Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2022-AVI-1009
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Intel | N/A | Intel MC versions antérieures à 2.3.2 | ||
| Intel | N/A | Intel EMA versions antérieures à 1.7.1 | ||
| Intel | N/A | Intel Quartus Prime Pro edition software versions antérieures à 22.1 | ||
| Intel | N/A | Intel CSME versions antérieures à 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 | ||
| Intel | N/A | Intel PROSet/Wireless WiFi UEFI drivers versions antérieures à 2.2.14.22176 | ||
| Intel | N/A | Intel SPS versions antérieures à SPS_E3_04.01.04.700.0, SPS_E3_06.00.03.035.0 | ||
| Intel | N/A | Intel SDP Tool versions antérieures à 3.0.0 | ||
| Intel | N/A | Intel NUC HDMI Firmware Update Tool pour NUC7i3DN, NUC7i5DN et NUC7i7DN versions antérieures à 1.78.2.0.7. | ||
| Intel | N/A | Intel Advanced Link Analyzer Pro versions antérieures à 22.2 | ||
| Intel | N/A | PresentMon versions antérieures à 1.7.1 | ||
| Intel | N/A | Intel NUC Kit Wireless Adapter driver installer software versions antérieures à 22.40.0 | ||
| Intel | N/A | Intel SGX SDK software pour Linux versions antérieures à 2.18.100.1 | ||
| Intel | N/A | Intel Glorp gaming particle physics demonstration software version 1.0.0 | ||
| Intel | N/A | Les produits Intel vPRO CSME WiFi sans la dernière mise à jour | ||
| Intel | N/A | Intel Advanced Link Analyzer Standrad versions antérieures à 22.1.1 STD | ||
| Intel | N/A | Intel XMM 7560 Modem M.2 sans la dernière mise à jour | ||
| Intel | N/A | Intel Server System R1000WF, R200WF et Intel Server Board S2600WF sans la dernière mise à jour | ||
| Intel | N/A | Intel EMA versions antérieures à 1.8.0 | ||
| Intel | N/A | Intel Server Board M50CYP sans la dernière mise à jour | ||
| Intel | N/A | Intel PROSet/Wireless WiFi versions antérieures à 22.140 | ||
| Intel | N/A | Intel Processors sans la dernière mise à jour | ||
| Intel | N/A | Intel VTune Profiler software versions antérieures à 2022.2.0 | ||
| Intel | N/A | Intel NUC BIOS Firmware sans la dernière mise à jour | ||
| Intel | N/A | Intel Quartus Prime Standard edition software versions antérieures à 21.1 Patch 0.02std | ||
| Intel | N/A | Intel Server Board M10JNP sans la dernière mise à jour | ||
| Intel | N/A | Intel AMT versions antérieures à 11.8.93, 11.22.93, 12.0.92, 14.1.67, 15.0.42, 16.0 | ||
| Intel | N/A | Killer WiFi versions antérieures à 3.1122.3158 | ||
| Intel | N/A | Intel Distribution of OpenVINO Toolkit versions antérieures à 2021.4.2 | ||
| Intel | N/A | Intel SGX SDK software pour Windows versions antérieures à 2.17.100.1 | ||
| Intel | N/A | Intel AMT SDK versions antérieures à 16.0.4.1 | ||
| Intel | N/A | Hyperscan library versions antérieures à 5.4.0 | ||
| Intel | N/A | Intel System Studio toutes versions | ||
| Intel | N/A | Intel WAPI Security sans la dernière mise à jour | ||
| Intel | N/A | Intel DCM versions antérieures à 5.0 | ||
| Intel | N/A | Intel Support Android application versions antérieures à 22.02.28 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Intel MC versions ant\u00e9rieures \u00e0 2.3.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel EMA versions ant\u00e9rieures \u00e0 1.7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Quartus Prime Pro edition software versions ant\u00e9rieures \u00e0 22.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel CSME versions ant\u00e9rieures \u00e0 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel PROSet/Wireless WiFi UEFI drivers versions ant\u00e9rieures \u00e0 2.2.14.22176",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SPS versions ant\u00e9rieures \u00e0 SPS_E3_04.01.04.700.0, SPS_E3_06.00.03.035.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SDP Tool versions ant\u00e9rieures \u00e0 3.0.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC HDMI Firmware Update Tool pour NUC7i3DN, NUC7i5DN et NUC7i7DN versions ant\u00e9rieures \u00e0 1.78.2.0.7.",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Advanced Link Analyzer Pro versions ant\u00e9rieures \u00e0 22.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "PresentMon versions ant\u00e9rieures \u00e0 1.7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC Kit Wireless Adapter driver installer software versions ant\u00e9rieures \u00e0 22.40.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SGX SDK software pour Linux versions ant\u00e9rieures \u00e0 2.18.100.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Glorp gaming particle physics demonstration software version 1.0.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Les produits Intel vPRO CSME WiFi sans la derni\u00e8re mise \u00e0 jour",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Advanced Link Analyzer Standrad versions ant\u00e9rieures \u00e0 22.1.1 STD",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel XMM 7560 Modem M.2 sans la derni\u00e8re mise \u00e0 jour",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Server System R1000WF, R200WF et Intel Server Board S2600WF sans la derni\u00e8re mise \u00e0 jour",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel EMA versions ant\u00e9rieures \u00e0 1.8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Server Board M50CYP sans la derni\u00e8re mise \u00e0 jour",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel PROSet/Wireless WiFi versions ant\u00e9rieures \u00e0 22.140",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Processors sans la derni\u00e8re mise \u00e0 jour",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel VTune Profiler software versions ant\u00e9rieures \u00e0 2022.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC BIOS Firmware sans la derni\u00e8re mise \u00e0 jour",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Quartus Prime Standard edition software versions ant\u00e9rieures \u00e0 21.1 Patch 0.02std",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Server Board M10JNP sans la derni\u00e8re mise \u00e0 jour",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel AMT versions ant\u00e9rieures \u00e0 11.8.93, 11.22.93, 12.0.92, 14.1.67, 15.0.42, 16.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Killer WiFi versions ant\u00e9rieures \u00e0 3.1122.3158",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Distribution of OpenVINO Toolkit versions ant\u00e9rieures \u00e0 2021.4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SGX SDK software pour Windows versions ant\u00e9rieures \u00e0 2.17.100.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel AMT SDK versions ant\u00e9rieures \u00e0 16.0.4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Hyperscan library versions ant\u00e9rieures \u00e0 5.4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel System Studio toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel WAPI Security sans la derni\u00e8re mise \u00e0 jour",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel DCM versions ant\u00e9rieures \u00e0 5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Support Android application versions ant\u00e9rieures \u00e0 22.02.28",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-27233",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27233"
},
{
"name": "CVE-2022-27874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27874"
},
{
"name": "CVE-2022-36789",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36789"
},
{
"name": "CVE-2022-36380",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36380"
},
{
"name": "CVE-2022-33942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33942"
},
{
"name": "CVE-2022-37334",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37334"
},
{
"name": "CVE-2022-36349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36349"
},
{
"name": "CVE-2022-38099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38099"
},
{
"name": "CVE-2022-27187",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27187"
},
{
"name": "CVE-2022-30548",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30548"
},
{
"name": "CVE-2022-26513",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26513"
},
{
"name": "CVE-2022-27497",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27497"
},
{
"name": "CVE-2021-0185",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0185"
},
{
"name": "CVE-2021-33064",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33064"
},
{
"name": "CVE-2022-21198",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21198"
},
{
"name": "CVE-2022-30691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30691"
},
{
"name": "CVE-2022-36384",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36384"
