18 matches found
CVE-2021-0116
CVE-2021-0116 is an Intel firmware vulnerability described as an out-of-bounds write in the affected Intel processors’ firmware that could allow a local, privileged escalation. Connected documents confirm the CVE details and provide context across multiple vendor advisories (IBM QRadar, F5 adviso...
CVE-2021-0119
CVE-2021-0119 stems from improper initialization in Intel processor firmware that can allow a local attacker with physical access to escalate privileges. Connected advisories confirm affected platforms (e.g., IBM QRadar appliances M5/M6, certain Oracle/Red Hat/HP/F5-guided deployments) and descri...
CVE-2021-0156
CVE-2021-0156 involves Intel processor firmware and is caused by improper input validation, enabling a local authenticated user to potentially escalate privileges. Public sources in the provided documents indicate vulnerable firmware on specific platforms (e.g., VELOS CX410 and VELOS BX110 blades...
CVE-2022-26343
CVE-2022-26343 concerns improper access control in the BIOS firmware for some Intel processors, enabling local privilege escalation by a privileged user. The connected sources (Intel INTEL-SA-00717 advisory and vendor/Nessus interpretations) describe the issue as a BIOS/firmware level vulnerabili...
CVE-2022-21136
CVE-2022-21136 affects Intel Xeon processors and is caused by improper input validation in the processor microarchitectural code, allowing a privileged local user to potentially cause a denial of service. The issue is discussed in multiple advisories (including Intel and F5) and is addressed via ...
CVE-2021-0124
CVE-2021-0124 describes improper access control in Intel processor firmware that could let a privileged user escalate privileges with physical/local access. The vulnerability is documented across multiple sources (NVD entry; IBM QRadar advisories; F5 advisory) and is associated with privilege esc...
CVE-2022-21131
CVE-2022-21131 describes improper access control on some Intel Xeon processors that could allow an authenticated local user to disclose information. The available connected sources confirm this as a local access vulnerability affecting Intel Xeon CPUs and note remediation through microcode update...
CVE-2022-38087
CVE-2022-38087 is described in Intel’s advisory as a BIOS firmware issue for some Intel processors that may allow a privileged local user to cause information disclosure. The Intel SA-00807 entry explicitly documents CVE-2022-38087 with a CVSS v3.1 base score of 4.1 (AV:L/AC:H/PR:H/UI:N/S:U/C:H/I...
CVE-2021-0117
CVE-2021-0117 describes pointer issues in Intel processor firmware that may allow a local attacker to escalate privileges. The vulnerability is rooted in firmware handling, with impacts described as local privilege escalation and, per some sources, possible denial of service or information disclo...
CVE-2019-0151
CVE-2019-0151 describes insufficient memory protection in Intel TXT for certain Intel Core and Xeon processors, potentially enabling privilege escalation via local access. The Intel INTEL-SA-00240 advisory (and related IBM/Lenovo advisories) confirm affected platforms and advise applying firmware...
CVE-2021-0118
CVE-2021-0118 involves an out-of-bounds read in Intel processor firmware that could enable local privilege escalation. Public documents confirm affected surface as Intel processor firmware with local access as the attack vector. IBM and F5 advisories reference this CVE among a family of firmware ...
CVE-2021-0125
CVE-2021-0125 is a confirmed Intel processor firmware vulnerability caused by improper initialization that can enable privilege escalation with physical/local access. Connected sources name affected platforms and vendor advisories; e.g., IBM QRadar M6/M5 firmware lines and IBM Cloud Pak System up...
CVE-2022-43505
The CVE-2022-43505 issue affects Intel BIOS firmware due to Insufficient control flow management in the BIOS, which may allow a privileged local user to cause a denial of service. Intel’s INTEL-SA-00813 advisory and associated feeds describe vulnerable BIOS implementations and list affected Intel...
CVE-2019-11136
CVE-2019-11136 affects Intel firmware for Xeon® Scalable Processors (2nd Gen Xeon Scalable and Xeon D Family). Root cause: insufficient access control in system firmware, enabling a locally authenticated attacker to escalate privileges, potentially cause denial of service or information disclosur...
CVE-2020-0590
CVE-2020-0590 describes improper input validation in BIOS firmware for some Intel processors, potentially allowing privilege escalation via local access for an authenticated user. Public documents identify the vulnerability and note mitigations via BIOS updates. Affected platforms span multiple I...
CVE-2019-11137
CVE-2019-11137 affects Intel firmware in multiple Xeon families (Scalable, D, E5 v4, E7 v4, Atom C Series). Root cause: insufficient input validation in system firmware, enabling a local privileged attacker to escalate privileges, cause denial of service, and disclose information. Affected compon...
CVE-2019-0152
CVE-2019-0152 refers to insufficient memory protection in System Management Mode (SMM) and Intel TXT for certain Intel Xeon processors, allowing a privileged local attacker to potentially escalate privileges. Public details across connected sources confirm the affected components (SMM and TXT in ...
CVE-2022-32231
CVE-2022-32231 involves improper initialization in the BIOS firmware on certain Intel processors, which may allow a privileged local attacker to escalate privileges. The issue is tied to Intel BIOS firmware affected by INTEL-SA-00717; adversaries could leverage local access to achieve higher priv...