Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2021-AVI-446
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
Vendor | Product | Description | ||
---|---|---|---|---|
Intel | N/A | Intel RealSense ID F450 et F455 sans le dernier correctif de sécurité | ||
Intel | N/A | Intel Optane DC Persistent Memory for Windows versions antérieures à 2.00.00.3842 et 1.00.00.3515 | ||
Intel | N/A | Intel VTune Profiler versions antérieures à 2021.1.1 | ||
Intel | N/A | Intel SGX (se référer au bulletin de sécurité intel-sa-00477 de l'éditeur, cf. section Documentation) | ||
Intel | N/A | les produits Intel Wireless Bluetooth et Killer Bluetooth (se référer au bulletin de sécurité intel-sa-00520 de l'éditeur, cf. section Documentation) | ||
Intel | N/A | Intel SSD Data Center Tool versions téléchargées avant le 31 décembre 2020, Intel recommande de remplacer cet outil par Intel Memory and Storage Tool (MAS) for SSD | ||
Intel | N/A | Intel NUC M15 Laptop Kit Driver Pack versions antérieures à 1.1 | ||
Intel | N/A | Intel Rapid Storage Technology versions antérieures à 17.9.1.1009.5, 18.0.3.1148.4 et 18.1.0.1028.2 | ||
Intel | N/A | les processeurs Intel (se référer aux bulletins de sécurité intel-sa-00442, intel-sa-00463, intel-sa-00521, intel-sa-00459, intel-sa-00464, intel-sa-00465, intel-sa-00500 et intel-sa-00516 de l'éditeur, cf. section Documentation) | ||
Intel | N/A | les versions du noyau Linux antérieures à 5.13 qui supportent BlueZ | ||
Intel | N/A | Intel Processor Diagnostic Tool versions antérieures à 4.1.5.37 | ||
Intel | N/A | les pilotes WiFi Intel ProSet/Wireless versions antérieures à 22.0 | ||
Intel | N/A | Intel Computing Improvement Program versions antérieures à 2.4.6522 | ||
Intel | N/A | Intel DSA versions antérieures à 20.11.50.9 | ||
Intel | N/A | les pilotes Intel NUC 9 Extreme Laptop Kit LAN versions antérieures à 10.45 | ||
Intel | N/A | Intel Server Board M10JNP2SB sans la mise à jour comprenant EFI BIOS 7215 et BMC 8100.01.08 | ||
Intel | N/A | Intel Unite Client pour Windows versions antérieures à 4.2.25031 | ||
Intel | N/A | Intel Thunderbolt (se référer au bulletin de sécurité intel-sa-00401 de l'éditeur, cf. section Documentation) | ||
Intel | N/A | Intel Brand Verification Tool versions antérieures à 11.0.0.1225 | ||
Intel | N/A | Intel Server System gammes R1000WF et R2000WF, Server Board gamme S2600WF, Server Board gamme S2600ST, Compute Module gamme HNS2600BP et Server Board gamme S2600BP versions antérieures à 2.48.ce3e3bd2 | ||
Intel | N/A | Intel NUC (se référer au bulletin de sécurité intel-sa-00511 de l'éditeur, cf. section Documentation) | ||
Intel | N/A | les pilotes FPGA OPAE pour Linux (se référer au bulletin de sécurité intel-sa-00440 de l'éditeur, cf. section Documentation) | ||
Intel | N/A | Intel IPP versions antérieures à 2020 update 1 |
References
{ "$ref": "https://www.cert.ssi.gouv.fr/openapi.json", "affected_systems": [ { "description": "Intel RealSense ID F450 et F455 sans le dernier correctif de s\u00e9curit\u00e9", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "Intel Optane DC Persistent Memory for Windows versions ant\u00e9rieures \u00e0 2.00.00.3842 et 1.00.00.3515", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "Intel VTune Profiler versions ant\u00e9rieures \u00e0 2021.1.1", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "Intel SGX (se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 intel-sa-00477 de l\u0027\u00e9diteur, cf. section Documentation)", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "les produits Intel Wireless Bluetooth et Killer Bluetooth (se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 intel-sa-00520 de l\u0027\u00e9diteur, cf. section Documentation)", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "Intel SSD Data Center Tool versions t\u00e9l\u00e9charg\u00e9es avant le 31 d\u00e9cembre 2020, Intel recommande de remplacer cet outil par Intel Memory and Storage Tool (MAS) for SSD", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "Intel NUC M15 Laptop Kit Driver Pack versions ant\u00e9rieures \u00e0 1.1", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "Intel Rapid Storage Technology versions ant\u00e9rieures \u00e0 17.9.1.1009.5, 18.0.3.1148.4 et 18.1.0.1028.2", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "les processeurs Intel (se r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 intel-sa-00442, intel-sa-00463, intel-sa-00521, intel-sa-00459, intel-sa-00464, intel-sa-00465, intel-sa-00500 et intel-sa-00516 de l\u0027\u00e9diteur, cf. section Documentation)", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "les versions du noyau Linux ant\u00e9rieures \u00e0 5.13 qui supportent BlueZ", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "Intel Processor Diagnostic Tool versions ant\u00e9rieures \u00e0 4.1.5.37", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "les pilotes WiFi Intel ProSet/Wireless versions ant\u00e9rieures \u00e0 22.0", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "Intel Computing Improvement Program versions ant\u00e9rieures \u00e0 2.4.6522", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "Intel DSA versions ant\u00e9rieures \u00e0 20.11.50.9", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "les pilotes Intel NUC 9 Extreme Laptop Kit LAN versions ant\u00e9rieures \u00e0 10.45", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "Intel Server Board M10JNP2SB sans la mise \u00e0 jour comprenant EFI BIOS 7215 et BMC 8100.01.08", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "Intel Unite Client pour Windows versions ant\u00e9rieures \u00e0 4.2.25031", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "Intel Thunderbolt (se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 intel-sa-00401 de l\u0027\u00e9diteur, cf. section Documentation)", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "Intel Brand Verification Tool versions ant\u00e9rieures \u00e0 11.0.0.1225", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "Intel Server System gammes R1000WF et R2000WF, Server Board gamme S2600WF, Server Board gamme S2600ST, Compute Module gamme HNS2600BP et Server Board gamme S2600BP versions ant\u00e9rieures \u00e0 2.48.ce3e3bd2", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "Intel NUC (se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 intel-sa-00511 de l\u0027\u00e9diteur, cf. section Documentation)", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "les pilotes FPGA OPAE pour Linux (se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 intel-sa-00440 de l\u0027\u00e9diteur, cf. section Documentation)", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } }, { "description": "Intel IPP versions ant\u00e9rieures \u00e0 2020 update 1", "product": { "name": "N/A", "vendor": { "name": "Intel", "scada": false } } } ], "affected_systems_content": null, "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n", "cves": [ { "name": "CVE-2021-0090", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0090" }, { "name": "CVE-2020-24516", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24516" }, { "name": "CVE-2020-12288", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12288" }, { "name": "CVE-2020-8700", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8700" }, { "name": "CVE-2020-24474", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24474" }, { "name": "CVE-2021-0134", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0134" }, { "name": "CVE-2021-0094", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0094" }, { "name": "CVE-2021-0086", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0086" }, { "name": "CVE-2020-12289", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12289" }, { "name": "CVE-2020-12293", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12293" }, { "name": "CVE-2021-0089", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0089" }, { "name": "CVE-2021-0051", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0051" }, { "name": "CVE-2020-12292", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12292" }, { "name": "CVE-2021-0098", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0098" }, { "name": "CVE-2021-0095", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0095" }, { "name": "CVE-2021-0052", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0052" }, { "name": "CVE-2020-12291", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12291" }, { "name": "CVE-2020-12360", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12360" }, { "name": "CVE-2021-0073", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0073" }, { "name": "CVE-2021-0056", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0056" }, { "name": "CVE-2021-0132", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0132" }, { "name": "CVE-2021-0001", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0001" }, { "name": "CVE-2020-8703", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8703" }, { "name": "CVE-2021-0100", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0100" }, { "name": "CVE-2020-12357", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12357" }, { "name": "CVE-2021-0129", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0129" }, { "name": "CVE-2020-24475", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24475" }, { "name": "CVE-2020-8702", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8702" }, { "name": "CVE-2021-0058", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0058" }, { "name": "CVE-2021-0097", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0097" }, { "name": "CVE-2020-24513", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24513" }, { "name": "CVE-2020-24514", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24514" }, { "name": "CVE-2021-0104", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0104" }, { "name": "CVE-2021-0108", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0108" }, { "name": "CVE-2020-24473", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24473" }, { "name": "CVE-2020-24507", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24507" }, { "name": "CVE-2021-0070", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0070" }, { "name": "CVE-2020-12358", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12358" }, { "name": "CVE-2020-24509", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24509" }, { "name": "CVE-2020-26558", "url": "https://www.cve.org/CVERecord?id=CVE-2020-26558" }, { "name": "CVE-2021-0106", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0106" }, { "name": "CVE-2020-12290", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12290" }, { "name": "CVE-2021-0057", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0057" }, { "name": "CVE-2020-24485", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24485" }, { "name": "CVE-2021-0113", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0113" }, { "name": "CVE-2020-8670", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8670" }, { "name": "CVE-2020-24515", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24515" }, { "name": "CVE-2020-8704", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8704" }, { "name": "CVE-2020-12296", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12296" }, { "name": "CVE-2021-0102", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0102" }, { "name": "CVE-2020-12294", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12294" }, { "name": "CVE-2020-12295", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12295" }, { "name": "CVE-2021-0101", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0101" }, { "name": "CVE-2020-12359", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12359" }, { "name": "CVE-2021-0077", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0077" }, { "name": "CVE-2021-0105", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0105" }, { "name": "CVE-2020-24486", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24486" }, { "name": "CVE-2021-0131", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0131" }, { "name": "CVE-2021-0067", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0067" }, { "name": "CVE-2020-24506", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24506" }, { "name": "CVE-2020-24512", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24512" }, { "name": "CVE-2021-0074", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0074" }, { "name": "CVE-2020-26555", "url": "https://www.cve.org/CVERecord?id=CVE-2020-26555" }, { "name": "CVE-2021-24489", "url": "https://www.cve.org/CVERecord?id=CVE-2021-24489" }, { "name": "CVE-2020-24511", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24511" }, { "name": "CVE-2021-0055", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0055" }, { "name": "CVE-2021-0133", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0133" }, { "name": "CVE-2021-0112", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0112" }, { "name": "CVE-2021-0054", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0054" } ], "initial_release_date": "2021-06-09T00:00:00", "last_revision_date": "2021-06-09T00:00:00", "links": [], "reference": "CERTFR-2021-AVI-446", "revisions": [ { "description": "Version initiale", "revision_date": "2021-06-09T00:00:00.000000" } ], "risks": [ { "description": "D\u00e9ni de service \u00e0 distance" }, { "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es" }, { "description": "\u00c9l\u00e9vation de privil\u00e8ges" } ], "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation\nde privil\u00e8ges.\n", "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel", "vendor_advisories": [ { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00516 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00463 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00510 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00510.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00506 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00505 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00505.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00545 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00545.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00520 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00442 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00477 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00477.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00476 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00472 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00472.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00530 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00530.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00458 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00458.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00521 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00401 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00440 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00440.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00507 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00507.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00459 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00541 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00541.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00474 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00500 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00500.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00518 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00518.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00546 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00517 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00511 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00537 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00537.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00465 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00460 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00460.html" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00464 du 08 juin 2021", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html" } ] }
CVE-2020-24475 (GCVE-0-2020-24475)
Vulnerability from cvelistv5
Published
2021-06-09 19:01
Modified
2024-08-04 15:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Improper initialization in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable denial of service via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Server Boards, Server Systems and Compute Modules |
Version: before version 2.48.ce3e3bd2 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:12:08.742Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Server Boards, Server Systems and Compute Modules", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 2.48.ce3e3bd2" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper initialization in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable denial of service via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:01:50", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24475", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Server Boards, Server Systems and Compute Modules", "version": { "version_data": [ { "version_value": "before version 2.48.ce3e3bd2" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper initialization in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable denial of service via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24475", "datePublished": "2021-06-09T19:01:50", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2024-08-04T15:12:08.742Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-26558 (GCVE-0-2020-26558)
Vulnerability from cvelistv5
Published
2021-05-24 17:22
Modified
2024-08-04 15:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.
References
URL | Tags | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:56:04.444Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://kb.cert.org/vuls/id/799380" }, { "name": "FEDORA-2021-a35b44fd9f", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html" }, { "name": "[debian-lts-announce] 20210626 [SECURITY] [DLA 2692-1] bluez security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html" }, { "name": "DSA-4951", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4951" }, { "name": "GLSA-202209-16", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202209-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-09-29T16:07:24", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://kb.cert.org/vuls/id/799380" }, { "name": "FEDORA-2021-a35b44fd9f", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html" }, { "name": "[debian-lts-announce] 20210626 [SECURITY] [DLA 2692-1] bluez security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html" }, { "name": "DSA-4951", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-4951" }, { "name": "GLSA-202209-16", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202209-16" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-26558", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/", "refsource": "MISC", "url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/" }, { "name": "https://kb.cert.org/vuls/id/799380", "refsource": "MISC", "url": "https://kb.cert.org/vuls/id/799380" }, { "name": "FEDORA-2021-a35b44fd9f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ/" }, { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html", "refsource": "CONFIRM", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html" }, { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html", "refsource": "CONFIRM", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html" }, { "name": "[debian-lts-announce] 20210626 [SECURITY] [DLA 2692-1] bluez security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html" }, { "name": "DSA-4951", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4951" }, { "name": "GLSA-202209-16", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202209-16" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-26558", "datePublished": "2021-05-24T17:22:16", "dateReserved": "2020-10-04T00:00:00", "dateUpdated": "2024-08-04T15:56:04.444Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-12295 (GCVE-0-2020-12295)
Vulnerability from cvelistv5
Published
2021-06-09 18:37
Modified
2024-08-04 11:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Improper input validation in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Thunderbolt(TM) controllers |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:56:50.453Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Thunderbolt(TM) controllers", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper input validation in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T18:37:41", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-12295", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Thunderbolt(TM) controllers", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper input validation in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-12295", "datePublished": "2021-06-09T18:37:41", "dateReserved": "2020-04-28T00:00:00", "dateUpdated": "2024-08-04T11:56:50.453Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0129 (GCVE-0-2021-0129)
Vulnerability from cvelistv5
Published
2021-06-09 19:50
Modified
2024-08-03 15:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
Summary
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
References
URL | Tags | ||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:09.439Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html" }, { "name": "[debian-lts-announce] 20210626 [SECURITY] [DLA 2692-1] bluez security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210716-0002/" }, { "name": "DSA-4951", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4951" }, { "name": "GLSA-202209-16", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202209-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "BlueZ", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access." } ], "problemTypes": [ { "descriptions": [ { "description": "information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-09-29T16:07:23", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html" }, { "name": "[debian-lts-announce] 20210626 [SECURITY] [DLA 2692-1] bluez security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210716-0002/" }, { "name": "DSA-4951", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-4951" }, { "name": "GLSA-202209-16", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202209-16" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0129", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "BlueZ", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html" }, { "name": "[debian-lts-announce] 20210626 [SECURITY] [DLA 2692-1] bluez security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210716-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210716-0002/" }, { "name": "DSA-4951", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4951" }, { "name": "GLSA-202209-16", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202209-16" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0129", "datePublished": "2021-06-09T19:50:59", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:32:09.439Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0095 (GCVE-0-2021-0095)
Vulnerability from cvelistv5
Published
2021-06-09 18:50
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access.