},
{
"name": "CVE-2022-26028",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26028"
},
{
"name": "CVE-2022-32569",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32569"
},
{
"name": "CVE-2022-25917",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25917"
},
{
"name": "CVE-2022-26086",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26086"
},
{
"name": "CVE-2022-28126",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28126"
},
{
"name": "CVE-2022-34152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34152"
},
{
"name": "CVE-2022-26341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26341"
},
{
"name": "CVE-2022-26367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26367"
},
{
"name": "CVE-2022-26006",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26006"
},
{
"name": "CVE-2022-21794",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21794"
},
{
"name": "CVE-2022-26508",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26508"
},
{
"name": "CVE-2022-33176",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33176"
},
{
"name": "CVE-2022-26369",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26369"
},
{
"name": "CVE-2022-33973",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33973"
},
{
"name": "CVE-2022-26845",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26845"
},
{
"name": "CVE-2021-33164",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33164"
},
{
"name": "CVE-2021-33159",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33159"
},
{
"name": "CVE-2022-37345",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37345"
},
{
"name": "CVE-2022-27638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27638"
},
{
"name": "CVE-2022-36367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36367"
},
{
"name": "CVE-2022-36370",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36370"
},
{
"name": "CVE-2022-26045",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26045"
},
{
"name": "CVE-2022-26124",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26124"
},
{
"name": "CVE-2022-36400",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36400"
},
{
"name": "CVE-2022-28611",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28611"
},
{
"name": "CVE-2022-35276",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35276"
},
{
"name": "CVE-2022-36377",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36377"
},
{
"name": "CVE-2022-28667",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28667"
},
{
"name": "CVE-2022-26079",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26079"
},
{
"name": "CVE-2021-26251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26251"
},
{
"name": "CVE-2022-29486",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29486"
},
{
"name": "CVE-2022-26047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26047"
},
{
"name": "CVE-2022-27639",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27639"
},
{
"name": "CVE-2022-29515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29515"
},
{
"name": "CVE-2022-29893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29893"
},
{
"name": "CVE-2022-27499",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27499"
},
{
"name": "CVE-2022-30297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30297"
},
{
"name": "CVE-2022-30542",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30542"
},
{
"name": "CVE-2022-29466",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29466"
},
{
"name": "CVE-2022-26024",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26024"
}
],
"initial_release_date": "2022-11-09T00:00:00",
"last_revision_date": "2022-11-09T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00676 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00676.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00715 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00715.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00687 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00687.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00691 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00691.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00695 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00695.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00713 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00558 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00558.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00711 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00711.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00720 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00720.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00642 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00642.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00716 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00716.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00747 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00680 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00699 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00699.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00659 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00683 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00708 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00688 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00710 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00710.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00689 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00673 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00673.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00740 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00610 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html"
}
],
"reference": "CERTFR-2022-AVI-1009",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-11-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00752 du 08 novembre 2022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
]
}
CVE-2022-21794 (GCVE-0-2022-21794)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits |
Version: before version HN0067 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.203Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-21794",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:12.250622Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:25:15.523Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version HN0067"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:18.494Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-21794",
"datePublished": "2022-11-11T15:48:50.809Z",
"dateReserved": "2021-12-09T23:52:03.733Z",
"dateUpdated": "2025-02-05T20:25:15.523Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28667 (GCVE-0-2022-28667)
Vulnerability from cvelistv5
Published
2022-11-11 15:49
Modified
2025-01-29 20:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi software before version 22.140 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) PROSet/Wireless WiFi software |
Version: before version 22.140 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:51.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00687.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00687.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-28667",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:11.868494Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T20:44:31.734Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) PROSet/Wireless WiFi software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 22.140"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi software before version 22.140 may allow an unauthenticated user to potentially enable denial of service via adjacent access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:33.807Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00687.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00687.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-28667",
"datePublished": "2022-11-11T15:49:14.818Z",
"dateReserved": "2022-04-05T15:11:17.487Z",
"dateUpdated": "2025-01-29T20:44:31.734Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26086 (GCVE-0-2022-26086)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | PresentMon software maintained by Intel(R) |
