234 matches found
CVE-2025-36511
Incorrect default permissions for some IntelR Memory and Storage Tool before version 2.5.2 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This...
CVE-2025-35999
Incorrect permission assignment for critical resource for some System Firmware Update Utility SysFwUpdt for IntelR Server Boards and IntelR Server Systems Based before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileg...
CVE-2025-33030
CVE-2025-33030 relates to firmware for Intel NPU Drivers (Ring 3: User Applications). The issue stems from an improper conditions check in some firmware, enabling a local, low-privilege attacker with authenticated user to escalate privileges and potentially cause data corruption. Impact on confid...
CVE-2025-32452
Uncontrolled search path for some AI Playground before version 2.6.1 beta within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may...
CVE-2025-32452
Uncontrolled search path for some AI Playground before version 2.6.1 beta within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may...
CVE-2025-32452
The CVE-2025-32452 entry concerns AI Playground prior to version 2.6.1 beta, where an uncontrolled search path in Ring 3: User Applications may enable privilege escalation. The vulnerability is described as requiring an authenticated user with high attack complexity and active user interaction, w...
CVE-2025-32092
Insecure inherited permissions for some IntelR Graphics Software before version 25.30.1702.0 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege...
CVE-2025-32008
Out-of-bounds write in the firmware for the IntelR AMT and IntelR Standard Manageability within Ring 3: User Applications may allow a denial of service. Network adversary with an unauthenticated user combined with a low complexity attack may enable denial of service. This result may potentially...
CVE-2025-32008
CVE-2025-32008 concerns a firmware out-of-bounds write in Intel AMT and Intel Standard Manageability (Ring 3). A network-based, unauthenticated, low-complexity adversary could trigger a denial of service with no user interaction. Impact is high availability; confidentiality and integrity are list...
CVE-2025-31655
CVE-2025-31655 concerns Intel’s Battery Life Diagnostic Tool (Ring 3). The issue is incorrect default permissions in this tool, enabling local privilege escalation for an authenticated, low-privileged user when the attacker has high attack complexity and can interact with the user. The impact is ...
CVE-2025-25210
Improper input validation for some Server Firmware Update UtilitySysFwUpdt before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This...
CVE-2025-25210
CVE-2025-25210 involves improper input validation in Intel’s Server Firmware Update Utility (SysFwUpdt) prior to version 16.0.12. The vulnerability affects Ring 3 (User Applications); a local attacker with high privileges and low attack complexity may escalate privileges without user interaction,...
CVE-2025-22849
Incorrect default permissions for the IntelR OptaneTM PMem management software before versions CRMGMT01.00.00.3584, CRMGMT02.00.00.4052, CRMGMT03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined...
CVE-2025-22453
Improper input validation for some Server Firmware Update UtilitySysFwUpdt before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This...
CVE-2025-20070
Improper conditions check for the IntelR OptaneTM PMem management software before versions CRMGMT02.00.00.4052, CRMGMT03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity...
CVE-2025-20070
Improper conditions check for the IntelR OptaneTM PMem management software before versions CRMGMT02.00.00.4052, CRMGMT03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity...
PT-2026-7311
Name of the Vulnerable Software and Affected Versions IntelR NPU Drivers affected versions not specified Description A flaw exists in some firmware for IntelR NPU Drivers within Ring 3. This issue may allow an unprivileged software adversary with an authenticated user and a low complexity attack ...
Intel® Graphics Advisory
Summary: Potential security vulnerabilities for some Intel® Graphics software may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2025-32092 Description: Insecure inherited...
Intel QAT Windows software out-of-bounds read vulnerability
Intel QAT Windows software refers to the collection of Intel® Data Protection and Compression Acceleration Technology software components that provide support for the Windows operating system. The Intel QAT Windows software has an out-of-bounds read vulnerability that originates from an...
Intel QAT Windows software buffer overflow vulnerability (CNVD-2025-30759)
Intel QAT Windows software refers to the collection of Intel® Data Protection and Compression Acceleration Technology software components that provide support for the Windows operating system. A buffer overflow vulnerability exists in the Intel QAT Windows software, which originates from a buffer...