19 matches found
CVE-2020-8694
CVE-2020-8694 affects the Linux kernel powercap/RAPL subsystem. The issue allows a local, unprivileged attacker to read CPU energy meters by default, enabling information disclosure between processes or from kernel to user space. Public documents describe the root cause as insufficient access con...
CVE-2020-8695
CVE-2020-8695 is reported as an observable discrepancy in the Intel Running Average Power Limit (RAPL) interface that may allow a local privileged user to disclose information. Connected sources confirm this affects Intel processors and is addressed via microcode updates. Remediation guidance acr...
CVE-2022-21233
CVE-2022-21233 affects Intel processors via improper isolation of shared resources, leading to potential information disclosure with local access. The vulnerability is discussed across multiple advisories (Intel microcode, Debian, Amazon Linux, Astra Linux, Cloud Foundry) and is tied to the Intel...
CVE-2019-0155
CVE-2019-0155 involves insufficient access control in Intel processor graphics subsystems across multiple generations. The issue could allow an authenticated local user to potentially escalate privileges. Affected components include Intel Graphics Driver for Windows (before 26.20.100.6813/6812) a...
CVE-2019-0154
CVE-2019-0154 involves insufficient access control in the Intel processor graphics subsystem affecting 6th–9th Gen Intel Core, Pentium (J/N/Silver/Gold), Celeron J/N/G3900/G4900, Atom A/E3900, and Xeon E3-1500/v5/v6 and E-2100 family. The vulnerability may allow an authenticated, local attacker t...
CVE-2021-0146
CVE-2021-0146: Hardware allows activation of test or debug logic at runtime on some Intel processors, potentially enabling privilege escalation with physical access. The incident is documented in multiple sources (Intel/Broadcom advisories; Cloud Foundry USN-5486-1; AWS ALAS2-2022-1762; Gentoo GL...
CVE-2022-21151
CVE-2022-21151 involves Intel processors where optimization/removal of security-critical code in the processor microcode can allow an authenticated local attacker to cause information disclosure. Affected vectors are local access with low attack complexity and no user interaction. Public docs con...
CVE-2022-38090
CVE-2022-38090 is listed across multiple advisories (Debian DLA, ALAS, ALAS2, Cloud Foundry USN, Astra Linux) as part of Intel microcode vulnerabilities. The core issue is improper isolation of shared resources on Intel processors when using Intel SGX, potentially enabling information disclosure ...
CVE-2022-0004
CVE-2022-0004 concerns Intel® Boot Guard and Intel® TXT. The issue arises from hardware debug modes and a processor INIT setting that allow an unauthenticated user to potentially bypass protections and escalate privileges via physical access. Intel lists affected generations (10th–12th Gen Core, ...
CVE-2022-21198
CVE-2022-21198 is a TOCTOU race condition in the BIOS firmware of some Intel processors allowing escalation of privilege via local access. Affected are Intel BIOS/IPU firmware implementations referenced in Intel’s INTEL-SA-00688 advisory, with CVSS vectors indicating local attack, low to moderate...
CVE-2019-0120
CVE-2019-0120 describes an Insufficient key protection vulnerability in silicon reference firmware for Intel® processors (J/N series, Celeron, Atom A/E3900, and Pentium Silver). The root cause is inadequate protection of keys within the silicon reference firmware, potentially allowing a privilege...
CVE-2022-43505
The CVE-2022-43505 issue affects Intel BIOS firmware due to Insufficient control flow management in the BIOS, which may allow a privileged local user to cause a denial of service. Intel’s INTEL-SA-00813 advisory and associated feeds describe vulnerable BIOS implementations and list affected Intel...
CVE-2021-33122
CVE-2021-33122 corresponds to Intel BIOS firmware issues affecting several Intel processors where insufficient control flow management in the BIOS authenticated code module may permit a privileged user to escalate privileges locally. The Intel advisory INTEL-SA-00601 documents this vulnerability ...
CVE-2023-22329
CVE-2023-22329 is an Intel BIOS firmware vulnerability in some Intel\u00a0Processors caused by improper input validation, potentially allowing an authenticated user to trigger a denial of service via adjacent access. Intel’s advisory INTEL-SA-00924 recommends updating to the latest BIOS provided ...
CVE-2022-30704
The CVE-2022-30704 issue relates to improper initialization in the Intel TXT SINIT ACM for certain Intel processors. The underlying effect is a potential privilege escalation via local access by a privileged user. Documents specify the affected component as the Intel TXT SINIT ACM within BIOS/fir...
CVE-2020-0599
CVE-2020-0599 describes an improper access control vulnerability in the Intel Power Management Controller (PMC) that could allow a privileged user to escalate privileges via local access. The CVSS1 (3.1) base score is 6.7 (Medium) with LOCAL access, LOW attack complexity, and HIGH impact on confi...
CVE-2023-25756
The CVE-2023-25756 issue affects Intel BIOS firmware across multiple processors, caused by an out-of-bounds read that may allow an authenticated user to escalate privileges via adjacent access. Documents from Intel (INTEL-SA-00924) confirm the vulnerability in BIOS software and propose updates to...
CVE-2022-27879
CVE-2022-27879 affects Intel BIOS firmware prompting information disclosure via local access due to improper buffer restrictions. Affected area is BIOS firmware on Intel processors; root cause stated as improper buffer restrictions that may allow a privileged user to access sensitive information....
CVE-2021-0186
CVE-2021-0186 involves an improper input validation in Intel\u00ae SGX SDK applications compiled for SGX2-enabled processors that could allow local privilege escalation. The Intel advisory (INTEL-SA-00548) confirms affected products: Intel SGX SDK for Windows <= v2.12 and Linux