Version: before version 1.7.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00711.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00711.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26086",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:36.083179Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:53:04.543Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PresentMon software maintained by Intel(R)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.7.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:03.947Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00711.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00711.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-26086",
"datePublished": "2022-11-11T15:48:40.264Z",
"dateReserved": "2022-03-02T00:32:53.314Z",
"dateUpdated": "2025-02-05T20:53:04.543Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27499 (GCVE-0-2022-27499)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
Summary
Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) SGX SDK software |
Version: See references |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:57.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00691.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00691.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-27499",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:55.690142Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-672",
"description": "CWE-672 Operation on a Resource after Expiration or Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:52:49.837Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) SGX SDK software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:05.311Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00691.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00691.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-27499",
"datePublished": "2022-11-11T15:48:41.249Z",
"dateReserved": "2022-04-05T15:12:32.613Z",
"dateUpdated": "2025-02-05T20:52:49.837Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37345 (GCVE-0-2022-37345)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper authentication in BIOS firmware[A1] for some Intel(R) NUC Kits before version RY0386 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC Kits |
Version: before version RY0386 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:29:20.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-37345",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:15.173444Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:25:39.927Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC Kits",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version RY0386"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authentication in BIOS firmware[A1] for some Intel(R) NUC Kits before version RY0386 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:17.807Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-37345",
"datePublished": "2022-11-11T15:48:50.315Z",
"dateReserved": "2022-08-04T03:00:18.871Z",
"dateUpdated": "2025-02-05T20:25:39.927Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-26251 (GCVE-0-2021-26251)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Toolkit may allow an authenticated user to potentially enable denial of service via network access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Distribution of OpenVINO(TM) Toolkit |
Version: See references |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:19:20.136Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00642.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00642.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-26251",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:50.050468Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:52:20.981Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Distribution of OpenVINO(TM) Toolkit",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Toolkit may allow an authenticated user to potentially enable denial of service via network access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:08.117Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00642.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00642.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2021-26251",
"datePublished": "2022-11-11T15:48:43.246Z",
"dateReserved": "2021-11-30T19:40:07.886Z",
"dateUpdated": "2025-02-05T20:52:20.981Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30542 (GCVE-0-2022-30542)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 15:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper input validation in the firmware for some Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families before version R02.01.0014 may allow a privileged user to potentially enable an escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families |
Version: before version R02.01.0014 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:48:36.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-30542",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:40:47.572106Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T15:26:46.640Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version R02.01.0014"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in the firmware for some Intel(R) Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families before version R02.01.0014 may allow a privileged user to potentially enable an escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:25.524Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-30542",
"datePublished": "2022-11-11T15:48:55.893Z",
"dateReserved": "2022-06-09T05:41:11.417Z",
"dateUpdated": "2025-02-05T15:26:46.640Z",
"requesterUserId": "18e72eb2-8568-4e08-88e2-81b49c53dae3",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29466 (GCVE-0-2022-29466)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700.0 may allow an authenticated user to potentially enable denial of service via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) SPS |
Version: before version SPS_E3_04.01.04.700.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:26:05.187Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-29466",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:39:12.263267Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:53:55.996Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) SPS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version SPS_E3_04.01.04.700.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700.0 may allow an authenticated user to potentially enable denial of service via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:45:59.860Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-29466",
"datePublished": "2022-11-11T15:48:37.244Z",
"dateReserved": "2022-04-20T00:10:11.663Z",
"dateUpdated": "2025-02-05T20:53:55.996Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26024 (GCVE-0-2022-26024)
Vulnerability from cvelistv5
Published
2022-11-11 15:49
Modified
2025-01-29 20:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN |
Version: before version 1.78.2.0.7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26024",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:40:30.349887Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281 Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T20:45:50.692Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.78.2.0.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:33.091Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-26024",
"datePublished": "2022-11-11T15:49:14.302Z",
"dateReserved": "2022-03-21T23:31:41.445Z",
"dateUpdated": "2025-01-29T20:45:50.692Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-35276 (GCVE-0-2022-35276)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 15:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper access control in BIOS firmware for some Intel(R) NUC 8 Compute Elements before version CBWHL357.0096 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC 8 Compute Elements |
Version: before version CBWHL357.0096 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-35276",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:01.450203Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T15:39:40.338Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC 8 Compute Elements",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version CBWHL357.0096"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in BIOS firmware for some Intel(R) NUC 8 Compute Elements before version CBWHL357.0096 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:21.339Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-35276",
"datePublished": "2022-11-11T15:48:52.849Z",
"dateReserved": "2022-08-04T03:00:21.515Z",
"dateUpdated": "2025-02-05T15:39:40.338Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36367 (GCVE-0-2022-36367)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