References
URL | Tags | |||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Processors |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.787Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210625-0009/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Processors", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-25T05:06:15", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210625-0009/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0095", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Processors", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210625-0009/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210625-0009/" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0095", "datePublished": "2021-06-09T18:50:47", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.787Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-12289 (GCVE-0-2020-12289)
Vulnerability from cvelistv5
Published
2021-06-09 18:42
Modified
2024-08-04 11:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Out-of-bounds write in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Thunderbolt(TM) controllers |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:48:58.553Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Thunderbolt(TM) controllers", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds write in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T18:42:50", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-12289", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Thunderbolt(TM) controllers", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Out-of-bounds write in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-12289", "datePublished": "2021-06-09T18:42:50", "dateReserved": "2020-04-28T00:00:00", "dateUpdated": "2024-08-04T11:48:58.553Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-24514 (GCVE-0-2020-24514)
Vulnerability from cvelistv5
Published
2021-06-09 18:48
Modified
2024-08-04 15:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper authentication in some Intel(R) RealSense(TM) IDs may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) RealSense(TM) IDs |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:12:08.971Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00460.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) RealSense(TM) IDs", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper authentication in some Intel(R) RealSense(TM) IDs may allow an unauthenticated user to potentially enable escalation of privilege via physical access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T18:48:55", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00460.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24514", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) RealSense(TM) IDs", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper authentication in some Intel(R) RealSense(TM) IDs may allow an unauthenticated user to potentially enable escalation of privilege via physical access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00460.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00460.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24514", "datePublished": "2021-06-09T18:48:55", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2024-08-04T15:12:08.971Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0054 (GCVE-0-2021-0054)
Vulnerability from cvelistv5
Published
2021-06-09 19:07
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) NUCs |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.859Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) NUCs", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:07:39", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0054", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) NUCs", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0054", "datePublished": "2021-06-09T19:07:39", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.859Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-24516 (GCVE-0-2020-24516)
Vulnerability from cvelistv5
Published
2021-06-09 18:47
Modified
2024-08-04 15:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Modification of assumed-immutable data in subsystem in Intel(R) CSME versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
References
URL | Tags | |||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) CSME versions |
Version: versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:12:09.005Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210625-0008/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) CSME versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22" } ] } ], "descriptions": [ { "lang": "en", "value": "Modification of assumed-immutable data in subsystem in Intel(R) CSME versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22 may allow an unauthenticated user to potentially enable escalation of privilege via physical access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-25T05:06:20", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210625-0008/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24516", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) CSME versions", "version": { "version_data": [ { "version_value": "versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Modification of assumed-immutable data in subsystem in Intel(R) CSME versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22 may allow an unauthenticated user to potentially enable escalation of privilege via physical access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210625-0008/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210625-0008/" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24516", "datePublished": "2021-06-09T18:47:56", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2024-08-04T15:12:09.005Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0051 (GCVE-0-2021-0051)
Vulnerability from cvelistv5
Published
2021-06-09 19:02
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Improper input validation in the Intel(R) SPS versions before SPS_E5_04.04.04.023.0, SPS_E5_04.04.03.228.0 or SPS_SoC-A_05.00.03.098.0 may allow a privileged user to potentially enable denial of service via local access.
References
URL | Tags | |||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) SPS versions |
Version: versions before SPS_E5_04.04.04.023.0, SPS_E5_04.04.03.228.0 or SPS_SoC-A_05.00.03.098.0 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.883Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00500.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210716-0001/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) SPS versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "versions before SPS_E5_04.04.04.023.0, SPS_E5_04.04.03.228.0 or SPS_SoC-A_05.00.03.098.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper input validation in the Intel(R) SPS versions before SPS_E5_04.04.04.023.0, SPS_E5_04.04.03.228.0 or SPS_SoC-A_05.00.03.098.0 may allow a privileged user to potentially enable denial of service via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-16T10:06:35", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00500.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210716-0001/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0051", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) SPS versions", "version": { "version_data": [ { "version_value": "versions before SPS_E5_04.04.04.023.0, SPS_E5_04.04.03.228.0 or SPS_SoC-A_05.00.03.098.0" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper input validation in the Intel(R) SPS versions before SPS_E5_04.04.04.023.0, SPS_E5_04.04.03.228.0 or SPS_SoC-A_05.00.03.098.0 may allow a privileged user to potentially enable denial of service via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00500.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00500.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210716-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210716-0001/" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0051", "datePublished": "2021-06-09T19:02:01", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.883Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-12360 (GCVE-0-2020-12360)
Vulnerability from cvelistv5
Published
2021-06-09 18:53
Modified
2024-08-04 11:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Out of bounds read in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Processors |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:56:51.566Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Processors", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Out of bounds read in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-10T11:06:44", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-12360", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Processors", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Out of bounds read in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210702-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-12360", "datePublished": "2021-06-09T18:53:39", "dateReserved": "2020-04-28T00:00:00", "dateUpdated": "2024-08-04T11:56:51.566Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-24485 (GCVE-0-2020-24485)
Vulnerability from cvelistv5
Published
2021-02-17 13:35
Modified
2024-08-04 15:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper conditions check in the Intel(R) FPGA OPAE Driver for Linux before kernel version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) FPGA OPAE Driver for Linux |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:12:09.225Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00440.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) FPGA OPAE Driver for Linux", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper conditions check in the Intel(R) FPGA OPAE Driver for Linux before kernel version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T18:42:59", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00440.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24485", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) FPGA OPAE Driver for Linux", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper conditions check in the Intel(R) FPGA OPAE Driver for Linux before kernel version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00440.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00440.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24485", "datePublished": "2021-02-17T13:35:56", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2024-08-04T15:12:09.225Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0105 (GCVE-0-2021-0105)
Vulnerability from cvelistv5
Published
2021-06-09 19:00
Modified
2024-08-03 15:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure and denial of service
Summary
Insecure inherited permissions in some Intel(R) ProSet/Wireless WiFi drivers may allow an authenticated user to potentially enable information disclosure and denial of service via adjacent access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) ProSet/Wireless WiFi drivers |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:09.121Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00472.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) ProSet/Wireless WiFi drivers", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Insecure inherited permissions in some Intel(R) ProSet/Wireless WiFi drivers may allow an authenticated user to potentially enable information disclosure and denial of service via adjacent access." } ], "problemTypes": [ { "descriptions": [ { "description": "information disclosure and denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:00:03", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00472.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0105", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) ProSet/Wireless WiFi drivers", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Insecure inherited permissions in some Intel(R) ProSet/Wireless WiFi drivers may allow an authenticated user to potentially enable information disclosure and denial of service via adjacent access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "information disclosure and denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00472.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00472.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0105", "datePublished": "2021-06-09T19:00:03", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:32:09.121Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-12294 (GCVE-0-2020-12294)
Vulnerability from cvelistv5
Published
2021-06-09 18:37
Modified
2024-08-04 11:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Insufficient control flow management in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Thunderbolt(TM) controllers |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:56:50.464Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Thunderbolt(TM) controllers", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Insufficient control flow management in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T18:37:35", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-12294", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Thunderbolt(TM) controllers", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Insufficient control flow management in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-12294", "datePublished": "2021-06-09T18:37:35", "dateReserved": "2020-04-28T00:00:00", "dateUpdated": "2024-08-04T11:56:50.464Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-24515 (GCVE-0-2020-24515)
Vulnerability from cvelistv5
Published
2021-06-09 18:48
Modified
2024-08-04 15:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Protection mechanism failure in some Intel(R) RealSense(TM) IDs may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) RealSense(TM) IDs |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:12:08.963Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00460.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) RealSense(TM) IDs", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Protection mechanism failure in some Intel(R) RealSense(TM) IDs may allow an unauthenticated user to potentially enable escalation of privilege via physical access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T18:48:48", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00460.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24515", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) RealSense(TM) IDs", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Protection mechanism failure in some Intel(R) RealSense(TM) IDs may allow an unauthenticated user to potentially enable escalation of privilege via physical access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00460.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00460.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24515", "datePublished": "2021-06-09T18:48:48", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2024-08-04T15:12:08.963Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-12290 (GCVE-0-2020-12290)
Vulnerability from cvelistv5
Published
2021-06-09 18:42
Modified
2024-08-04 11:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Improper access control in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Thunderbolt(TM) controllers |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:56:50.450Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Thunderbolt(TM) controllers", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper access control in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T18:42:38", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-12290", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Thunderbolt(TM) controllers", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper access control in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-12290", "datePublished": "2021-06-09T18:42:38", "dateReserved": "2020-04-28T00:00:00", "dateUpdated": "2024-08-04T11:56:50.450Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0112 (GCVE-0-2021-0112)
Vulnerability from cvelistv5
Published
2021-06-09 19:02
Modified
2024-08-03 15:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n escalation of privilege
Summary
Unquoted service path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel Unite(R) Client for Windows |
Version: before version 4.2.25031 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:09.169Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel Unite(R) Client for Windows", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 4.2.25031" } ] } ], "descriptions": [ { "lang": "en", "value": "Unquoted service path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "n escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:02:13", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0112", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel Unite(R) Client for Windows", "version": { "version_data": [ { "version_value": "before version 4.2.25031" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unquoted service path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0112", "datePublished": "2021-06-09T19:02:13", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:32:09.169Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-8700 (GCVE-0-2020-8700)
Vulnerability from cvelistv5
Published
2021-06-09 18:50
Modified
2024-08-04 10:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper input validation in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
References
URL | Tags | |||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Processors |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T10:03:46.323Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Processors", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper input validation in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-02T11:06:27", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-8700", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Processors", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper input validation in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210702-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-8700", "datePublished": "2021-06-09T18:50:30", "dateReserved": "2020-02-06T00:00:00", "dateUpdated": "2024-08-04T10:03:46.323Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0090 (GCVE-0-2021-0090)
Vulnerability from cvelistv5
Published
2021-06-09 19:07
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n escalation of privilege
Summary
Uncontrolled search path element in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) DSA |
Version: before version 20.11.50.9 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:02.006Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00510.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) DSA", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 20.11.50.9" } ] } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled search path element in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "n escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:07:28", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00510.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0090", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) DSA", "version": { "version_data": [ { "version_value": "before version 20.11.50.9" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Uncontrolled search path element in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00510.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00510.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0090", "datePublished": "2021-06-09T19:07:28", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:02.006Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-24489 (GCVE-0-2021-24489)
Vulnerability from cvelistv5
Published
2021-10-25 13:20
Modified
2024-08-03 19:35
Severity ?
