24 matches found
CVE-2022-40982
CVE-2022-40982 is an information-leak via microarchitectural state after transient execution in certain Intel vector execution units. The connected docs consistently describe local information disclosure by an authenticated user on affected Intel processors, with mitigations centered on firmware/...
CVE-2018-12207
CVE-2018-12207 describes an issue where improper invalidation of page-table updates by a privileged guest can cause a Denial of Service on the host on Intel processors. The vulnerability stems from how the guest VM handles translations in the MMU/TLB when paging structures change, potentially exp...
CVE-2022-26373
CVE-2022-26373 concerns Intel processors where non-transparent sharing of return-predictor targets between contexts may allow an authorized local user to disclose information. The provided documents describe this issue as a local-information-disclosure risk but do not specify a vendor patch/versi...
CVE-2021-0116
CVE-2021-0116 is an Intel firmware vulnerability described as an out-of-bounds write in the affected Intel processors’ firmware that could allow a local, privileged escalation. Connected documents confirm the CVE details and provide context across multiple vendor advisories (IBM QRadar, F5 adviso...
CVE-2021-0119
CVE-2021-0119 stems from improper initialization in Intel processor firmware that can allow a local attacker with physical access to escalate privileges. Connected advisories confirm affected platforms (e.g., IBM QRadar appliances M5/M6, certain Oracle/Red Hat/HP/F5-guided deployments) and descri...
CVE-2021-0156
CVE-2021-0156 involves Intel processor firmware and is caused by improper input validation, enabling a local authenticated user to potentially escalate privileges. Public sources in the provided documents indicate vulnerable firmware on specific platforms (e.g., VELOS CX410 and VELOS BX110 blades...
CVE-2022-26343
CVE-2022-26343 concerns improper access control in the BIOS firmware for some Intel processors, enabling local privilege escalation by a privileged user. The connected sources (Intel INTEL-SA-00717 advisory and vendor/Nessus interpretations) describe the issue as a BIOS/firmware level vulnerabili...
CVE-2019-14607
CVE-2019-14607 corresponds to Intel processor vulnerability described as improper conditions check that may allow authenticated local attackers to partially escalate privileges, cause denial of service, or disclose information. Public sources (Intel INTEL-SA-00317) itemize affected families acros...
CVE-2022-21136
CVE-2022-21136 affects Intel Xeon processors and is caused by improper input validation in the processor microarchitectural code, allowing a privileged local user to potentially cause a denial of service. The issue is discussed in multiple advisories (including Intel and F5) and is addressed via ...
CVE-2021-0124
CVE-2021-0124 describes improper access control in Intel processor firmware that could let a privileged user escalate privileges with physical/local access. The vulnerability is documented across multiple sources (NVD entry; IBM QRadar advisories; F5 advisory) and is associated with privilege esc...
CVE-2022-21131
CVE-2022-21131 describes improper access control on some Intel Xeon processors that could allow an authenticated local user to disclose information. The available connected sources confirm this as a local access vulnerability affecting Intel Xeon CPUs and note remediation through microcode update...
CVE-2021-0117
CVE-2021-0117 describes pointer issues in Intel processor firmware that may allow a local attacker to escalate privileges. The vulnerability is rooted in firmware handling, with impacts described as local privilege escalation and, per some sources, possible denial of service or information disclo...
CVE-2021-33124
CVE-2021-33124 refers to an out-of-bounds write in the BIOS authenticated code module for some Intel processors that may allow a privileged local user to escalate privileges. Public advisories (Intel SA-00601) describe this class of BIOS/firmware flaws and recommend applying the latest Intel BIOS...
CVE-2021-0118
CVE-2021-0118 involves an out-of-bounds read in Intel processor firmware that could enable local privilege escalation. Public documents confirm affected surface as Intel processor firmware with local access as the attack vector. IBM and F5 advisories reference this CVE among a family of firmware ...
CVE-2021-0125
CVE-2021-0125 is a confirmed Intel processor firmware vulnerability caused by improper initialization that can enable privilege escalation with physical/local access. Connected sources name affected platforms and vendor advisories; e.g., IBM QRadar M6/M5 firmware lines and IBM Cloud Pak System up...
CVE-2021-33123
CVE-2021-33123 : Improper access control in the BIOS authenticated code module for certain Intel processors may allow a locally authenticated user to escalate privileges. The issue is discussed in the Intel IPU BIOS advisory (INTEL-SA-00601) with CVSS v3.1 base scores reported as high (up to 8.2)...
CVE-2022-43505
The CVE-2022-43505 issue affects Intel BIOS firmware due to Insufficient control flow management in the BIOS, which may allow a privileged local user to cause a denial of service. Intel’s INTEL-SA-00813 advisory and associated feeds describe vulnerable BIOS implementations and list affected Intel...
CVE-2019-11136
CVE-2019-11136 affects Intel firmware for Xeon® Scalable Processors (2nd Gen Xeon Scalable and Xeon D Family). Root cause: insufficient access control in system firmware, enabling a locally authenticated attacker to escalate privileges, potentially cause denial of service or information disclosur...
CVE-2021-0159
CVE-2021-0159 concerns Intel BIOS firmware: improper input validation in the BIOS authenticated code module for certain Intel CPUs may allow a local privileged user to escalate privileges. The vulnerability is documented by Intel’s advisory INTEL-SA-00601 (and related Intel security notes) and su...
CVE-2020-0590
CVE-2020-0590 describes improper input validation in BIOS firmware for some Intel processors, potentially allowing privilege escalation via local access for an authenticated user. Public documents identify the vulnerability and note mitigations via BIOS updates. Affected platforms span multiple I...
CVE-2019-11137
CVE-2019-11137 affects Intel firmware in multiple Xeon families (Scalable, D, E5 v4, E7 v4, Atom C Series). Root cause: insufficient input validation in system firmware, enabling a local privileged attacker to escalate privileges, cause denial of service, and disclose information. Affected compon...
CVE-2021-0189
CVE-2021-0189 affects Intel BIOS firmware via a use of out-of-range pointer offset in the BIOS firmware for some Intel processors, enabling potential privilege escalation through local access. The issue is documented across multiple sources (Intel INTEL-SA-00601, NVD entry, and related advisories...
CVE-2019-0152
CVE-2019-0152 refers to insufficient memory protection in System Management Mode (SMM) and Intel TXT for certain Intel Xeon processors, allowing a privileged local attacker to potentially escalate privileges. Public details across connected sources confirm the affected components (SMM and TXT in ...
CVE-2022-32231
CVE-2022-32231 involves improper initialization in the BIOS firmware on certain Intel processors, which may allow a privileged local attacker to escalate privileges. The issue is tied to Intel BIOS firmware affected by INTEL-SA-00717; adversaries could leverage local access to achieve higher priv...