18 matches found
CVE-2023-23908
CVE-2023-23908 remains an information-disclosure risk tied to improper access control in some 3rd Gen Intel Xeon Scalable processors. Connected advisories indicate mitigations via microcode updates. Notable remediation references across sources include: Debian security advisories (intel-microcode...
CVE-2022-41804
CVE-2022-41804 describes unauthorized error injection in Intel SGX or Intel TDX on some Intel Xeon CPUs that could enable local privilege escalation. Public sources (Intel advisory INTEL-SA-00837 and Debian/Cloud Foundry advisories) confirm the vulnerability and provide mitigations. Affected prod...
CVE-2022-21216
CVE-2022-21216 centers on insufficient granularity of access control in out-of-band management for certain Intel Atom/Xeon processors, potentially enabling privilege escalation via adjacent network access. Connected sources corroborate the issue across Linux advisories and vendor intel-microcode ...
CVE-2023-23583
CVE-2023-23583 is an Intel microcode issue where mishandling of certain sequences of processor instructions on Intel Ice Lake and newer CPUs may allow a local attacker to escalate privileges, disclose information, or cause denial of service. Publicly documented impact and mitigations come from mu...
CVE-2022-21151
CVE-2022-21151 involves Intel processors where optimization/removal of security-critical code in the processor microcode can allow an authenticated local attacker to cause information disclosure. Affected vectors are local access with low attack complexity and no user interaction. Public docs con...
CVE-2022-38090
CVE-2022-38090 is listed across multiple advisories (Debian DLA, ALAS, ALAS2, Cloud Foundry USN, Astra Linux) as part of Intel microcode vulnerabilities. The core issue is improper isolation of shared resources on Intel processors when using Intel SGX, potentially enabling information disclosure ...
CVE-2022-33196
CVE-2022-33196 is an Intel microcode issue described as: Incorrect default permissions in memory controller configurations on some Intel Xeon processors when using Intel SGX, potentially enabling privilege escalation via local access. Connected sources confirm affected components and mitigations ...
CVE-2021-33124
CVE-2021-33124 refers to an out-of-bounds write in the BIOS authenticated code module for some Intel processors that may allow a privileged local user to escalate privileges. Public advisories (Intel SA-00601) describe this class of BIOS/firmware flaws and recommend applying the latest Intel BIOS...
CVE-2022-33972
CVE-2022-33972 concerns Intel microcode on some 3rd Gen Xeon Scalable processors. The root cause is an incorrect calculation in the microcode keying mechanism, which may allow a privileged local user to disclose information. Public records in connected docs confirm this CVE and cite Intel’s advis...
CVE-2021-33123
CVE-2021-33123 : Improper access control in the BIOS authenticated code module for certain Intel processors may allow a locally authenticated user to escalate privileges. The issue is discussed in the Intel IPU BIOS advisory (INTEL-SA-00601) with CVSS v3.1 base scores reported as high (up to 8.2)...
CVE-2022-43505
The CVE-2022-43505 issue affects Intel BIOS firmware due to Insufficient control flow management in the BIOS, which may allow a privileged local user to cause a denial of service. Intel’s INTEL-SA-00813 advisory and associated feeds describe vulnerable BIOS implementations and list affected Intel...
CVE-2021-0159
CVE-2021-0159 concerns Intel BIOS firmware: improper input validation in the BIOS authenticated code module for certain Intel CPUs may allow a local privileged user to escalate privileges. The vulnerability is documented by Intel’s advisory INTEL-SA-00601 (and related Intel security notes) and su...
CVE-2022-26837
CVE-2022-26837 is a vulnerability in the BIOS firmware of some Intel processors caused by improper input validation, enabling a locally authenticated attacker to potentially escalate privileges. Intel’s INTEL-SA-00717 advisory maps this CVE to affected families (e.g., 3rd Gen Xeon Scalable, Xeon ...
CVE-2021-0187
CVE-2021-0187 is an Intel BIOS firmware vulnerability caused by improper access control, potentially enabling privilege escalation via local access. Affected are some Intel processors; exploitation is local with high privileges required and can impact confidentiality, integrity, and availability ...
CVE-2022-30539
CVE-2022-30539 is a use-after-free vulnerability in the BIOS firmware for some Intel processors that may allow a privileged local attacker to escalate privileges. The Intel advisory INTEL-SA-00717 documents this issue alongside other BIOS-related CVEs, lists affected Intel processors, and recomme...
CVE-2022-32231
CVE-2022-32231 involves improper initialization in the BIOS firmware on certain Intel processors, which may allow a privileged local attacker to escalate privileges. The issue is tied to Intel BIOS firmware affected by INTEL-SA-00717; adversaries could leverage local access to achieve higher priv...
CVE-2021-33060
CVE-2021-33060 is an Intel BIOS/IPU vulnerability causing an out-of-bounds write in BIOS firmware that could let an authenticated local user escalate privileges. The Intel advisory (INTEL-SA-00686) lists affected products as certain 3rd Gen Intel Xeon Scalable Processors and Intel IPU BIOS, with ...
CVE-2021-0186
CVE-2021-0186 involves an improper input validation in Intel\u00ae SGX SDK applications compiled for SGX2-enabled processors that could allow local privilege escalation. The Intel advisory (INTEL-SA-00548) confirms affected products: Intel SGX SDK for Windows <= v2.12 and Linux