VLAI Severity ?
EPSS score ?
Summary
The Request a Quote WordPress plugin before 2.3.9 does not sanitise, validate or escape some of its settings in the admin dashboard, leading to authenticated Stored Cross-Site Scripting issues even when the unfiltered_html capability is disallowed.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Unknown | Request a Quote |
Version: 0 < 2.3.9 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T19:35:20.198Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "exploit", "vdb-entry", "technical-description", "x_transferred" ], "url": "https://wpscan.com/vulnerability/36e8efe8-b29f-4c9e-9dd5-3e317aa43e0c" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "product": "Request a Quote", "vendor": "Unknown", "versions": [ { "lessThan": "2.3.9", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "coordinator", "value": "WPScan" } ], "descriptions": [ { "lang": "en", "value": "The Request a Quote WordPress plugin before 2.3.9 does not sanitise, validate or escape some of its settings in the admin dashboard, leading to authenticated Stored Cross-Site Scripting issues even when the unfiltered_html capability is disallowed." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Cross-Site Scripting (XSS)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-05T07:51:30.396Z", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan" }, "references": [ { "tags": [ "exploit", "vdb-entry", "technical-description" ], "url": "https://wpscan.com/vulnerability/36e8efe8-b29f-4c9e-9dd5-3e317aa43e0c" } ], "source": { "discovery": "EXTERNAL" }, "title": "Request a Quote \u003c 2.3.9 - Admin+ Stored Cross-Site Scripting", "x_generator": { "engine": "WPScan CVE Generator" } } }, "cveMetadata": { "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2021-24489", "datePublished": "2021-10-25T13:20:38", "dateReserved": "2021-01-14T00:00:00", "dateUpdated": "2024-08-03T19:35:20.198Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-12292 (GCVE-0-2020-12292)
Vulnerability from cvelistv5
Published
2021-06-09 18:42
Modified
2024-08-04 11:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Improper conditions check in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Thunderbolt(TM) controllers |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:56:50.597Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Thunderbolt(TM) controllers", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper conditions check in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T18:42:29", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-12292", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Thunderbolt(TM) controllers", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper conditions check in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-12292", "datePublished": "2021-06-09T18:42:29", "dateReserved": "2020-04-28T00:00:00", "dateUpdated": "2024-08-04T11:56:50.597Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0056 (GCVE-0-2021-0056)
Vulnerability from cvelistv5
Published
2021-06-09 19:05
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Insecure inherited permissions for the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) NUC M15 Laptop Kit Driver Pack software |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.750Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00507.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) NUC M15 Laptop Kit Driver Pack software", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Insecure inherited permissions for the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:05:09", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00507.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0056", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) NUC M15 Laptop Kit Driver Pack software", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Insecure inherited permissions for the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00507.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00507.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0056", "datePublished": "2021-06-09T19:05:09", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.750Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0097 (GCVE-0-2021-0097)
Vulnerability from cvelistv5
Published
2021-06-09 19:00
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Path traversal in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Server Board M10JNP2SB |
Version: before version EFI BIOS 7215, BMC 8100.01.08 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.828Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Server Board M10JNP2SB", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version EFI BIOS 7215, BMC 8100.01.08" } ] } ], "descriptions": [ { "lang": "en", "value": "Path traversal in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:00:29", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0097", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Server Board M10JNP2SB", "version": { "version_data": [ { "version_value": "before version EFI BIOS 7215, BMC 8100.01.08" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Path traversal in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0097", "datePublished": "2021-06-09T19:00:29", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.828Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-12296 (GCVE-0-2020-12296)
Vulnerability from cvelistv5
Published
2021-06-09 18:37
Modified
2024-08-04 11:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Uncontrolled resource consumption in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Thunderbolt(TM) controllers |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:56:50.462Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Thunderbolt(TM) controllers", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled resource consumption in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T18:37:48", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-12296", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Thunderbolt(TM) controllers", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Uncontrolled resource consumption in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-12296", "datePublished": "2021-06-09T18:37:48", "dateReserved": "2020-04-28T00:00:00", "dateUpdated": "2024-08-04T11:56:50.462Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0074 (GCVE-0-2021-0074)
Vulnerability from cvelistv5
Published
2021-06-09 19:11
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper permissions in the installer for the Intel(R) Computing Improvement Program software before version 2.4.5982 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Computing Improvement Program software |
Version: before version 2.4.5982 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.805Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00530.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Computing Improvement Program software", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 2.4.5982" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper permissions in the installer for the Intel(R) Computing Improvement Program software before version 2.4.5982 may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:11:07", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00530.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0074", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Computing Improvement Program software", "version": { "version_data": [ { "version_value": "before version 2.4.5982" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper permissions in the installer for the Intel(R) Computing Improvement Program software before version 2.4.5982 may allow an authenticated user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00530.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00530.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0074", "datePublished": "2021-06-09T19:11:07", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.805Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0101 (GCVE-0-2021-0101)
Vulnerability from cvelistv5
Published
2021-06-09 19:00
Modified
2024-08-03 15:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Buffer overflow in the BMC firmware for Intel(R) Server BoardM10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable an escalation of privilege via adjacent access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Server BoardM10JNP2SB |
Version: before version EFI BIOS 7215, BMC 8100.01.08 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:09.222Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Server BoardM10JNP2SB", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version EFI BIOS 7215, BMC 8100.01.08" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in the BMC firmware for Intel(R) Server BoardM10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable an escalation of privilege via adjacent access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:00:09", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0101", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Server BoardM10JNP2SB", "version": { "version_data": [ { "version_value": "before version EFI BIOS 7215, BMC 8100.01.08" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in the BMC firmware for Intel(R) Server BoardM10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable an escalation of privilege via adjacent access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0101", "datePublished": "2021-06-09T19:00:09", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:32:09.222Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0108 (GCVE-0-2021-0108)
Vulnerability from cvelistv5
Published
2021-06-09 19:04
Modified
2024-08-03 15:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n escalation of privilege
Summary
Uncontrolled search path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel Unite(R) Client for Windows |
Version: before version 4.2.25031 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:09.221Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel Unite(R) Client for Windows", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 4.2.25031" } ] } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled search path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "n escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:04:58", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0108", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel Unite(R) Client for Windows", "version": { "version_data": [ { "version_value": "before version 4.2.25031" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Uncontrolled search path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0108", "datePublished": "2021-06-09T19:04:58", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:32:09.221Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0055 (GCVE-0-2021-0055)
Vulnerability from cvelistv5
Published
2021-06-09 19:02
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Insecure inherited permissions for some Intel(R) NUC 9 Extreme Laptop Kit LAN Drivers before version 10.42 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) NUC 9 Extreme Laptop Kit LAN Drivers |
Version: before version 10.42 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.624Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00505.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) NUC 9 Extreme Laptop Kit LAN Drivers", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 10.42" } ] } ], "descriptions": [ { "lang": "en", "value": "Insecure inherited permissions for some Intel(R) NUC 9 Extreme Laptop Kit LAN Drivers before version 10.42 may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:02:07", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00505.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0055", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) NUC 9 Extreme Laptop Kit LAN Drivers", "version": { "version_data": [ { "version_value": "before version 10.42" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Insecure inherited permissions for some Intel(R) NUC 9 Extreme Laptop Kit LAN Drivers before version 10.42 may allow an authenticated user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00505.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00505.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0055", "datePublished": "2021-06-09T19:02:07", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.624Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0089 (GCVE-0-2021-0089)
Vulnerability from cvelistv5
Published
2021-06-09 19:07
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
Summary
Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
References
