Intel
Products by Intel Sorted by Most Security Vulnerabilities since 2018
Known Exploited Intel Vulnerabilities
The following Intel vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
Title | Description | Added |
---|---|---|
Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability | Intel ethernet diagnostics driver for Windows IQVW32.sys and IQVW64.sys contain an unspecified vulnerability that allows for a denial-of-service. CVE-2015-2291 | February 10, 2023 |
Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageabilit | Intel products contain a vulnerability which can allow attackers to perform privilege escalation. CVE-2017-5689 | January 28, 2022 |
By the Year
In 2024 there have been 33 vulnerabilities in Intel with an average score of 7.4 out of ten. Last year Intel had 181 security vulnerabilities published. Right now, Intel is on track to have less security vulnerabilities in 2024 than it did last year. However, the average CVE base score of the vulnerabilities in 2024 is greater by 0.20.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 33 | 7.38 |
2023 | 181 | 7.18 |
2022 | 101 | 6.97 |
2021 | 52 | 7.13 |
2020 | 114 | 6.92 |
2019 | 150 | 6.54 |
2018 | 72 | 6.65 |
It may take a day or so for new Intel vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Intel Security Vulnerabilities
Uncontrolled search path for some Intel(R) VROC software before version 8.6.0.1191 may
CVE-2024-23489
7.3 - High
- August 14, 2024
Uncontrolled search path for some Intel(R) VROC software before version 8.6.0.1191 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Out-of-bounds write in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may
CVE-2024-23497
8.8 - High
- August 14, 2024
Out-of-bounds write in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
Memory Corruption
Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before version v11.19.5.0 may
CVE-2024-23908
7.8 - High
- August 14, 2024
Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before version v11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Uncontrolled search path for some Intel(R) License Manager for FLEXlm product software before version 11.19.5.0 may
CVE-2024-24977
7.8 - High
- August 14, 2024
Uncontrolled search path for some Intel(R) License Manager for FLEXlm product software before version 11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may
CVE-2024-25561
7.8 - High
- August 14, 2024
Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Uncontrolled search path in some Intel(R) IPP software before version 2021.11 may
CVE-2024-28887
7.8 - High
- August 14, 2024
Uncontrolled search path in some Intel(R) IPP software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may
CVE-2024-28947
8.2 - High
- August 14, 2024
Improper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may allow a privileged user to potentially enable escalation of privilege via local access.
Uncontrolled search path in some Intel(R) VTune(TM) Profiler software before versions 2024.1 may
CVE-2024-29015
7.8 - High
- August 14, 2024
Uncontrolled search path in some Intel(R) VTune(TM) Profiler software before versions 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may
CVE-2024-39283
7.8 - High
- August 14, 2024
Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access.
Protection mechanism failure in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 28.3 may
CVE-2024-23499
7.5 - High
- August 14, 2024
Protection mechanism failure in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 28.3 may allow an unauthenticated user to potentially enable denial of service via network access.
Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software before version 23.4 may
CVE-2024-23907
7.8 - High
- August 14, 2024
Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path in some Intel(R) FPGA SDK for OpenCL(TM) software technology may
CVE-2024-23909
7.8 - High
- August 14, 2024
Uncontrolled search path in some Intel(R) FPGA SDK for OpenCL(TM) software technology may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may
CVE-2024-23981
8.8 - High
- August 14, 2024
Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Calculation
Improper access control in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may
CVE-2024-24986
8.8 - High
- August 14, 2024
Improper access control in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
improper access control in firmware for some Intel(R) FPGA products before version 24.1 may
CVE-2024-25576
7.9 - High
- August 14, 2024
improper access control in firmware for some Intel(R) FPGA products before version 24.1 may allow a privileged user to enable escalation of privilege via local access.
Improper access control in some Intel(R) UEFI Integrator Tools on Aptio V for Intel(R) NUC may
CVE-2024-26022
7.8 - High
- August 14, 2024
Improper access control in some Intel(R) UEFI Integrator Tools on Aptio V for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect default permissions for some Intel(R) Advisor software before version 2024.1 may
CVE-2024-26025
7.8 - High
- August 14, 2024
Incorrect default permissions for some Intel(R) Advisor software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Uncontrolled search path for some Intel(R) Simics Package Manager software before version 1.8.3 may
CVE-2024-26027
7.8 - High
- August 14, 2024
Uncontrolled search path for some Intel(R) Simics Package Manager software before version 1.8.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Incorrect default permissions in software installer for Intel(R) MAS (GUI) may
CVE-2024-27461
5.5 - Medium
- August 14, 2024
Incorrect default permissions in software installer for Intel(R) MAS (GUI) may allow an authenticated user to potentially enable denial of service via local access.
