Lucene search
K
IntelXeon Platinum 8358 Firmware

18 matches found

CVE
CVE
added 2023/08/11 2:37 a.m.347 views

CVE-2023-23908

CVE-2023-23908 remains an information-disclosure risk tied to improper access control in some 3rd Gen Intel Xeon Scalable processors. Connected advisories indicate mitigations via microcode updates. Notable remediation references across sources include: Debian security advisories (intel-microcode...

6CVSS4.8AI score0.00308EPSS
CVE
CVE
added 2023/08/11 2:37 a.m.334 views

CVE-2022-41804

CVE-2022-41804 describes unauthorized error injection in Intel SGX or Intel TDX on some Intel Xeon CPUs that could enable local privilege escalation. Public sources (Intel advisory INTEL-SA-00837 and Debian/Cloud Foundry advisories) confirm the vulnerability and provide mitigations. Affected prod...

7.2CVSS6.5AI score0.00312EPSS
CVE
CVE
added 2023/02/16 7:59 p.m.206 views

CVE-2022-21216

CVE-2022-21216 centers on insufficient granularity of access control in out-of-band management for certain Intel Atom/Xeon processors, potentially enabling privilege escalation via adjacent network access. Connected sources corroborate the issue across Linux advisories and vendor intel-microcode ...

7.5CVSS6.5AI score0.00539EPSS
CVE
CVE
added 2023/11/14 7:4 p.m.183 views

CVE-2023-23583

CVE-2023-23583 is an Intel microcode issue where mishandling of certain sequences of processor instructions on Intel Ice Lake and newer CPUs may allow a local attacker to escalate privileges, disclose information, or cause denial of service. Publicly documented impact and mitigations come from mu...

8.8CVSS7.5AI score0.01728EPSS
CVE
CVE
added 2022/05/12 4:36 p.m.181 views

CVE-2022-21151

CVE-2022-21151 involves Intel processors where optimization/removal of security-critical code in the processor microcode can allow an authenticated local attacker to cause information disclosure. Affected vectors are local access with low attack complexity and no user interaction. Public docs con...

5.5CVSS5.2AI score0.00347EPSS
CVE
CVE
added 2023/02/16 8:0 p.m.177 views

CVE-2022-38090

CVE-2022-38090 is listed across multiple advisories (Debian DLA, ALAS, ALAS2, Cloud Foundry USN, Astra Linux) as part of Intel microcode vulnerabilities. The core issue is improper isolation of shared resources on Intel processors when using Intel SGX, potentially enabling information disclosure ...

6CVSS4.2AI score0.00249EPSS
CVE
CVE
added 2023/02/16 8:0 p.m.172 views

CVE-2022-33196

CVE-2022-33196 is an Intel microcode issue described as: Incorrect default permissions in memory controller configurations on some Intel Xeon processors when using Intel SGX, potentially enabling privilege escalation via local access. Connected sources confirm affected components and mitigations ...

7.2CVSS6.4AI score0.00213EPSS
CVE
CVE
added 2022/05/12 4:36 p.m.109 views

CVE-2021-33124

CVE-2021-33124 refers to an out-of-bounds write in the BIOS authenticated code module for some Intel processors that may allow a privileged local user to escalate privileges. Public advisories (Intel SA-00601) describe this class of BIOS/firmware flaws and recommend applying the latest Intel BIOS...

7.2CVSS6.3AI score0.00252EPSS
CVE
CVE
added 2023/02/16 8:0 p.m.109 views

CVE-2022-33972

CVE-2022-33972 concerns Intel microcode on some 3rd Gen Xeon Scalable processors. The root cause is an incorrect calculation in the microcode keying mechanism, which may allow a privileged local user to disclose information. Public records in connected docs confirm this CVE and cite Intel’s advis...