URL | Tags | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Processors |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.908Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html" }, { "name": "[oss-security] 20210610 Xen Security Advisory 375 v4 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/06/10/1" }, { "name": "[oss-security] 20210610 Re: Xen Security Advisory 375 v3 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/06/10/10" }, { "name": "[oss-security] 20210610 Re: Xen Security Advisory 375 v3 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/06/10/11" }, { "name": "DSA-4931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4931" }, { "name": "FEDORA-2021-41d4347447", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/" }, { "name": "FEDORA-2021-993693c914", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/" }, { "name": "GLSA-202107-30", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202107-30" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Processors", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-12T04:06:28", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html" }, { "name": "[oss-security] 20210610 Xen Security Advisory 375 v4 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2021/06/10/1" }, { "name": "[oss-security] 20210610 Re: Xen Security Advisory 375 v3 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2021/06/10/10" }, { "name": "[oss-security] 20210610 Re: Xen Security Advisory 375 v3 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2021/06/10/11" }, { "name": "DSA-4931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-4931" }, { "name": "FEDORA-2021-41d4347447", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/" }, { "name": "FEDORA-2021-993693c914", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/" }, { "name": "GLSA-202107-30", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202107-30" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0089", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Processors", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html" }, { "name": "[oss-security] 20210610 Xen Security Advisory 375 v4 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/06/10/1" }, { "name": "[oss-security] 20210610 Re: Xen Security Advisory 375 v3 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/06/10/10" }, { "name": "[oss-security] 20210610 Re: Xen Security Advisory 375 v3 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/06/10/11" }, { "name": "DSA-4931", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4931" }, { "name": "FEDORA-2021-41d4347447", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/" }, { "name": "FEDORA-2021-993693c914", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/" }, { "name": "GLSA-202107-30", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202107-30" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0089", "datePublished": "2021-06-09T19:07:54", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.908Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-24506 (GCVE-0-2020-24506)
Vulnerability from cvelistv5
Published
2021-06-09 18:48
Modified
2024-08-04 15:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
Summary
Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentially enable information disclosure via local access.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) CSME versions |
Version: versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:12:09.020Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210611-0004/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) CSME versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32" } ] } ], "descriptions": [ { "lang": "en", "value": "Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentially enable information disclosure via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-10T11:06:33", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210611-0004/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24506", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) CSME versions", "version": { "version_data": [ { "version_value": "versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentially enable information disclosure via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210611-0004/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210611-0004/" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24506", "datePublished": "2021-06-09T18:48:44", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2024-08-04T15:12:09.020Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-8702 (GCVE-0-2020-8702)
Vulnerability from cvelistv5
Published
2021-06-09 18:47
Modified
2024-08-04 10:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Uncontrolled search path element in the Intel(R) Processor Diagnostic Tool before version 4.1.5.37 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Processor Diagnostic Tool |
Version: before version 4.1.5.37 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T10:03:46.364Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00458.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Processor Diagnostic Tool", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 4.1.5.37" } ] } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled search path element in the Intel(R) Processor Diagnostic Tool before version 4.1.5.37 may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T18:47:29", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00458.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-8702", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Processor Diagnostic Tool", "version": { "version_data": [ { "version_value": "before version 4.1.5.37" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Uncontrolled search path element in the Intel(R) Processor Diagnostic Tool before version 4.1.5.37 may allow an authenticated user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00458.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00458.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-8702", "datePublished": "2021-06-09T18:47:29", "dateReserved": "2020-02-06T00:00:00", "dateUpdated": "2024-08-04T10:03:46.364Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0001 (GCVE-0-2021-0001)
Vulnerability from cvelistv5
Published
2021-06-09 19:01
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
Summary
Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) IPP |
Version: before version 2020 update 1 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.810Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00477.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) IPP", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 2020 update 1" } ] } ], "descriptions": [ { "lang": "en", "value": "Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:01:55", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00477.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0001", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) IPP", "version": { "version_data": [ { "version_value": "before version 2020 update 1" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00477.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00477.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0001", "datePublished": "2021-06-09T19:01:55", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.810Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-24486 (GCVE-0-2020-24486)
Vulnerability from cvelistv5
Published
2021-06-09 18:53
Modified
2024-08-04 15:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Processors |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:12:09.087Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Processors", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-10T11:06:37", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24486", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Processors", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210702-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24486", "datePublished": "2021-06-09T18:53:45", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2024-08-04T15:12:09.087Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-12288 (GCVE-0-2020-12288)
Vulnerability from cvelistv5
Published
2021-06-09 18:42
Modified
2024-08-04 11:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Protection mechanism failure in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Thunderbolt(TM) controllers |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:48:58.557Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Thunderbolt(TM) controllers", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Protection mechanism failure in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T18:42:44", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-12288", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Thunderbolt(TM) controllers", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Protection mechanism failure in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-12288", "datePublished": "2021-06-09T18:42:44", "dateReserved": "2020-04-28T00:00:00", "dateUpdated": "2024-08-04T11:48:58.557Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0077 (GCVE-0-2021-0077)
Vulnerability from cvelistv5
Published
2021-06-09 19:09
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before version 2021.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) VTune(TM) Profiler |
Version: before version 2021.1.1 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.882Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00518.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) VTune(TM) Profiler", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 2021.1.1" } ] } ], "descriptions": [ { "lang": "en", "value": "Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before version 2021.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:09:57", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00518.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0077", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) VTune(TM) Profiler", "version": { "version_data": [ { "version_value": "before version 2021.1.1" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before version 2021.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00518.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00518.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0077", "datePublished": "2021-06-09T19:09:57", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.882Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-24511 (GCVE-0-2020-24511)
Vulnerability from cvelistv5
Published
2021-06-09 18:53
Modified
2024-08-04 15:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
Summary
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Processors |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:12:09.012Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210611-0005/" }, { "name": "DSA-4934", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4934" }, { "name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Processors", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-10T11:06:39", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210611-0005/" }, { "name": "DSA-4934", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-4934" }, { "name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24511", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Processors", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210611-0005/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210611-0005/" }, { "name": "DSA-4934", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4934" }, { "name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24511", "datePublished": "2021-06-09T18:53:53", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2024-08-04T15:12:09.012Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0086 (GCVE-0-2021-0086)
Vulnerability from cvelistv5
Published
2021-06-09 19:07
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Observable response discrepancy in floating-point operations for some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
References
URL | Tags | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Brand Verification Tool |
Version: before version 11.0.0.1225 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.839Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html" }, { "name": "[oss-security] 20210608 Xen Security Advisory 375 v2 (CVE-2021-0089) - Speculative Code Store Bypass", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/06/08/7" }, { "name": "[oss-security] 20210609 Xen Security Advisory 375 v3 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/06/09/2" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html" }, { "name": "[oss-security] 20210610 Xen Security Advisory 375 v4 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/06/10/1" }, { "name": "FEDORA-2021-41d4347447", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/" }, { "name": "FEDORA-2021-993693c914", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Brand Verification Tool", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 11.0.0.1225" } ] } ], "descriptions": [ { "lang": "en", "value": "Observable response discrepancy in floating-point operations for some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-17T11:20:05", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html" }, { "name": "[oss-security] 20210608 Xen Security Advisory 375 v2 (CVE-2021-0089) - Speculative Code Store Bypass", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2021/06/08/7" }, { "name": "[oss-security] 20210609 Xen Security Advisory 375 v3 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2021/06/09/2" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html" }, { "name": "[oss-security] 20210610 Xen Security Advisory 375 v4 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2021/06/10/1" }, { "name": "FEDORA-2021-41d4347447", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/" }, { "name": "FEDORA-2021-993693c914", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0086", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Brand Verification Tool", "version": { "version_data": [ { "version_value": "before version 11.0.0.1225" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Observable response discrepancy in floating-point operations for some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html", "refsource": "CONFIRM", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00516.html" }, { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html", "refsource": "CONFIRM", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html" }, { "name": "[oss-security] 20210608 Xen Security Advisory 375 v2 (CVE-2021-0089) - Speculative Code Store Bypass", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/06/08/7" }, { "name": "[oss-security] 20210609 Xen Security Advisory 375 v3 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/06/09/2" }, { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html" }, { "name": "[oss-security] 20210610 Xen Security Advisory 375 v4 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/06/10/1" }, { "name": "FEDORA-2021-41d4347447", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV/" }, { "name": "FEDORA-2021-993693c914", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB/" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0086", "datePublished": "2021-06-09T19:07:45", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.839Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-26555 (GCVE-0-2020-26555)