Incorrect Default Permissions
Uncontrolled search path in some Intel(R) GPA software before version 2024.1 may
CVE-2024-28046
7.8 - High
- August 14, 2024
Uncontrolled search path in some Intel(R) GPA software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper access control in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.4824 may
CVE-2024-28050
5.5 - Medium
- August 14, 2024
Improper access control in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.4824 may allow an authenticated user to potentially enable denial of service via local access.
Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may
CVE-2024-28172
7.3 - High
- August 14, 2024
Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path for some Intel(R) MPI Library software before version 2021.12 may
CVE-2024-28876
7.3 - High
- August 14, 2024
Uncontrolled search path for some Intel(R) MPI Library software before version 2021.12 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path in some Intel(R) Distribution for GDB software before version 2024.0.1 may
CVE-2024-23491
7.3 - High
- August 14, 2024
Uncontrolled search path in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Incorrect default permissions in some Intel(R) Distribution for GDB software before version 2024.0.1 may
CVE-2024-23495
7.8 - High
- August 14, 2024
Incorrect default permissions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Improper input validation for some Intel(R) Distribution for GDB software before version 2024.0.1 may
CVE-2024-24973
3.3 - Low
- August 14, 2024
Improper input validation for some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access.
Improper buffer restrictions in some Intel(R) Distribution for GDB software before version 2024.0.1 may
CVE-2024-25562
6.6 - Medium
- August 14, 2024
Improper buffer restrictions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access.
Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may
CVE-2024-21835
7.8 - High
- May 16, 2024
Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14
CVE-2023-52161
7.5 - High
- February 22, 2024
The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key.
authentification
Incorrect default permissions in some Intel Integrated Sensor Hub (ISH) driver for Windows 10 for Intel NUC P14E Laptop Element software installers before version 5.4.1.4479 may
CVE-2023-29244
7.8 - High
- January 19, 2024
Incorrect default permissions in some Intel Integrated Sensor Hub (ISH) driver for Windows 10 for Intel NUC P14E Laptop Element software installers before version 5.4.1.4479 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Uncontrolled search path in some Intel NUC Pro Software Suite Configuration Tool software installers before version 3.0.0.6 may
CVE-2023-32272
5.5 - Medium
- January 19, 2024
Uncontrolled search path in some Intel NUC Pro Software Suite Configuration Tool software installers before version 3.0.0.6 may allow an authenticated user to potentially enable denial of service via local access.
DLL preloading
Improper access control in some Intel HotKey Services for Windows 10 for Intel NUC P14E Laptop Element software installers before version 1.1.45 may
CVE-2023-32544
5.5 - Medium
- January 19, 2024
Improper access control in some Intel HotKey Services for Windows 10 for Intel NUC P14E Laptop Element software installers before version 1.1.45 may allow an authenticated user to potentially enable denial of service via local access.
Insecure inherited permissions in some Intel HID Event Filter drivers for Windows 10 for some Intel NUC laptop software installers before version 2.2.2.1 may
CVE-2023-38541
7.8 - High
- January 19, 2024
Insecure inherited permissions in some Intel HID Event Filter drivers for Windows 10 for some Intel NUC laptop software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Protection mechanism failure in some Intel(R) oneAPI HPC Toolkit 2023.1 and Intel(R)MPI Library software before version 2021.9 may
CVE-2023-27383
6.8 - Medium
- November 14, 2023
Protection mechanism failure in some Intel(R) oneAPI HPC Toolkit 2023.1 and Intel(R)MPI Library software before version 2021.9 may allow a privileged user to potentially enable escalation of privilege via adjacent access.
Uncontrolled search path element in some Intel(R) Server Information Retrieval Utility software before version 16.0.9 may
CVE-2023-27513
7.8 - High
- November 14, 2023
Uncontrolled search path element in some Intel(R) Server Information Retrieval Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path element in some Intel(R) Chipset Device Software before version 10.1.19444.8378 may
CVE-2023-28388
7.8 - High
- November 14, 2023
Uncontrolled search path element in some Intel(R) Chipset Device Software before version 10.1.19444.8378 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper access control for some Intel Unison software may
CVE-2022-41659
4.4 - Medium
- November 14, 2023
Improper access control for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.
Improper buffer restrictions in some Intel(R) QAT Library software before version 22.07.1 may
CVE-2023-22313
2.3 - Low
- November 14, 2023
Improper buffer restrictions in some Intel(R) QAT Library software before version 22.07.1 may allow a privileged user to potentially enable information disclosure via local access.