Summary
Incorrect default permissions in the Intel(R) Support Android application before version v22.02.28 may allow a privileged user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Support Android application |
Version: before version v22.02.28 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36367",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:39:03.824597Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:53:26.387Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Support Android application",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version v22.02.28"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incorrect default permissions in the Intel(R) Support Android application before version v22.02.28 may allow a privileged user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:01.951Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-36367",
"datePublished": "2022-11-11T15:48:38.720Z",
"dateReserved": "2022-07-22T03:00:24.599Z",
"dateUpdated": "2025-02-05T20:53:26.387Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37334 (GCVE-0-2022-37334)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 15:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper initialization in BIOS firmware for some Intel(R) NUC 11 Pro Kits and Intel(R) NUC 11 Pro Boards before version TNTGL357.0064 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC 11 Pro Kits and Intel(R) NUC 11 Pro Boards |
Version: before version TNTGL357.0064 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:29:20.900Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-37334",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:40:50.411828Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-665",
"description": "CWE-665 Improper Initialization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T15:28:32.518Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC 11 Pro Kits and Intel(R) NUC 11 Pro Boards",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version TNTGL357.0064"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper initialization in BIOS firmware for some Intel(R) NUC 11 Pro Kits and Intel(R) NUC 11 Pro Boards before version TNTGL357.0064 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:24.147Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-37334",
"datePublished": "2022-11-11T15:48:54.894Z",
"dateReserved": "2022-08-04T03:00:21.630Z",
"dateUpdated": "2025-02-05T15:28:32.518Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27638 (GCVE-0-2022-27638)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Uncontrolled search path element in the Intel(R) Advanced Link Analyzer Pro before version 22.2 and Standard edition software before version 22.1.1 STD may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Advanced Link Analyzer Pro and Standard edition |
Version: See references |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00715.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00715.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-27638",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:38.761552Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:53:12.540Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Advanced Link Analyzer Pro and Standard edition",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path element in the Intel(R) Advanced Link Analyzer Pro before version 22.2 and Standard edition software before version 22.1.1 STD may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:03.286Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00715.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00715.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-27638",
"datePublished": "2022-11-11T15:48:39.753Z",
"dateReserved": "2022-04-05T15:12:32.618Z",
"dateUpdated": "2025-02-05T20:53:12.540Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21198 (GCVE-0-2022-21198)
Vulnerability from cvelistv5
Published
2022-11-11 15:49
Modified
2025-02-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Version: See references |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:59.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-21198",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:21.227981Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T17:58:34.848Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.9,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:28.257Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-21198",
"datePublished": "2022-11-11T15:49:10.831Z",
"dateReserved": "2022-02-18T21:23:59.775Z",
"dateUpdated": "2025-02-04T17:58:34.848Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26508 (GCVE-0-2022-26508)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
Summary
Improper authentication in the Intel(R) SDP Tool before version 3.0.0 may allow an unauthenticated user to potentially enable information disclosure via network access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) SDP Tool |
Version: before version 3.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00710.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00710.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26508",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:58.349276Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:52:56.345Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) SDP Tool",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authentication in the Intel(R) SDP Tool before version 3.0.0 may allow an unauthenticated user to potentially enable information disclosure via network access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:04.645Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00710.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00710.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-26508",
"datePublished": "2022-11-11T15:48:40.737Z",
"dateReserved": "2022-04-05T15:11:54.342Z",
"dateUpdated": "2025-02-05T20:52:56.345Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28611 (GCVE-0-2022-28611)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper input validation in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) XMM(TM) 7560 Modem software |
Version: before version M2_7560_R_01.2146.00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:16.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-28611",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:21.736125Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:47:35.045Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) XMM(TM) 7560 Modem software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version M2_7560_R_01.2146.00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:11.652Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-28611",
"datePublished": "2022-11-11T15:48:45.794Z",
"dateReserved": "2022-04-05T15:11:54.332Z",
"dateUpdated": "2025-02-05T20:47:35.045Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26079 (GCVE-0-2022-26079)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper conditions check in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) XMM(TM) 7560 Modem software |
Version: before version M2_7560_R_01.2146.00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26079",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:32.347515Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:46:57.179Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) XMM(TM) 7560 Modem software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version M2_7560_R_01.2146.00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper conditions check in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:14.407Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-26079",
"datePublished": "2022-11-11T15:48:47.785Z",
"dateReserved": "2022-04-05T15:11:54.308Z",
"dateUpdated": "2025-02-05T20:46:57.179Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36377 (GCVE-0-2022-36377)
Vulnerability from cvelistv5
Published
2022-11-11 15:49
Modified
2025-02-05 14:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
- CWE-277 - Insecure inherited permissions
Summary
Insecure inherited permissions in some Intel(R) Wireless Adapter Driver installation software for Intel(R) NUC Kits & Mini PCs before version 22.190.0.3 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Wireless Adapter Driver installation software for Intel(R) NUC Kits & Mini PCs |