Vulnerability from cvelistv5
Published
2021-05-24 17:41
Modified
2024-08-04 15:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
References
URL | Tags | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:56:04.577Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://kb.cert.org/vuls/id/799380" }, { "name": "FEDORA-2021-a35b44fd9f", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-08T17:06:22", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://kb.cert.org/vuls/id/799380" }, { "name": "FEDORA-2021-a35b44fd9f", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-26555", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/", "refsource": "MISC", "url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/" }, { "name": "https://kb.cert.org/vuls/id/799380", "refsource": "MISC", "url": "https://kb.cert.org/vuls/id/799380" }, { "name": "FEDORA-2021-a35b44fd9f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ/" }, { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html", "refsource": "CONFIRM", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-26555", "datePublished": "2021-05-24T17:41:15", "dateReserved": "2020-10-04T00:00:00", "dateUpdated": "2024-08-04T15:56:04.577Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-24473 (GCVE-0-2020-24473)
Vulnerability from cvelistv5
Published
2021-06-09 19:01
Modified
2024-08-04 15:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Out of bounds write in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Server Boards, Server Systems and Compute Modules |
Version: before version 2.48.ce3e3bd2 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:12:08.965Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Server Boards, Server Systems and Compute Modules", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 2.48.ce3e3bd2" } ] } ], "descriptions": [ { "lang": "en", "value": "Out of bounds write in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:01:45", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24473", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Server Boards, Server Systems and Compute Modules", "version": { "version_data": [ { "version_value": "before version 2.48.ce3e3bd2" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Out of bounds write in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24473", "datePublished": "2021-06-09T19:01:45", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2024-08-04T15:12:08.965Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0131 (GCVE-0-2021-0131)
Vulnerability from cvelistv5
Published
2021-06-09 19:10
Modified
2024-08-03 15:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
Summary
Use of cryptographically weak pseudo-random number generator (PRNG) in an API for the Intel(R) Security Library before version 3.3 may allow an authenticated user to potentially enable information disclosure via network access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Security Library |
Version: before version 3.3 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:09.249Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Security Library", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 3.3" } ] } ], "descriptions": [ { "lang": "en", "value": "Use of cryptographically weak pseudo-random number generator (PRNG) in an API for the Intel(R) Security Library before version 3.3 may allow an authenticated user to potentially enable information disclosure via network access." } ], "problemTypes": [ { "descriptions": [ { "description": "information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:10:41", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0131", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Security Library", "version": { "version_data": [ { "version_value": "before version 3.3" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use of cryptographically weak pseudo-random number generator (PRNG) in an API for the Intel(R) Security Library before version 3.3 may allow an authenticated user to potentially enable information disclosure via network access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0131", "datePublished": "2021-06-09T19:10:41", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:32:09.249Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0102 (GCVE-0-2021-0102)
Vulnerability from cvelistv5
Published
2021-06-09 19:05
Modified
2024-08-03 15:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n escalation of privilege
Summary
Insecure inherited permissions in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel Unite(R) Client for Windows |
Version: before version 4.2.25031 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:09.040Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel Unite(R) Client for Windows", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 4.2.25031" } ] } ], "descriptions": [ { "lang": "en", "value": "Insecure inherited permissions in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "n escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:05:04", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0102", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel Unite(R) Client for Windows", "version": { "version_data": [ { "version_value": "before version 4.2.25031" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Insecure inherited permissions in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0102", "datePublished": "2021-06-09T19:05:04", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:32:09.040Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0133 (GCVE-0-2021-0133)
Vulnerability from cvelistv5
Published
2021-06-09 19:10
Modified
2024-08-03 15:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Key exchange without entity authentication in the Intel(R) Security Library before version 3.3 may allow an authenticated user to potentially enable escalation of privilege via network access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Security Library |
Version: before version 3.3 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:09.927Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Security Library", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 3.3" } ] } ], "descriptions": [ { "lang": "en", "value": "Key exchange without entity authentication in the Intel(R) Security Library before version 3.3 may allow an authenticated user to potentially enable escalation of privilege via network access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:10:04", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0133", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Security Library", "version": { "version_data": [ { "version_value": "before version 3.3" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Key exchange without entity authentication in the Intel(R) Security Library before version 3.3 may allow an authenticated user to potentially enable escalation of privilege via network access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0133", "datePublished": "2021-06-09T19:10:04", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:32:09.927Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0058 (GCVE-0-2021-0058)
Vulnerability from cvelistv5
Published
2021-06-09 19:05
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Incorrect default permissions in the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) NUC M15 Laptop Kit Driver Pack software |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.787Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00507.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) NUC M15 Laptop Kit Driver Pack software", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Incorrect default permissions in the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:05:20", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00507.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0058", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) NUC M15 Laptop Kit Driver Pack software", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Incorrect default permissions in the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00507.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00507.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0058", "datePublished": "2021-06-09T19:05:20", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.787Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0134 (GCVE-0-2021-0134)
Vulnerability from cvelistv5
Published
2021-06-09 19:10
Modified
2024-08-03 15:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Improper input validation in an API for the Intel(R) Security Library before version 3.3 may allow a privileged user to potentially enable denial of service via network access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Security Library |
Version: before version 3.3 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:09.716Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Security Library", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 3.3" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper input validation in an API for the Intel(R) Security Library before version 3.3 may allow a privileged user to potentially enable denial of service via network access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:10:59", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0134", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Security Library", "version": { "version_data": [ { "version_value": "before version 3.3" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper input validation in an API for the Intel(R) Security Library before version 3.3 may allow a privileged user to potentially enable denial of service via network access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0134", "datePublished": "2021-06-09T19:10:59", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:32:09.716Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-12357 (GCVE-0-2020-12357)
Vulnerability from cvelistv5
Published
2021-06-09 18:49
Modified
2024-08-04 11:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Processors |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:56:51.310Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Processors", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-10T11:06:41", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-12357", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Processors", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210702-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-12357", "datePublished": "2021-06-09T18:49:02", "dateReserved": "2020-04-28T00:00:00", "dateUpdated": "2024-08-04T11:56:51.310Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-8704 (GCVE-0-2020-8704)
Vulnerability from cvelistv5
Published
2021-06-09 18:47
Modified
2024-08-04 10:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.
References
URL | Tags | |||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) LMS versions |
Version: versions before 2039.1.0.0 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T10:03:46.322Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) LMS versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "versions before 2039.1.0.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-10T11:06:35", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-8704", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) LMS versions", "version": { "version_data": [ { "version_value": "versions before 2039.1.0.0" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-8704", "datePublished": "2021-06-09T18:47:41", "dateReserved": "2020-02-06T00:00:00", "dateUpdated": "2024-08-04T10:03:46.322Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-24509 (GCVE-0-2020-24509)
Vulnerability from cvelistv5
Published
2021-06-09 18:47
Modified
2024-08-04 15:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Insufficient control flow management in subsystem in Intel(R) SPS versions before SPS_E3_05.01.04.300.0, SPS_SoC-A_05.00.03.091.0, SPS_E5_04.04.04.023.0, or SPS_E5_04.04.03.263.0 may allow a privileged user to potentially enable escalation of privilege via local access.
