218 matches found
CVE-2021-33107
Insufficiently protected credentials in USB provisioning for IntelR AMT SDK before version 16.0.3, IntelR SCS before version 12.2 and IntelR MEBx before versions 11.0.0.0012, 12.0.0.0011, 14.0.0.0004 and 15.0.0.0004 may allow an unauthenticated user to potentially enable information disclosure vi...
CVE-2021-23152
CVE-2021-23152 affects Intel® Advisor software prior to 2021.2. It is a local, authenticated-access vulnerability caused by improper access control that could allow privilege escalation (impact: high for confidentiality, integrity, and availability). The NVD CVSSv3.1 base score is 7.8 (HIGH); CVS...
CVE-2021-0116
Out-of-bounds write in the firmware for some IntelR Processors may allow a privileged user to potentially enable an escalation of privilege via local access...
AlmaLinux 8 : microcode_ctl (ALSA-2021:2308)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:2308 advisory. - Incomplete cleanup in some IntelR VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2021-0013
Improper input validation for IntelR EMA before version 1.5.0 may allow an unauthenticated user to potentially enable denial of service via network access...
CVE-2021-0082
Uncontrolled search path in software installer for IntelR PROSet/Wireless WiFi in Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2021-0148
Insertion of information into log file in firmware for some IntelR SSD DC may allow a privileged user to potentially enable information disclosure via local access...
CVE-2021-33058
Improper access control in the installer IntelRAdministrative Tools for IntelR Network Adaptersfor Windowsbefore version 1.4.0.21 may allow an unauthenticated user to potentially enable escalation of privilege via local access...
CVE-2021-33097
Time-of-check time-of-use vulnerability in the Crypto API Toolkit for IntelR SGX may allow a privileged user to potentially enable escalation of privilege via network access...
CentOS 8 : kernel-rt (CESA-2021:4140)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4140 advisory. - kernel: Intel graphics card information leak. CVE-2019-14615 - kernel: out-of-bounds reads in pinctrl subsystem. CVE-2020-0427 - kernel: Improper inp...
F5 Networks BIG-IP : Intel I210 network adapter vulnerability (K37283878)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K37283878 advisory. - Improper initialization in the firmware for the IntelR Ethernet I210 Controller series of network adapters before...
Improper access control
Improper access control in kernel mode driver for some IntelR NUC 9 Extreme Laptop Kits before version 2.2.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access...
Oracle Linux 8 : microcode_ctl (ELSA-2021-2308)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-2308 advisory. 4:20210216-1.20210525.0.1 - add support for UEK6 kernels - remove no longer appropriate caveats for 06-2d-07 and 06-55-04 4:20210216-1.20210525.1 -...
Privilege Escalation
intel-microcode:sid is vulnerable to privilege escalation. An incomplete cleanup in some IntelR VT-d products may allow an authenticated user to potentially enable escalated privileges...
SUSE SLES15 Security Update : ucode-intel (SUSE-SU-2021:1932-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1932-1 advisory. - Updated to Intel CPU Microcode 20210525 release. - CVE-2020-24513: A domain bypass transient execution vulnerability was discover...
Oracle Linux 7 : microcode_ctl (ELSA-2021-2305)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-2305 advisory. 2:2.1-73.9.0.1 - for Intel, do not trigger load if on-disk microcode is not an update Orabug: 30634727 - set earlymicrocode='no' in virtualized guests ...
CVE-2021-0104
Uncontrolled search path element in the installer for the IntelR Rapid Storage Technology software, before versions 17.9.0.34, 18.0.0.640 and 18.1.0.24, may allow an authenticated user to potentially enable escalation of privilege via local access...
Privilege escalation
Modification of assumed-immutable data in subsystem in IntelR CSME versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22 may allow an unauthenticated user to potentially enable escalation of privilege via physical access...
CVE-2021-0057
Uncontrolled search path in the IntelR NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2021-0056
Insecure inherited permissions for the IntelR NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access...