Intel® Modular Server Compute Module Advisory

Summary: A potential security vulnerability in Intel® Modular Server MFS2600KI Compute Module may allow escalation of privilege or denial of service. Intel is not releasing updates to mitigate this potential vulnerability and has issued a Product Discontinuation Notice for Intel® Modular Server...

Intel® Graphics Driver Unified Shader Compiler Advisory

Summary: Multiple potential security vulnerabilities in Intel® Graphics Drivers may allow escalation of privilege or denial of service . Intel is releasing Intel® Graphics Driver updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2018-12152 Description: Pointer...

Intel® Processors MMIO Undefined Access Advisory

Summary: A potential security vulnerability in Memory Mapped I/O MMIO for some 14nm Client/Xeon E3 Intel® Processors may allow a denial of service in certain virtualized environments. Vulnerability Details: CVEID: CVE-2022-21180 Description: Improper input validation for some Intel® Processors ma...

Intel® NUC Advisory

Summary: A potential security vulnerability in system firmware for Intel® NUC may allow escalation of privilege, denial of service, and/or information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2019-11094 Description...

Intel Q3’17 ME 6.x/7.x/8.x/9.x/10.x/11.x, SPS 4.0, and TXE 3.0 Security Review Cumulative Update

Summary: In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of our Intel® Management Engine ME, Intel® Server Platform Services SPS, and Intel® Trusted Execution Engine TXE with the objective of enhancing firmware resilience. As...

Intel® ThunderboltTM DCH Drivers for Windows Advisory

Summary: Potential security vulnerabilities in some Intel® Thunderbolt™ Declarative Componentized Hardware DCH drivers for Windows may allow escalation of privilege, denial of service, and/or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities...

Intel® Unison™ Software Advisory

Summary: Potential security vulnerabilities in some Intel® Unison™ software may allow denial of service or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-2804Non-Intel issued Description: Improper...

Intel® Unison™ Software  Advisory

Summary: Potential security vulnerabilities in some Intel® Unison™ software may allow escalation of privilege, information disclosure or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-36860 Description:...

Intel® NUC Laptop Kit Advisory

Summary: Potential security vulnerabilities in some Intel® NUC Laptop Kits may allow escalation of privilege. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-28858 Description: Improper buffer restriction in the firmware for...

Intel® SEAPI Advisory

Summary: A potential security vulnerability in the Intel® Single Event API SEAPI software may allow escalation of privilege. Intel is not releasing updates to mitigate this potential vulnerability and has issued a Product Discontinuation Notice for the Intel® SEAPI software. Vulnerability Details...

2023.1 IPU - Intel® Xeon® Processor Advisory

Summary: A potential security vulnerability in some Intel® Xeon® Processors with Intel® Software Guard Extensions SGX may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-33196 Description: Incorrec...

Intel® Quartus Family of Tools Privilege Escalation Vulnerability

Summary: Unquoted service paths in the Intel® Quartus family of tools allows a local attacker to potentially execute arbitrary code. Description: The Joint Test Action Group JTAG server is vulnerable to replacement of required executables, which on reboot may be run with elevated privileges...

2019.2 IPU – TSX Asynchronous Abort Advisory

Summary: A potential security vulnerability in TSX Asynchronous Abort TAA for some Intel® Processors may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2019-11135 Description: TSX Asynchronous Abort...

2020.2 IPU – Intel® CSME, SPS, TXE, and AMT Advisory

Summary: Potential security vulnerabilities in Intel® Converged Security and Manageability Engine CSME, Server Platform Services SPS, Intel® Trusted Execution Engine TXE, Intel® Dynamic Application Loader DAL, Intel® Active Management Technology AMT, Intel® Standard Manageability ISM and Intel®...

Intel® NUC Kit with Infineon Trusted Platform Module

Summary: Certain Intel® NUC systems contain an Infineon Trusted Platform Module TPM that has an information disclosure vulnerability as described in CVE-2017-15361. Description: Recently, a research team developed advanced mathematical methods to exploit the characteristics of acceleration...

Intel® Graphics Drivers Advisory

Summary: Potential security vulnerabilities in Intel® Graphics Drivers may allow escalation of privilege, denial of service and/or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2020-0502 Description:...