References
URL | Tags | |||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) SPS versions |
Version: versions before SPS_E3_05.01.04.300.0, SPS_SoC-A_05.00.03.091.0, SPS_E5_04.04.04.023.0, or SPS_E5_04.04.03.263.0 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:12:09.090Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210611-0003/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) SPS versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "versions before SPS_E3_05.01.04.300.0, SPS_SoC-A_05.00.03.091.0, SPS_E5_04.04.04.023.0, or SPS_E5_04.04.03.263.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Insufficient control flow management in subsystem in Intel(R) SPS versions before SPS_E3_05.01.04.300.0, SPS_SoC-A_05.00.03.091.0, SPS_E5_04.04.04.023.0, or SPS_E5_04.04.03.263.0 may allow a privileged user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-11T10:06:11", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210611-0003/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24509", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) SPS versions", "version": { "version_data": [ { "version_value": "versions before SPS_E3_05.01.04.300.0, SPS_SoC-A_05.00.03.091.0, SPS_E5_04.04.04.023.0, or SPS_E5_04.04.03.263.0" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Insufficient control flow management in subsystem in Intel(R) SPS versions before SPS_E3_05.01.04.300.0, SPS_SoC-A_05.00.03.091.0, SPS_E5_04.04.04.023.0, or SPS_E5_04.04.03.263.0 may allow a privileged user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210611-0003/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210611-0003/" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24509", "datePublished": "2021-06-09T18:47:35", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2024-08-04T15:12:09.090Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-12293 (GCVE-0-2020-12293)
Vulnerability from cvelistv5
Published
2021-06-09 18:37
Modified
2024-08-04 11:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Improper control of a resource through its lifetime in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Thunderbolt(TM) controllers |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:56:50.598Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Thunderbolt(TM) controllers", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper control of a resource through its lifetime in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T18:37:28", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-12293", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Thunderbolt(TM) controllers", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper control of a resource through its lifetime in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-12293", "datePublished": "2021-06-09T18:37:28", "dateReserved": "2020-04-28T00:00:00", "dateUpdated": "2024-08-04T11:56:50.598Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-8670 (GCVE-0-2020-8670)
Vulnerability from cvelistv5
Published
2021-06-09 18:50
Modified
2024-08-04 10:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Processors |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T10:03:46.319Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Processors", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-10T11:06:22", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-8670", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Processors", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210702-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-8670", "datePublished": "2021-06-09T18:50:23", "dateReserved": "2020-02-06T00:00:00", "dateUpdated": "2024-08-04T10:03:46.319Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-8703 (GCVE-0-2020-8703)
Vulnerability from cvelistv5
Published
2021-06-09 18:48
Modified
2024-08-04 10:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) CSME versions |
Version: versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T10:03:46.284Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210611-0004/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) CSME versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-10T11:06:31", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210611-0004/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-8703", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) CSME versions", "version": { "version_data": [ { "version_value": "versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210611-0004/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210611-0004/" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-8703", "datePublished": "2021-06-09T18:48:39", "dateReserved": "2020-02-06T00:00:00", "dateUpdated": "2024-08-04T10:03:46.284Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0057 (GCVE-0-2021-0057)
Vulnerability from cvelistv5
Published
2021-06-09 19:05
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Uncontrolled search path in the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) NUC M15 Laptop Kit Driver Pack software |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.874Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00507.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) NUC M15 Laptop Kit Driver Pack software", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled search path in the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:05:15", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00507.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0057", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) NUC M15 Laptop Kit Driver Pack software", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Uncontrolled search path in the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00507.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00507.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0057", "datePublished": "2021-06-09T19:05:15", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.874Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0094 (GCVE-0-2021-0094)
Vulnerability from cvelistv5
Published
2021-06-09 19:05
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n escalation of privilege
Summary
Improper link resolution before file access in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) DSA |
Version: before version 20.11.50.9 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.951Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00510.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) DSA", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 20.11.50.9" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper link resolution before file access in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "n escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:05:26", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00510.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0094", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) DSA", "version": { "version_data": [ { "version_value": "before version 20.11.50.9" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper link resolution before file access in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00510.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00510.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0094", "datePublished": "2021-06-09T19:05:26", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.951Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0098 (GCVE-0-2021-0098)
Vulnerability from cvelistv5
Published
2021-06-09 19:04
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n escalation of privilege
Summary
Improper access control in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel Unite(R) Client for Windows |
Version: before version 4.2.25031 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.891Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel Unite(R) Client for Windows", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 4.2.25031" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper access control in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "n escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:04:53", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0098", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel Unite(R) Client for Windows", "version": { "version_data": [ { "version_value": "before version 4.2.25031" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper access control in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00506.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0098", "datePublished": "2021-06-09T19:04:53", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.891Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0100 (GCVE-0-2021-0100)
Vulnerability from cvelistv5
Published
2021-06-09 19:12
Modified
2024-08-03 15:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Incorrect default permissions in the installer for the Intel(R) SSD Data Center Tool, versions downloaded before 12/31/2020, may allow an authenticated user to potentially enable escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) SSD Data Center Tool, versions downloaded |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:09.002Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00537.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) SSD Data Center Tool, versions downloaded", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Incorrect default permissions in the installer for the Intel(R) SSD Data Center Tool, versions downloaded before 12/31/2020, may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:12:54", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00537.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0100", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) SSD Data Center Tool, versions downloaded", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Incorrect default permissions in the installer for the Intel(R) SSD Data Center Tool, versions downloaded before 12/31/2020, may allow an authenticated user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00537.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00537.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0100", "datePublished": "2021-06-09T19:12:54", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:32:09.002Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0106 (GCVE-0-2021-0106)
Vulnerability from cvelistv5
Published
2021-06-09 19:13
Modified
2024-08-03 15:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Incorrect default permissions in the Intel(R) Optane(TM) DC Persistent Memory for Windows software versions before 2.00.00.3842 or 1.00.00.3515 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Optane(TM) DC Persistent Memory for Windows software versions |
Version: versions before 2.00.00.3842 or 1.00.00.3515 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:09.127Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00541.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Optane(TM) DC Persistent Memory for Windows software versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "versions before 2.00.00.3842 or 1.00.00.3515" } ] } ], "descriptions": [ { "lang": "en", "value": "Incorrect default permissions in the Intel(R) Optane(TM) DC Persistent Memory for Windows software versions before 2.00.00.3842 or 1.00.00.3515 may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:13:01", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00541.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0106", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Optane(TM) DC Persistent Memory for Windows software versions", "version": { "version_data": [ { "version_value": "versions before 2.00.00.3842 or 1.00.00.3515" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Incorrect default permissions in the Intel(R) Optane(TM) DC Persistent Memory for Windows software versions before 2.00.00.3842 or 1.00.00.3515 may allow an authenticated user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00541.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00541.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0106", "datePublished": "2021-06-09T19:13:01", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:32:09.127Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0113 (GCVE-0-2021-0113)
Vulnerability from cvelistv5
Published
2021-06-09 19:00
Modified
2024-08-03 15:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Out of bounds write in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Server Board M10JNP2SB |
Version: before version EFI BIOS 7215, BMC 8100.01.08 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:09.177Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Server Board M10JNP2SB", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version EFI BIOS 7215, BMC 8100.01.08" } ] } ], "descriptions": [ { "lang": "en", "value": "Out of bounds write in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:00:22", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0113", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Server Board M10JNP2SB", "version": { "version_data": [ { "version_value": "before version EFI BIOS 7215, BMC 8100.01.08" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Out of bounds write in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0113", "datePublished": "2021-06-09T19:00:22", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:32:09.177Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0104 (GCVE-0-2021-0104)
Vulnerability from cvelistv5
Published
2021-06-09 19:13
Modified
2024-08-03 15:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Uncontrolled search path element in the installer for the Intel(R) Rapid Storage Technology software, before versions 17.9.0.34, 18.0.0.640 and 18.1.0.24, may allow an authenticated user to potentially enable escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Rapid Storage Technology software, |
Version: before versions 17.9.0.34, 18.0.0.640 and 18.1.0.24, |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:09.032Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00545.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Rapid Storage Technology software,", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before versions 17.9.0.34, 18.0.0.640 and 18.1.0.24," } ] } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled search path element in the installer for the Intel(R) Rapid Storage Technology software, before versions 17.9.0.34, 18.0.0.640 and 18.1.0.24, may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:13:10", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00545.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0104", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Rapid Storage Technology software,", "version": { "version_data": [ { "version_value": "before versions 17.9.0.34, 18.0.0.640 and 18.1.0.24," } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Uncontrolled search path element in the installer for the Intel(R) Rapid Storage Technology software, before versions 17.9.0.34, 18.0.0.640 and 18.1.0.24, may allow an authenticated user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00545.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00545.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0104", "datePublished": "2021-06-09T19:13:10", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:32:09.032Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-12358 (GCVE-0-2020-12358)
Vulnerability from cvelistv5
Published
2021-06-09 18:50
Modified