Version: before version 22.190.0.3 for Windows |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36377",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:40:33.068945Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T14:34:04.206Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Wireless Adapter Driver installation software for Intel(R) NUC Kits \u0026 Mini PCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 22.190.0.3 for Windows"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insecure inherited permissions in some Intel(R) Wireless Adapter Driver installation software for Intel(R) NUC Kits \u0026 Mini PCs before version 22.190.0.3 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-277",
"description": "Insecure inherited permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T19:04:47.733Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-36377",
"datePublished": "2022-11-11T15:49:12.793Z",
"dateReserved": "2022-07-23T03:00:19.782Z",
"dateUpdated": "2025-02-05T14:34:04.206Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-32569 (GCVE-0-2022-32569)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper buffer restrictions in BIOS firmware for some Intel(R) NUC M15 Laptop Kits before version BCTGL357.0074 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC M15 Laptop Kits |
Version: before version BCTGL357.0074 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:44.626Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-32569",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:06.833938Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:24:06.163Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC M15 Laptop Kits",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version BCTGL357.0074"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions in BIOS firmware for some Intel(R) NUC M15 Laptop Kits before version BCTGL357.0074 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:19.886Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-32569",
"datePublished": "2022-11-11T15:48:51.816Z",
"dateReserved": "2022-06-09T05:41:11.422Z",
"dateUpdated": "2025-02-05T20:24:06.163Z",
"requesterUserId": "18e72eb2-8568-4e08-88e2-81b49c53dae3",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38099 (GCVE-0-2022-38099)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 15:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper input validation in BIOS firmware for some Intel(R) NUC 11 Compute Elements before version EBTGL357.0065 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC 11 Compute Elements |
Version: before version EBTGL357.0065 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:45:52.628Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-38099",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:40:58.783914Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T15:38:43.308Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC 11 Compute Elements",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version EBTGL357.0065"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in BIOS firmware for some Intel(R) NUC 11 Compute Elements before version EBTGL357.0065 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:22.027Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-38099",
"datePublished": "2022-11-11T15:48:53.346Z",
"dateReserved": "2022-09-27T00:28:29.171Z",
"dateUpdated": "2025-02-05T15:38:43.308Z",
"requesterUserId": "18e72eb2-8568-4e08-88e2-81b49c53dae3",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36400 (GCVE-0-2022-36400)
Vulnerability from cvelistv5
Published
2022-11-11 15:49
Modified
2025-02-04 17:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Path traversal in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 |
Version: before version 22.40 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36400",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:40:41.821049Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T17:17:22.989Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(r) NUC Kit Wireless Adapter drivers for Windows 10",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 22.40"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Path traversal in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:28.974Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-36400",
"datePublished": "2022-11-11T15:49:11.323Z",
"dateReserved": "2022-07-24T03:00:08.614Z",
"dateUpdated": "2025-02-04T17:17:22.989Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33064 (GCVE-0-2021-33064)
Vulnerability from cvelistv5
Published
2022-11-11 15:49
Modified
2025-01-29 20:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Uncontrolled search path in the software installer for Intel(R) System Studio for all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) System Studio |
Version: all versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:42:19.852Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00558.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00558.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-33064",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:40:27.444847Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T20:44:07.515Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) System Studio",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in the software installer for Intel(R) System Studio for all versions, may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:34.498Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00558.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00558.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2021-33064",
"datePublished": "2022-11-11T15:49:15.307Z",
"dateReserved": "2021-05-18T00:31:17.205Z",
"dateUpdated": "2025-01-29T20:44:07.515Z",
"requesterUserId": "520cc88b-a1c8-44f6-9154-21a4d74c769f",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26028 (GCVE-0-2022-26028)
Vulnerability from cvelistv5
Published
2022-11-11 15:49
Modified
2025-01-29 20:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Uncontrolled search path in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) VTune(TM) Profiler software |
Version: before version 2022.2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "intel-sa-00676",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00676.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26028",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:40:24.641666Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T20:43:45.423Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) VTune(TM) Profiler software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2022.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-18T19:10:43.511Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "intel-sa-00676",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00676.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-26028",
"datePublished": "2022-11-11T15:49:15.914Z",
"dateReserved": "2022-03-02T00:32:53.323Z",
"dateUpdated": "2025-01-29T20:43:45.423Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27874 (GCVE-0-2022-27874)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper authentication in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) XMM(TM) 7560 Modem software |
Version: before version M2_7560_R_01.2146.00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:41:10.193Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-27874",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:24.602048Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:47:44.677Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) XMM(TM) 7560 Modem software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version M2_7560_R_01.2146.00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authentication in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:10.955Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-27874",
"datePublished": "2022-11-11T15:48:45.296Z",
"dateReserved": "2022-04-05T15:11:54.317Z",
"dateUpdated": "2025-02-05T20:47:44.677Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27233 (GCVE-0-2022-27233)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
Summary
XML injection in the Quartus(R) Prime Programmer included in the Intel(R) Quartus Prime Pro and Standard edition software may allow an unauthenticated user to potentially enable information disclosure via network access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Quartus Prime Pro and Standard edition software |
Version: See reference |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:25:32.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-27233",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:52.827622Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-91",
"description": "CWE-91 XML Injection (aka Blind XPath Injection)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:52:28.158Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Quartus Prime Pro and Standard edition software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See reference"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "XML injection in the Quartus(R) Prime Programmer included in the Intel(R) Quartus Prime Pro and Standard edition software may allow an unauthenticated user to potentially enable information disclosure via network access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-07T16:09:01.371Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-27233",
"datePublished": "2022-11-11T15:48:42.749Z",
"dateReserved": "2022-03-21T23:31:41.486Z",
"dateUpdated": "2025-02-05T20:52:28.158Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27497 (GCVE-0-2022-27497)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Null pointer dereference in firmware for Intel(R) AMT before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable denial of service via network access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) AMT |
Version: before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:57.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-27497",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:40:55.451083Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:54:25.497Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) AMT",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Null pointer dereference in firmware for Intel(R) AMT before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable denial of service via network access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:45:57.796Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-27497",
"datePublished": "2022-11-11T15:48:35.754Z",
"dateReserved": "2022-04-20T00:10:11.670Z",
"dateUpdated": "2025-02-05T20:54:25.497Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36380 (GCVE-0-2022-36380)
Vulnerability from cvelistv5
Published
2022-11-11 15:49
Modified
2025-02-04 17:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Uncontrolled search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 |
Version: before version 22.40 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36380",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:40:35.940781Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T17:17:51.283Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(r) NUC Kit Wireless Adapter drivers for Windows 10",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 22.40"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:30.329Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-36380",
"datePublished": "2022-11-11T15:49:12.259Z",
"dateReserved": "2022-07-24T03:00:08.635Z",
"dateUpdated": "2025-02-04T17:17:51.283Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25917 (GCVE-0-2022-25917)
Vulnerability from cvelistv5
Published
2022-11-11 15:49
Modified
2025-02-05 15:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Uncaught exception in the firmware for some Intel(R) Server Board M50CYP Family before version R01.01.0005 may allow a privileged user to potentially enable a denial of service via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board M50CYP Family |
Version: before version R01.01.0005 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:44.428Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25917",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:23.793114Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755 Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T15:07:59.835Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board M50CYP Family",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version R01.01.0005"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncaught exception in the firmware for some Intel(R) Server Board M50CYP Family before version R01.01.0005 may allow a privileged user to potentially enable a denial of service via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:26.898Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-25917",
"datePublished": "2022-11-11T15:49:09.844Z",
"dateReserved": "2022-03-02T00:32:11.621Z",
"dateUpdated": "2025-02-05T15:07:59.835Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26845 (GCVE-0-2022-26845)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) AMT |
Version: before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:11:44.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26845",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:44.275582Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:54:33.714Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) AMT",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable escalation of privilege via network access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:45:57.128Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-26845",
"datePublished": "2022-11-11T15:48:35.294Z",
"dateReserved": "2022-04-05T15:12:32.582Z",
"dateUpdated": "2025-02-05T20:54:33.714Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26369 (GCVE-0-2022-26369)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Out-of-bounds read in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via adjacent access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) XMM(TM) 7560 Modem software |
Version: before version M2_7560_R_01.2146.00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26369",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:40.719783Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:47:27.877Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) XMM(TM) 7560 Modem software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version M2_7560_R_01.2146.00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via adjacent access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:12.335Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-26369",
"datePublished": "2022-11-11T15:48:46.271Z",
"dateReserved": "2022-04-05T15:11:17.500Z",
"dateUpdated": "2025-02-05T20:47:27.877Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36349 (GCVE-0-2022-36349)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2024-08-03 10:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow an authenticated user to potentially enable denial of service via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC Boards and Intel(R) NUC Kits |
Version: before version MYi30060 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC Boards and Intel(R) NUC Kits",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version MYi30060"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow an authenticated user to potentially enable denial of service via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:24.847Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-36349",
"datePublished": "2022-11-11T15:48:55.398Z",
"dateReserved": "2022-07-28T03:00:22.224Z",
"dateUpdated": "2024-08-03T10:00:04.279Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36370 (GCVE-0-2022-36370)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 15:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper authentication in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC Boards and Intel(R) NUC Kits |
Version: before version MYi30060 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36370",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:40:53.311241Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T15:37:41.825Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC Boards and Intel(R) NUC Kits",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version MYi30060"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authentication in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:23.440Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-36370",
"datePublished": "2022-11-11T15:48:54.374Z",
"dateReserved": "2022-07-24T03:00:08.592Z",
"dateUpdated": "2025-02-05T15:37:41.825Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36384 (GCVE-0-2022-36384)
Vulnerability from cvelistv5
Published
2022-11-11 15:49
Modified
2025-02-04 17:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Unquoted search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 |
Version: before version 22.40 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36384",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:40:38.932349Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428 Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T17:30:03.148Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(r) NUC Kit Wireless Adapter drivers for Windows 10",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 22.40"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unquoted search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:29.636Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-36384",