Buffer Overflow
Path traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023.1 may
CVE-2023-24592
7.8 - High
- November 14, 2023
Path traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023.1 may allow authenticated user to potentially enable escalation of privilege via local access.
Directory traversal
Unquoted search path in the installer for some Intel Server Configuration Utility software before version 16.0.9 may
CVE-2023-25075
7.8 - High
- November 14, 2023
Unquoted search path in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
Unquoted Search Path or Element
Protection mechanism failure in some Intel(R) Distribution of OpenVINO toolkit software before version 2023.0.0 may
CVE-2023-25080
5.5 - Medium
- November 14, 2023
Protection mechanism failure in some Intel(R) Distribution of OpenVINO toolkit software before version 2023.0.0 may allow an authenticated user to potentially enable information disclosure via local access.
Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before version 2.0.21.0 may
CVE-2022-33898
7.8 - High
- November 14, 2023
Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before version 2.0.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Improper access control in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may
CVE-2022-38786
7.8 - High
- November 14, 2023
Improper access control in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Improper access control in some Intel In-Band Manageability software before version 3.0.14 may
CVE-2022-41689
7.8 - High
- November 14, 2023
Improper access control in some Intel In-Band Manageability software before version 3.0.14 may allow an authenticated user to potentially enable escalation of privilege via local access.
Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software before version 2.0.0.9 may
CVE-2022-41700
7.8 - High
- November 14, 2023
Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software before version 2.0.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Protection mechanism failure in some Intel DCM software before version 5.2 may
CVE-2023-31273
9.8 - Critical
- November 14, 2023
Protection mechanism failure in some Intel DCM software before version 5.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Improper Privilege Management
Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may
CVE-2023-32641
8.8 - High
- November 14, 2023
Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access.
Improper authorization in some Intel Battery Life Diagnostic Tool installation software before version 2.2.1 may
CVE-2023-32662
6.7 - Medium
- November 14, 2023
Improper authorization in some Intel Battery Life Diagnostic Tool installation software before version 2.2.1 may allow a privilaged user to potentially enable escalation of privilege via local access.
Improper access control in the Intel Support android application all verions may
CVE-2023-33872
5.5 - Medium
- November 14, 2023
Improper access control in the Intel Support android application all verions may allow an authenticated user to potentially enable information disclosure via local access.
Insecure inherited permissions in some Intel(R) Simics Simulator software before version 1.7.2 may
CVE-2023-34314
7.8 - High
- November 14, 2023
Insecure inherited permissions in some Intel(R) Simics Simulator software before version 1.7.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Uncontrolled search path element in some Intel(R) XTU software before version 7.12.0.15 may
CVE-2023-34350
7.8 - High
- November 14, 2023
Uncontrolled search path element in some Intel(R) XTU software before version 7.12.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may
CVE-2023-34430
7.8 - High
- November 14, 2023
Uncontrolled search path in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Insecure inherited permissions in the installer for some Intel Server Configuration Utility software before version 16.0.9 may
CVE-2023-34997
7.8 - High
- November 14, 2023
Insecure inherited permissions in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Uncontrolled search path element in some Intel(R) RealSense(TM) Dynamic Calibration software before version 2.13.1.0 may
CVE-2023-29504
7.8 - High
- November 14, 2023
Uncontrolled search path element in some Intel(R) RealSense(TM) Dynamic Calibration software before version 2.13.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper input validation in some OpenVINO Model Server software before version 2022.3 for Intel Distribution of OpenVINO toolkit may
CVE-2023-31203
7.5 - High
- November 14, 2023
Improper input validation in some OpenVINO Model Server software before version 2022.3 for Intel Distribution of OpenVINO toolkit may allow an unauthenticated user to potentially enable denial of service via network access.
Improper access control in user mode driver for some Intel(R) Connectivity Performance Suite before version 2.1123.214.2 may
CVE-2023-32279
7.5 - High
- November 14, 2023
Improper access control in user mode driver for some Intel(R) Connectivity Performance Suite before version 2.1123.214.2 may allow unauthenticated user to potentially enable information disclosure via network access.
Insertion of sensitive information into log file in some Intel(R) On Demand software before versions 1.16.2, 2.1.1, 3.1.0 may
CVE-2023-32283
5.5 - Medium
- November 14, 2023
Insertion of sensitive information into log file in some Intel(R) On Demand software before versions 1.16.2, 2.1.1, 3.1.0 may allow an authenticated user to potentially enable information disclosure via local access.