2024-08-04 11:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Processors |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:56:51.411Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Processors", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-10T11:06:24", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-12358", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Processors", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210702-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-12358", "datePublished": "2021-06-09T18:50:41", "dateReserved": "2020-04-28T00:00:00", "dateUpdated": "2024-08-04T11:56:51.411Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0073 (GCVE-0-2021-0073)
Vulnerability from cvelistv5
Published
2021-06-09 19:07
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Insufficient control flow management in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) DSA |
Version: before version 20.11.50.9 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.834Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00510.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) DSA", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 20.11.50.9" } ] } ], "descriptions": [ { "lang": "en", "value": "Insufficient control flow management in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:07:22", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00510.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0073", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) DSA", "version": { "version_data": [ { "version_value": "before version 20.11.50.9" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Insufficient control flow management in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00510.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00510.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0073", "datePublished": "2021-06-09T19:07:22", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.834Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0070 (GCVE-0-2021-0070)
Vulnerability from cvelistv5
Published
2021-06-09 19:00
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n escalation of privilege
Summary
Improper input validation in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable an escalation of privilege via adjacent access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Server Board M10JNP2SB |
Version: before version EFI BIOS 7215, BMC 8100.01.08 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:02.007Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Server Board M10JNP2SB", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version EFI BIOS 7215, BMC 8100.01.08" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper input validation in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable an escalation of privilege via adjacent access." } ], "problemTypes": [ { "descriptions": [ { "description": "n escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:00:16", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0070", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Server Board M10JNP2SB", "version": { "version_data": [ { "version_value": "before version EFI BIOS 7215, BMC 8100.01.08" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper input validation in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable an escalation of privilege via adjacent access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00474.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0070", "datePublished": "2021-06-09T19:00:16", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:02.007Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0067 (GCVE-0-2021-0067)
Vulnerability from cvelistv5
Published
2021-06-09 19:07
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) NUCs |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.820Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) NUCs", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "\u0026nbsp;Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:07:34", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0067", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) NUCs", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "\u0026nbsp;Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00511.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0067", "datePublished": "2021-06-09T19:07:34", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.820Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-12291 (GCVE-0-2020-12291)
Vulnerability from cvelistv5
Published
2021-06-09 18:37
Modified
2024-08-04 11:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Uncontrolled resource consumption in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Thunderbolt(TM) controllers |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:56:50.442Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Thunderbolt(TM) controllers", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled resource consumption in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T18:37:54", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-12291", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Thunderbolt(TM) controllers", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Uncontrolled resource consumption in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00401.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-12291", "datePublished": "2021-06-09T18:37:54", "dateReserved": "2020-04-28T00:00:00", "dateUpdated": "2024-08-04T11:56:50.442Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-24474 (GCVE-0-2020-24474)
Vulnerability from cvelistv5
Published
2021-06-09 19:01
Modified
2024-08-04 15:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Server Boards, Server Systems and Compute Modules |
Version: before version 2.48.ce3e3bd2 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:12:09.228Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Server Boards, Server Systems and Compute Modules", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 2.48.ce3e3bd2" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:01:40", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24474", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Server Boards, Server Systems and Compute Modules", "version": { "version_data": [ { "version_value": "before version 2.48.ce3e3bd2" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24474", "datePublished": "2021-06-09T19:01:40", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2024-08-04T15:12:09.228Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-24513 (GCVE-0-2020-24513)
Vulnerability from cvelistv5
Published
2021-06-09 18:54
Modified
2024-08-04 15:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
Summary
Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
References
URL | Tags | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel Atom(R) Processors |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:12:08.752Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html" }, { "name": "DSA-4934", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4934" }, { "name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel Atom(R) Processors", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-10T11:06:29", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html" }, { "name": "DSA-4934", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-4934" }, { "name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24513", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel Atom(R) Processors", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html" }, { "name": "DSA-4934", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4934" }, { "name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24513", "datePublished": "2021-06-09T18:54:08", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2024-08-04T15:12:08.752Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-24507 (GCVE-0-2020-24507)
Vulnerability from cvelistv5
Published
2021-06-09 18:47
Modified
2024-08-04 15:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
Summary
Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) CSME versions |
Version: versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:12:09.009Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210611-0004/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) CSME versions", "vendor": "n/a", "versions": [ { "status": "affected", "version": "versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-10T11:06:27", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210611-0004/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24507", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) CSME versions", "version": { "version_data": [ { "version_value": "versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00459.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210611-0004/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210611-0004/" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24507", "datePublished": "2021-06-09T18:47:46", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2024-08-04T15:12:09.009Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-24512 (GCVE-0-2020-24512)
Vulnerability from cvelistv5
Published
2021-06-09 18:53
Modified
2024-08-04 15:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
Summary
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Processors |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:12:09.097Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210611-0005/" }, { "name": "DSA-4934", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4934" }, { "name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Processors", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "information disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-10T11:06:20", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210611-0005/" }, { "name": "DSA-4934", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-4934" }, { "name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24512", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Processors", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "information disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210611-0005/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210611-0005/" }, { "name": "DSA-4934", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4934" }, { "name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24512", "datePublished": "2021-06-09T18:53:59", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2024-08-04T15:12:09.097Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0052 (GCVE-0-2021-0052)
Vulnerability from cvelistv5
Published
2021-06-09 19:12
Modified
2024-08-03 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n escalation of privilege
Summary
Incorrect default privileges in the Intel(R) Computing Improvement Program before version 2.4.6522 may allow an authenticated user to potentially enable an escalation of privilege via local access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Computing Improvement Program |
Version: before version 2.4.6522 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:25:01.803Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00530.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Computing Improvement Program", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 2.4.6522" } ] } ], "descriptions": [ { "lang": "en", "value": "Incorrect default privileges in the Intel(R) Computing Improvement Program before version 2.4.6522 may allow an authenticated user to potentially enable an escalation of privilege via local access." } ], "problemTypes": [ { "descriptions": [ { "description": "n escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:12:45", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00530.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0052", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Computing Improvement Program", "version": { "version_data": [ { "version_value": "before version 2.4.6522" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Incorrect default privileges in the Intel(R) Computing Improvement Program before version 2.4.6522 may allow an authenticated user to potentially enable an escalation of privilege via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00530.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00530.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0052", "datePublished": "2021-06-09T19:12:45", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:25:01.803Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0132 (GCVE-0-2021-0132)
Vulnerability from cvelistv5
Published
2021-06-09 19:10
Modified
2024-08-03 15:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Missing release of resource after effective lifetime in an API for the Intel(R) Security Library before version 3.3 may allow a privileged user to potentially enable denial of service via network access.
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Security Library |
Version: before version 3.3 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:09.216Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Security Library", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 3.3" } ] } ], "descriptions": [ { "lang": "en", "value": "Missing release of resource after effective lifetime in an API for the Intel(R) Security Library before version 3.3 may allow a privileged user to potentially enable denial of service via network access." } ], "problemTypes": [ { "descriptions": [ { "description": "denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-09T19:10:13", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-0132", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Security Library", "version": { "version_data": [ { "version_value": "before version 3.3" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Missing release of resource after effective lifetime in an API for the Intel(R) Security Library before version 3.3 may allow a privileged user to potentially enable denial of service via network access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00521.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-0132", "datePublished": "2021-06-09T19:10:13", "dateReserved": "2020-10-22T00:00:00", "dateUpdated": "2024-08-03T15:32:09.216Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-12359 (GCVE-0-2020-12359)
Vulnerability from cvelistv5
Published
2021-06-09 18:50
Modified
2024-08-04 11:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Insufficient control flow management in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
References
URL | Tags | |||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) Processors |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:56:51.555Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intel(R) Processors", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Insufficient control flow management in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable escalation of privilege via physical access." } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-02T11:06:23", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2020-12359", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) Processors", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Insufficient control flow management in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable escalation of privilege via physical access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "escalation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00463.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210702-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210702-0002/" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-12359", "datePublished": "2021-06-09T18:50:35", "dateReserved": "2020-04-28T00:00:00", "dateUpdated": "2024-08-04T11:56:51.555Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…