"datePublished": "2022-11-11T15:49:11.789Z",
"dateReserved": "2022-07-24T03:00:08.603Z",
"dateUpdated": "2025-02-04T17:30:03.148Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-33973 (GCVE-0-2022-33973)
Vulnerability from cvelistv5
Published
2022-11-11 15:49
Modified
2025-01-29 21:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
Summary
Improper access control in the Intel(R) WAPI Security software for Windows 10/11 before version 22.2150.0.1 may allow an authenticated user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) WAPI Security software for Windows 10/11 |
Version: before version 22.2150.0.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:16.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00720.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00720.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-33973",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:18.314675Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-922",
"description": "CWE-922 Insecure Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T21:12:46.660Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) WAPI Security software for Windows 10/11",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 22.2150.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in the Intel(R) WAPI Security software for Windows 10/11 before version 22.2150.0.1 may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:31.720Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00720.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00720.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-33973",
"datePublished": "2022-11-11T15:49:13.303Z",
"dateReserved": "2022-06-19T03:00:05.172Z",
"dateUpdated": "2025-01-29T21:12:46.660Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-34152 (GCVE-0-2022-34152)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper input validation in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Kits before version TY0070 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC Boards, Intel(R) NUC Kits |
Version: before version TY0070 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:17.170Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34152",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:09.361001Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:24:48.008Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC Boards, Intel(R) NUC Kits",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version TY0070"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Kits before version TY0070 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:19.173Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-34152",
"datePublished": "2022-11-11T15:48:51.318Z",
"dateReserved": "2022-08-04T03:00:21.387Z",
"dateUpdated": "2025-02-05T20:24:48.008Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26047 (GCVE-0-2022-26047)
Vulnerability from cvelistv5
Published
2022-11-11 15:49
Modified
2025-01-29 20:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products |
Version: See references |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00699.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00699.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26047",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:14.927228Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T20:50:12.842Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:32.386Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00699.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00699.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-26047",
"datePublished": "2022-11-11T15:49:13.792Z",
"dateReserved": "2022-04-05T15:11:17.482Z",
"dateUpdated": "2025-01-29T20:50:12.842Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26513 (GCVE-0-2022-26513)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Out-of-bounds write in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) XMM(TM) 7560 Modem software |
Version: before version M2_7560_R_01.2146.00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26513",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:43.642576Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:47:56.987Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) XMM(TM) 7560 Modem software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version M2_7560_R_01.2146.00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:10.272Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-26513",
"datePublished": "2022-11-11T15:48:44.749Z",
"dateReserved": "2022-04-05T15:11:54.328Z",
"dateUpdated": "2025-02-05T20:47:56.987Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29515 (GCVE-0-2022-29515)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) SPS |
Version: before versions SPS_E3_06.00.03.035.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:26:05.911Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-29515",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:39:09.231213Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401 Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:53:46.770Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) SPS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before versions SPS_E3_06.00.03.035.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:00.527Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-29515",
"datePublished": "2022-11-11T15:48:37.745Z",
"dateReserved": "2022-05-11T04:14:45.493Z",
"dateUpdated": "2025-02-05T20:53:46.770Z",
"requesterUserId": "18e72eb2-8568-4e08-88e2-81b49c53dae3",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29893 (GCVE-0-2022-29893)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an authenticated user to potentially enable escalation of privilege via network access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) AMT |
Version: before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:33:43.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-29893",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:41.640882Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:54:17.483Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) AMT",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an authenticated user to potentially enable escalation of privilege via network access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:45:58.507Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-29893",
"datePublished": "2022-11-11T15:48:36.224Z",
"dateReserved": "2022-05-11T04:14:45.489Z",
"dateUpdated": "2025-02-05T20:54:17.483Z",
"requesterUserId": "18e72eb2-8568-4e08-88e2-81b49c53dae3",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30691 (GCVE-0-2022-30691)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Uncontrolled resource consumption in the Intel(R) Support Android application before version 22.02.28 may allow an authenticated user to potentially enable denial of service via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Support Android application |
Version: before version 22.02.28 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:56:13.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-30691",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:39:06.510872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:53:35.282Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Support Android application",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 22.02.28"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled resource consumption in the Intel(R) Support Android application before version 22.02.28 may allow an authenticated user to potentially enable denial of service via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:01.233Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-30691",
"datePublished": "2022-11-11T15:48:38.235Z",
"dateReserved": "2022-06-18T03:00:05.778Z",
"dateUpdated": "2025-02-05T20:53:35.282Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36789 (GCVE-0-2022-36789)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper access control in BIOS firmware for some Intel(R) NUC 10 Performance Kits and Intel(R) NUC 10 Performance Mini PCs before version FNCML357.0053 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC 10 Performance Kits and Intel(R) NUC 10 Performance Mini PCs |