Insertion of Sensitive Information into Log File
Incorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may
CVE-2023-32638
7.8 - High
- November 14, 2023
Incorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Improper access control in the Intel Smart Campus android application before version 9.4 may
CVE-2023-38411
7.8 - High
- November 14, 2023
Improper access control in the Intel Smart Campus android application before version 9.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may
CVE-2023-39230
7.8 - High
- November 14, 2023
Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Improper access control in some Intel(R) OFU software before version 14.1.31 may
CVE-2023-29157
7.8 - High
- November 14, 2023
Improper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.
Uncontrolled search path in some Intel(R) OFU software before version 14.1.31 may
CVE-2023-29161
7.8 - High
- November 14, 2023
Uncontrolled search path in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper access control in some Intel(R) OFU software before version 14.1.31 may
CVE-2023-32204
7.8 - High
- November 14, 2023
Improper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access.
Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R) Quartus(R) Prime Pro Edition for linux before version 22.4 may
CVE-2023-24478
5.5 - Medium
- August 15, 2023
Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R) Quartus(R) Prime Pro Edition for linux before version 22.4 may allow an authenticated user to potentially enable information disclosure via local access.
Use of Insufficiently Random Values
Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may
CVE-2022-44612
5.5 - Medium
- August 11, 2023
Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access.
Use of Hard-coded Credentials
Improper access control in the Intel Unite(R) android application before version 4.2.3504 may
CVE-2023-32609
5.5 - Medium
- August 11, 2023
Improper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enable information disclosure via local access.
Improper buffer restrictions in the Intel(R) Optimization for Tensorflow software before version 2.12 may
CVE-2023-27506
7.8 - High
- August 11, 2023
Improper buffer restrictions in the Intel(R) Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access.
Buffer Overflow
Incorrect default permissions in the Intel(R) Support android application before version v23.02.07 may
CVE-2023-27392
4.4 - Medium
- August 11, 2023
Incorrect default permissions in the Intel(R) Support android application before version v23.02.07 may allow a privileged user to potentially enable information disclosure via local access.
Incorrect Default Permissions
Improper access control in the Intel(R) Unite(R) Hub software installer for Windows before version 4.2.34962 may
CVE-2023-25773
7.8 - High
- August 11, 2023
Improper access control in the Intel(R) Unite(R) Hub software installer for Windows before version 4.2.34962 may allow an authenticated user to potentially enable escalation of privilege via local access.
Uncontrolled search path element in the Intel(R) Unite(R) Client software for Mac before version 4.2.11 may
CVE-2023-25182
7.8 - High
- August 11, 2023
Uncontrolled search path element in the Intel(R) Unite(R) Client software for Mac before version 4.2.11 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Out-of-bounds read in some Intel(R) oneVPL GPU software before version 22.6.5 may
CVE-2023-22338
5.5 - Medium
- August 11, 2023
Out-of-bounds read in some Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable information disclosure via local access.
Out-of-bounds Read
Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may
CVE-2022-29887
9.6 - Critical
- August 11, 2023
Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
XSS
Improper access control in some Intel(R) Unison(TM) software before version 10.12 may
CVE-2023-25757
7.2 - High
- August 11, 2023
Improper access control in some Intel(R) Unison(TM) software before version 10.12 may allow a privileged user to potentially enable escalation of privilege via network access.
Improper access control in some Intel(R) ISPC software installers before version 1.19.0 may
CVE-2023-27509
7.8 - High
- August 11, 2023
Improper access control in some Intel(R) ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access.
Improper access control in the Intel® DTT Software before version 8.7.10400.15482 may
CVE-2022-29470
7.8 - High
- August 11, 2023
Improper access control in the Intel® DTT Software before version 8.7.10400.15482 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect default permissions in some Intel(R) RealSense(TM) SDKs in version 2.53.1 may
CVE-2023-32663
7.8 - High
- August 11, 2023
Incorrect default permissions in some Intel(R) RealSense(TM) SDKs in version 2.53.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Insecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may
CVE-2023-28658
7.8 - High
- August 11, 2023
Insecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Permission Assignment for Critical Resource
Incorrect default permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may
CVE-2023-27505
7.8 - High
- August 11, 2023
Incorrect default permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may
CVE-2023-27391
6.7 - Medium
- August 11, 2023
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.
Uncontrolled search path in some Intel(R) RST software before versions 16.8.5.1014.5, 17.11.3.1010.2, 18.7.6.1011.2 and 19.5.2.1049.5 may
CVE-2022-43456
7.8 - High
- August 11, 2023
Uncontrolled search path in some Intel(R) RST software before versions 16.8.5.1014.5, 17.11.3.1010.2, 18.7.6.1011.2 and 19.5.2.1049.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
Untrusted Path
Improper input validation for the Intel(R) Easy Streaming Wizard software may
CVE-2023-26587
7.8 - High
- August 11, 2023
Improper input validation for the Intel(R) Easy Streaming Wizard software may allow an authenticated user to potentially enable escalation of privilege via local access.
Improper Input Validation
Uncontrolled search path element in some Intel(R) PSR SDK before version 1.0.0.20 may
CVE-2023-29151
7.8 - High
- August 11, 2023
Uncontrolled search path element in some Intel(R) PSR SDK before version 1.0.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Improper access control in some Intel(R) VROC software before version 8.0.0.4035 may
CVE-2022-45112
7.8 - High
- August 11, 2023
Improper access control in some Intel(R) VROC software before version 8.0.0.4035 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect default permissions in some Intel(R) SDP Tool software before version 1.4 build 5 may
CVE-2023-31246
7.8 - High
- August 11, 2023
Incorrect default permissions in some Intel(R) SDP Tool software before version 1.4 build 5 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Improper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may
CVE-2023-22840
5.5 - Medium
- August 11, 2023
Improper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable denial of service via local access.
Uncontrolled search path for the Intel(R) AI Hackathon software before version 2.0.0 may
CVE-2023-28380
8.8 - High
- August 11, 2023
Uncontrolled search path for the Intel(R) AI Hackathon software before version 2.0.0 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
DLL preloading
Uncontrolled search path in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2022.3.0 may
CVE-2023-28405
7.8 - High
- August 11, 2023
Uncontrolled search path in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2022.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may
CVE-2023-28823
7.3 - High
- August 11, 2023
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Cross-site scripting (XSS) for the Intel(R) DSA software before version 23.1.9 may
CVE-2023-27515
9.6 - Critical
- August 11, 2023
Cross-site scripting (XSS) for the Intel(R) DSA software before version 23.1.9 may allow unauthenticated user to potentially enable escalation of privilege via network access.
XSS
Incorrect default permissions in the Intel(R) ITS sofware before version 3.1 may
CVE-2023-32543
7.8 - High
- August 11, 2023
Incorrect default permissions in the Intel(R) ITS sofware before version 3.1 may allow authenticated user to potentially enable escalation of privilege via local access.
Incorrect Default Permissions
Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may
CVE-2023-25775
9.8 - Critical
- August 11, 2023
Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Uncontrolled search path element in some Intel(R) VCUST Tool software downloaded before February 3nd 2023 may
CVE-2023-25944
7.8 - High
- August 11, 2023
Uncontrolled search path element in some Intel(R) VCUST Tool software downloaded before February 3nd 2023 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Uncontrolled search path in some Intel(R) oneMKL software before version 2022.0 may
CVE-2022-25864
7.8 - High
- August 11, 2023
Uncontrolled search path in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Insufficient control flow management in the Hyperscan Library maintained by Intel(R) before version 5.4.1 may
CVE-2023-28711
5.5 - Medium
- August 11, 2023
Insufficient control flow management in the Hyperscan Library maintained by Intel(R) before version 5.4.1 may allow an authenticated user to potentially enable denial of service via local access.
Always-Incorrect Control Flow Implementation
Improper access control in the Intel(R) Solid State Drive Toolbox(TM) before version 3.4.5 may
CVE-2023-31199
6.7 - Medium
- May 12, 2023
Improper access control in the Intel(R) Solid State Drive Toolbox(TM) before version 3.4.5 may allow a privileged user to potentially enable escalation of privilege via local access.
Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may
CVE-2023-31197
7.8 - High
- May 12, 2023
Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access.
DLL preloading
Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may
CVE-2023-30763
6.7 - Medium
- May 12, 2023
Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may allow a privileged user to potentially enable escalation of privilege via local access.
Memory Corruption
Improper access control for Intel(R) oneAPI Toolkits before version 2021.1 Beta 10 may
CVE-2023-29242
7.8 - High
- May 12, 2023
Improper access control for Intel(R) oneAPI Toolkits before version 2021.1 Beta 10 may allow an authenticated user to potentially enable escalation of privilege via local access.
Out-of-bounds write for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may
CVE-2023-23910
7.8 - High
- May 10, 2023
Out-of-bounds write for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access.
Memory Corruption