console software all versions may
CVE-2024-36261
5.7 - Medium
- September 16, 2024
Improper access control in Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable denial of service via adjacent access.
Authorization
Uncontrolled search path element in Intel(R) RAID Web Console software for all versions may
CVE-2024-34153
7.8 - High
- September 16, 2024
Uncontrolled search path element in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper access control in Intel(R) RAID Web Console all versions may
CVE-2024-36247
5.7 - Medium
- September 16, 2024
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable denial of service via adjacent access.
Authorization
Improper access control for some Intel(R) CIP software before version 2.4.10717 may
CVE-2023-43489
5.5 - Medium
- August 14, 2024
Improper access control for some Intel(R) CIP software before version 2.4.10717 may allow an authenticated user to potentially enable denial of service via local access.
improper access control in firmware for some Intel(R) FPGA products before version 24.1 may
CVE-2024-25576
7.9 - High
- August 14, 2024
improper access control in firmware for some Intel(R) FPGA products before version 24.1 may allow a privileged user to enable escalation of privilege via local access.
Uncontrolled search path in some Intel(R) IPP software before version 2021.11 may
CVE-2024-28887
7.8 - High
- August 14, 2024
Uncontrolled search path in some Intel(R) IPP software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may
CVE-2024-28947
8.2 - High
- August 14, 2024
Improper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may allow a privileged user to potentially enable escalation of privilege via local access.
Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may
CVE-2024-25561
7.8 - High
- August 14, 2024
Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may
CVE-2024-39283
7.8 - High
- August 14, 2024
Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access.
Uncontrolled search path for some Intel(R) VROC software before version 8.6.0.1191 may
CVE-2024-23489
7.3 - High
- August 14, 2024
Uncontrolled search path for some Intel(R) VROC software before version 8.6.0.1191 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path in some Intel(R) VTune(TM) Profiler software before versions 2024.1 may
CVE-2024-29015
7.8 - High
- August 14, 2024
Uncontrolled search path in some Intel(R) VTune(TM) Profiler software before versions 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software before version 23.4 may
CVE-2024-23907
7.8 - High
- August 14, 2024
Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Protection mechanism failure in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 28.3 may
CVE-2024-23499
7.5 - High
- August 14, 2024
Protection mechanism failure in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 28.3 may allow an unauthenticated user to potentially enable denial of service via network access.
Out-of-bounds write in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may
CVE-2024-23497
8.8 - High
- August 14, 2024
Out-of-bounds write in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
Memory Corruption
Uncontrolled search path for some Intel(R) License Manager for FLEXlm product software before version 11.19.5.0 may
CVE-2024-24977
7.8 - High
- August 14, 2024
Uncontrolled search path for some Intel(R) License Manager for FLEXlm product software before version 11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper access control in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may
CVE-2024-24986
8.8 - High
- August 14, 2024
Improper access control in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
Uncontrolled search path in some Intel(R) FPGA SDK for OpenCL(TM) software technology may
CVE-2024-23909
7.8 - High
- August 14, 2024
Uncontrolled search path in some Intel(R) FPGA SDK for OpenCL(TM) software technology may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may
CVE-2024-23981
8.8 - High
- August 14, 2024
Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Calculation
Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before version v11.19.5.0 may
CVE-2024-23908
7.8 - High
- August 14, 2024
Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before version v11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition Design Software before version 24.1 may
CVE-2024-22184
7.8 - High
- August 14, 2024
Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition Design Software before version 24.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading