21 matches found
CVE-2019-11162
The CVE-2019-11162 issue affects Intel Computing Improvement Program (CIP) before 2.4.0.04733, specifically the SEMA driver hardware abstraction. The root cause is insufficient access control, potentially allowing an authenticated local user to escalate privileges, cause a denial of service, or d...
CVE-2021-0074
The connected Intel advisory (Intel-SA-00530) confirms CVE-2021-0074 affects Intel® Computing Improvement Program software prior to version 2.4.5982, where improper installer permissions could allow an authenticated user to escalate privileges via local access. remediation: update to version 2.4....
CVE-2018-12168
CVE-2018-12168 describes a privilege-escalation in Intel Computing Improvement Program before version 2.2.0.03942. An authenticated user on the local system could potentially execute code with Administrator privileges due to file-permission and access-control weaknesses. The NVD entry lists a HIG...
CVE-2024-36276
CVE-2024-36276 affects Intel® CIP software before version 2.4.10852. The root cause is insecure inherited permissions, which may allow an authenticated user to escalate privileges via local access. Affected product: Intel® CIP software. Impact per document: local privilege escalation with high co...
CVE-2021-0052
Affected software : Intel® Computing Improvement Program (IPP) prior to version 2.4.6522. Vulnerability : Incorrect default privileges may allow an authenticated user to escalate privileges via local access. Root cause: improper default/privilege configuration in IPP installer and components. Imp...
CVE-2024-36482
CVE-2024-36482 : Improper input validation in some Intel® CIP software before version 2.4.10852 may allow a privileged user to escalate privileges via local access. Intel’s advisory (Intel® CIP Software) confirms affected product: Intel® CIP software prior to 2.4.10852. Base/impact metrics from m...
CVE-2020-8736
The CVE-2020-8736 issue affects Intel® Computing Improvement Program prior to version 2.4.5718. The underlying flaw is improper access control in the subsystem, which could allow an authenticated local user to escalate privileges. The Intel advisory confirms affected product/version and recommend...
CVE-2023-43489
CVE-2023-43489 affects Intel® CIP software prior to version 2.4.10717. The root cause is an improper access control that may allow an authenticated local user to potentially cause a denial of service . The issue is documented with CVSS metrics (3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H; 4.0: AV:L/...
CVE-2023-35769
CVE-2023-35769 affects Intel CIP software prior to version 2.4.10577. The root cause is an uncontrolled search path, which could allow an authenticated user to escalate privileges via local access. Affected products are Intel CIP software before 2.4.10577. Mitigation: upgrade to version 2.4.10577...
CVE-2020-12308
CVE-2020-12308 affects Intel Computing Improvement Program before version 2.4.5982. The root cause is improper access control, potentially allowing an unprivileged user to disclose information via network access. The NVIDIA? (no) is not relevant. The advisory and multiple CNA sources corroborate ...
CVE-2025-24307
Intel CIP software vulnerability CVE-2025-24307 affects Intel® CIP software prior to WIN_DCA_2.4.0.11001, involving privilege management in Ring 3: User Applications. The flaw may allow an unprivileged, authenticated user with high complexity attack requirements to escalate privileges and manipul...
CVE-2025-24848
Intel CIP software prior to WIN_DCA_2.4.0.11001 suffers a protection mechanism failure in Ring 3 (User Applications) that may allow an Elevation of Privilege by a local attacker with privileged user context and high attack complexity. Affected products are Intel® CIP software before WIN_DCA_2.4.0...
CVE-2025-24862
Intel CIP software prior to WIN_DCA_2.4.0.11001 contains CVE-2025-24862: an unrestricted upload of a dangerous file type in Ring 3 User Applications, potentially enabling privilege escalation and data manipulation. The issue requires network access with internal knowledge and passive user interac...
CVE-2025-20050
Intel CIP software prior to WIN_DCA_2.4.0.11001 is affected by an Uncontrolled search path issue in Ring 3 User Applications that can lead to privilege escalation and local code execution. The vulnerability arises from improper/unsafe path handling, enabling an unprivileged, authenticated user wi...
CVE-2025-24299
Intel CIP software prior to version WIN_DCA_2.4.0.11001 has an input validation error in Ring 3: User Applications that may allow an escalation of privilege. An unprivileged adversary with an authenticated user and low attack complexity could exploit this, potentially over the network, to impact ...
CVE-2025-24847
Intel CIP software prior to WIN_DCA_2.4.0.11001 is affected by an improper input validation vulnerability in Ring 3 User Applications that can lead to information disclosure. Unprivileged adversaries with a privileged user and low attack complexity, potentially via network access with passive use...
CVE-2025-24863
Intel CIP software prior to WIN_DCA_2.4.0.11001 is affected by CVE-2025-24863, an improper privilege management flaw that may allow information disclosure. The issue occurs in Ring 3: User Applications and can be triggered by an unauthenticated/unprivileged adversary with a valid user account and...
CVE-2025-20614
CVE-2025-20614 concerns Intel’s CIP software prior to WIN_DCA_2.4.0.11001, where external control of a file name or path in Ring 3 user applications may enable privilege escalation. The description across connected sources states an unprivileged software adversary with a privileged user and a low...
CVE-2025-24314
Intel CIP software prior to WIN_DCA_2.4.0.11001 has an improper access control in Ring 3 User Applications that may allow information disclosure. An unprivileged attacker with a privileged user and high-complexity conditions could exploit this via network access with no user interaction, potentia...
CVE-2025-24838
Intel CIP software prior to WIN_DCA_2.4.0.11001 contains multiple CVEs, including CVE-2025-24838, describing improper privilege management in Ring 3 User Applications that may allow privilege escalation. A low-privileged, authenticated user could exploit this with a low-complexity attack, potenti...
CVE-2025-24834
Intel CIP software prior to WIN_DCA_2.4.0.11001 contains a protection mechanism failure in Ring 3: User Applications, which may allow information disclosure. An unprivileged, unauthenticated user with low-complexity attack could exposure data via adjacent access. Affected products: Intel CIP soft...