6.1CVSS4.3AI score0.0022EPSS
CVE
CVE
added 2022/05/12 4:36 p.m.102 views

CVE-2021-33123

CVE-2021-33123 : Improper access control in the BIOS authenticated code module for certain Intel processors may allow a locally authenticated user to escalate privileges. The issue is discussed in the Intel IPU BIOS advisory (INTEL-SA-00601) with CVSS v3.1 base scores reported as high (up to 8.2)...

7.8CVSS7.4AI score0.00253EPSS
CVE
CVE
added 2023/08/11 2:37 a.m.100 views

CVE-2022-43505

The CVE-2022-43505 issue affects Intel BIOS firmware due to Insufficient control flow management in the BIOS, which may allow a privileged local user to cause a denial of service. Intel’s INTEL-SA-00813 advisory and associated feeds describe vulnerable BIOS implementations and list affected Intel...

4.4CVSS4.3AI score0.00158EPSS
CVE
CVE
added 2022/05/12 4:36 p.m.91 views

CVE-2021-0159

CVE-2021-0159 concerns Intel BIOS firmware: improper input validation in the BIOS authenticated code module for certain Intel CPUs may allow a local privileged user to escalate privileges. The vulnerability is documented by Intel’s advisory INTEL-SA-00601 (and related Intel security notes) and su...

7.8CVSS7.4AI score0.00259EPSS
CVE
CVE
added 2023/02/16 7:59 p.m.86 views

CVE-2022-26837

CVE-2022-26837 is a vulnerability in the BIOS firmware of some Intel processors caused by improper input validation, enabling a locally authenticated attacker to potentially escalate privileges. Intel’s INTEL-SA-00717 advisory maps this CVE to affected families (e.g., 3rd Gen Xeon Scalable, Xeon ...

7.5CVSS7.2AI score0.00223EPSS
CVE
CVE
added 2023/02/16 12:0 a.m.85 views

CVE-2021-0187

CVE-2021-0187 is an Intel BIOS firmware vulnerability caused by improper access control, potentially enabling privilege escalation via local access. Affected are some Intel processors; exploitation is local with high privileges required and can impact confidentiality, integrity, and availability ...

8.2CVSS8AI score0.00213EPSS
CVE
CVE
added 2023/02/16 7:59 p.m.81 views

CVE-2022-30539

CVE-2022-30539 is a use-after-free vulnerability in the BIOS firmware for some Intel processors that may allow a privileged local attacker to escalate privileges. The Intel advisory INTEL-SA-00717 documents this issue alongside other BIOS-related CVEs, lists affected Intel processors, and recomme...

7.5CVSS7AI score0.00211EPSS
CVE
CVE
added 2023/02/16 7:59 p.m.77 views

CVE-2022-32231

CVE-2022-32231 involves improper initialization in the BIOS firmware on certain Intel processors, which may allow a privileged local attacker to escalate privileges. The issue is tied to Intel BIOS firmware affected by INTEL-SA-00717; adversaries could leverage local access to achieve higher priv...

7.5CVSS6.5AI score0.00211EPSS
CVE
CVE
added 2022/08/18 7:58 p.m.73 views

CVE-2021-33060

CVE-2021-33060 is an Intel BIOS/IPU vulnerability causing an out-of-bounds write in BIOS firmware that could let an authenticated local user escalate privileges. The Intel advisory (INTEL-SA-00686) lists affected products as certain 3rd Gen Intel Xeon Scalable Processors and Intel IPU BIOS, with ...

7.8CVSS7.7AI score0.00251EPSS
CVE
CVE
added 2021/11/17 7:45 p.m.61 views

CVE-2021-0186

CVE-2021-0186 involves an improper input validation in Intel\u00ae SGX SDK applications compiled for SGX2-enabled processors that could allow local privilege escalation. The Intel advisory (INTEL-SA-00548) confirms affected products: Intel SGX SDK for Windows <= v2.12 and Linux

6.7CVSS6.6AI score0.0032EPSS