Q3 2018 Speculative Execution Side Channel Update

Summary: Security researchers have identified a speculative execution side-channel method called L1 Terminal Fault L1TF. This method impacts select microprocessor products supporting Intel® Software Guard Extensions Intel® SGX. Further investigation by Intel has identified two related application...

2020.2 IPU – BIOS Advisory

Summary: Potential security vulnerabilities in the BIOS firmware for some Intel® Processors may allow escalation of privilege or denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2020-0590 Description: Improper input...

Intel® Server Board TPM Advisory

Summary: A potential security vulnerability in Intel® Server Boards may allow information disclosure. Intel is releasing Intel® Server Board firmware updates to mitigate this potential vulnerability. Vulnerability Details CVEID: CVE-2017-15361 Description: Information disclosure in Infineon TPM i...

Intel® Processor Speculative Cross Store Bypass Advisory

Summary: A potential security vulnerability in Intel® Processors may allow information disclosure. Intel is releasing prescriptive guidance to address this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-33149 Description: Observable behavioral discrepancy in some IntelR Processor...

Potential vulnerability in the Intel® Ethernet diagnostics driver for Windows*

Summary: A vulnerability was identified in the Intel diagnostics driver. Intel released an update to mitigate this issue in June 2015. Description: A vulnerability was identified in the Intel diagnostics driver IQVW32.sys and IQVW64.sys, also identified as CVE-2015-2291. Intel released an update ...

Multiple Intel Software Products and API Services impacted by CVE-2014-0160

Summary: On April 7th 2014, OpenSSL.org published a Security Advisory concerning a missing bounds check bug in the implementation of the TLS heartbeat extension CVE-2014-0160. Intel PSIRT will continue to update this advisory as additional information becomes available. Description: On April 7th...

Intel® Ethernet Controller RDMA Driver for Linux Advisory

Summary: A potential security vulnerability in the Intel® Ethernet Controller Remote Direct Memory Access RDMA driver for linux may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-25775 Description:...

2023.1 IPU - Intel® Atom® and Intel® Xeon® Scalable Processors Advisory

Summary: A potential security vulnerability in some Intel® Atom® and Intel® Xeon® Scalable Processors may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-21216 Description: Insufficient granularity...

2022.1 IPU - Intel® Boot Guard and Intel® TXT Advisory

Summary: A potential security vulnerability in Intel® Boot Guard and Intel® Trusted Execution Technology TXT for some Intel® processors may allow escalation of privilege. Intel is releasing firmware updates and prescriptive guidance to mitigate this potential vulnerability. Vulnerability Details:...

Intel® Wireless Bluetooth® and Killer™ Bluetooth® Advisory

Summary: Potential security vulnerabilities in Intel® Wireless Bluetooth® products and Killer™ Bluetooth® products may allow information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2020-26555 Non-Intel issued Intel...

Intel® RST Advisory

Summary: A potential security vulnerability in the Intel® Rapid Storage Technology RST may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2019-14568 Description: Improper permissions in the executable...

Intel AMT® Upgradable to Vulnerable Firmware

Summary: Intel® Active Management Technology, Intel® Standard Manageability, and Intel® Small Business Technology firmware versions 11.0.25.3001 and 11.0.26.3000 anti-rollback will not prevent upgrading to firmware version 11.6.x.1xxx which is vulnerable to CVE-2017-5689 and can be performed by a...

Intel® Graphics Drivers Advisory

Summary: Potential security vulnerabilities in some Intel® Graphics drivers may allow escalation of privilege, denial of service and information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-29165 Description:...

Intel® Data Center Manager Advisory

Summary: Potential security vulnerabilities in the Intel® Data Center Manager software may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-21225 Description: Improper...

Microarchitectural Data Sampling Advisory

Summary: A potential security vulnerability in CPUs may allow information disclosure. Intel is releasing Microcode Updates MCU updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2018-12126 Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some...

Q2 2018 Speculative Execution Side Channel Update

Summary: Security researchers identified two software analysis methods that, if used for malicious purposes, have the potential to improperly gather sensitive data from multiple types of computing devices with different vendors’ processors and operating systems. Intel is committed to product and...

Intel® Wireless Bluetooth® Advisory

Summary: Potential security vulnerabilities in some Intel® Wireless Bluetooth® products may allow escalation of privilege or denial of service. Intel is releasing firmware and software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2020-12321 Description:...

Intel® Processor Graphics Advisory

Summary: A potential security vulnerability in Intel® Processor Graphics may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2019-14615 Description: Insufficient control flow in certain data structures f...

Intel® Computing Improvement Program Advisory

Summary: A potential security vulnerability in the Intel® Computing Improvement Program may allow escalation of privilege, denial of service or information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2019-11162...

Intel® RWC 3 for Windows* Advisory

Summary: A potential security vulnerability in the Intel® RAID Web Console RWC 3 for Windows may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2019-14601 Description: Improper permissions in the...

Intel® Wireless Bluetooth® and Killer™ Bluetooth® Advisory

Summary: Potential security vulnerabilities in some Intel® Wireless Bluetooth® and Killer™ Bluetooth® products may allow escalation of privilege, denial of service or information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details:...

2019.2 IPU – Intel® Processor Graphics Update Advisory

Summary: A potential security vulnerability in Intel® Processor Graphics may allow denial of service. Intel is releasing software and firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2019-0154 Description: Insufficient access control in subsystem for...

2022.2 IPU - Intel® Processor Advisory

Summary: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing firmware updates to address this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-21233 Description: Improper isolation of shared resources in some IntelR...

2021.2 IPU – Intel® Chipset Firmware Advisory

Summary: Potential security vulnerabilities in some Intel® Chipset Firmware in Intel® Server Platform Services SPS, Intel® Active Management Technology AMT and the Intel Power Management Controller PMC may allow escalation of privilege or denial of service. Intel is releasing firmware updates to...

2020.2 IPU - Intel® Processor Advisory

Summary: Potential security vulnerabilities in some Intel® Processors may allow information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2020-8698 Description: Improper isolation of shared resources in some IntelR...

Intel® NUC Firmware Advisory

Summary: Potential security vulnerabilities in system firmware for Intel® NUC may allow escalation of privilege, denial of service and/or information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2019-11123...

Intel® oneAPI Toolkits Advisory

Summary: Potential security vulnerabilities in some Intel® oneAPI Toolkits may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-25987 Description: Improper handling of Unicode encoding in source...

Intel® Processors Post Invalidation RSB Advisory

Summary: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing prescriptive guidance to address this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-26373 Description: Non-transparent sharing of return predictor targets...

Intel® Processor Advisory

Summary: Potential security vulnerabilities in some Intel® Processors may allow information disclosure. Intel is releasing prescriptive guidance to address these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-0001 Description: Non-transparent sharing of branch predictor selecto...

Intel® PROSet/Wireless WiFi Software Advisory

Summary: Potential security vulnerabilities in some Intel® PROSet/Wireless WiFi products may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2020-0557 Description: Insecure...

One or more Intel Products affected by the Wi-Fi Protected Access II (WPA2) protocol vulnerability

Summary: Researchers Mathy Vanhoef and Frank Piessens, from the University of Leuven, identified a series of vulnerabilities that affect the Wi-Fi Protected Access WPA and Wi-Fi Protected Access II WPA2 standards. Description: These vulnerabilities are protocol-level vulnerabilities that affect a...

Intel® SGX SDK Advisory

Summary: Potential security vulnerabilities in the Intel® Software Guard Extensions SGX Software Development Kit SDK may allow information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-26509 Description: Imprope...

Intel® Thunderbolt™ non-DCH Driver for Windows Advisory

Summary: A potential security vulnerability in the Intel® Thunderbolt™ non-DCH Declarative Componentized Hardware driver for Windows may allow escalation of privilege. Intel is releasing software updates and prescriptive guidance to mitigate this potential vulnerability. Vulnerability Details:...

Intel® SGX SDK Edger8r and Intel® Software Guard Extensions Platform Software Component

Summary: CVE-2018-3626: The Edger8r tool in the Intel® Software Guard Extensions SGX Software Development Kit SDK before version 2.1.2 Linux and 1.9.6 Windows may generate code that is susceptible to a side channel attack, potentially allowing a local user to access unauthorized information...