Version: before version FNCML357.0053 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:14:28.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36789",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:04.119010Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:23:34.877Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC 10 Performance Kits and Intel(R) NUC 10 Performance Mini PCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version FNCML357.0053"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in BIOS firmware for some Intel(R) NUC 10 Performance Kits and Intel(R) NUC 10 Performance Mini PCs before version FNCML357.0053 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:20.561Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-36789",
"datePublished": "2022-11-11T15:48:52.320Z",
"dateReserved": "2022-08-04T03:00:18.750Z",
"dateUpdated": "2025-02-05T20:23:34.877Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30297 (GCVE-0-2022-30297)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Cross-site scripting in the Intel(R) EMA software before version 1.8.0 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) EMA software |
Version: before version 1.8.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:48:34.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00716.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00716.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-30297",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:39:01.179365Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:53:20.086Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) EMA software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.8.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting in the Intel(R) EMA software before version 1.8.0 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:02.617Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00716.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00716.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-30297",
"datePublished": "2022-11-11T15:48:39.241Z",
"dateReserved": "2022-06-18T03:00:05.751Z",
"dateUpdated": "2025-02-05T20:53:20.086Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-0185 (GCVE-0-2021-0185)
Vulnerability from cvelistv5
Published
2022-11-10 22:00
Modified
2025-02-05 20:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper input validation in the firmware for some Intel(R) Server Board M10JNP Family before version 7.216 may allow a privileged user to potentially enable an escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Server Board M10JNP Family |
Version: before version 7.216 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:32:10.071Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-0185",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:49.994709Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:54:54.654Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Server Board M10JNP Family",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 7.216"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in the firmware for some Intel(R) Server Board M10JNP Family before version 7.216 may allow a privileged user to potentially enable an escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:26.228Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2021-0185",
"datePublished": "2022-11-10T22:00:30.829Z",
"dateReserved": "2020-10-22T00:00:00.000Z",
"dateUpdated": "2025-02-05T20:54:54.654Z",
"requesterUserId": "b10c23db-d69c-4177-8d87-267a354894ff",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26045 (GCVE-0-2022-26045)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper buffer restrictions in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) XMM(TM) 7560 Modem software |
Version: before version M2_7560_R_01.2146.00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26045",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:26.674792Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:46:38.739Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) XMM(TM) 7560 Modem software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version M2_7560_R_01.2146.00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:15.785Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-26045",
"datePublished": "2022-11-11T15:48:48.801Z",
"dateReserved": "2022-04-05T15:11:54.322Z",
"dateUpdated": "2025-02-05T20:46:38.739Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30548 (GCVE-0-2022-30548)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Uncontrolled search path element in the Intel(R) Glorp software may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Glorp software |
Version: See references |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:48:36.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00673.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00673.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-30548",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:33.267169Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:52:42.780Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Glorp software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path element in the Intel(R) Glorp software may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:06.010Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00673.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00673.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-30548",
"datePublished": "2022-11-11T15:48:41.760Z",
"dateReserved": "2022-05-11T04:17:14.560Z",
"dateUpdated": "2025-02-05T20:52:42.780Z",
"requesterUserId": "18e72eb2-8568-4e08-88e2-81b49c53dae3",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26006 (GCVE-0-2022-26006)
Vulnerability from cvelistv5
Published
2022-11-11 15:49
Modified
2025-02-05 15:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Version: See references |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26006",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:40:44.675417Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T15:07:26.963Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:27.567Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-26006",
"datePublished": "2022-11-11T15:49:10.339Z",
"dateReserved": "2022-03-02T00:32:11.634Z",
"dateUpdated": "2025-02-05T15:07:26.963Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26124 (GCVE-0-2022-26124)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 15:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper buffer restrictions in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC 8 Boards, Intel(R) NUC 8 Rugged Boards and Intel(R) NUC 8 Rugged Kits before version CHAPLCEL.0059 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC Boards, Intel(R) NUC 8 Boards, Intel(R) NUC 8 Rugged Boards and Intel(R) NUC 8 Rugged Kits |
Version: before version CHAPLCEL.0059 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26124",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:40:56.095759Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T15:38:15.857Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC Boards, Intel(R) NUC 8 Boards, Intel(R) NUC 8 Rugged Boards and Intel(R) NUC 8 Rugged Kits",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version CHAPLCEL.0059"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC 8 Boards, Intel(R) NUC 8 Rugged Boards and Intel(R) NUC 8 Rugged Kits before version CHAPLCEL.0059 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:22.730Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-26124",
"datePublished": "2022-11-11T15:48:53.869Z",
"dateReserved": "2022-03-02T00:32:11.638Z",
"dateUpdated": "2025-02-05T15:38:15.857Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-33176 (GCVE-0-2022-33176)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper input validation in BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs |
Version: before version PATGL357.0042 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:01:20.389Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-33176",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:19.103976Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:26:09.926Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version PATGL357.0042"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:17.149Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-33176",
"datePublished": "2022-11-11T15:48:49.818Z",
"dateReserved": "2022-06-17T20:54:11.154Z",
"dateUpdated": "2025-02-05T20:26:09.926Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-33942 (GCVE-0-2022-33942)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Protection mechanism failure in the Intel(R) DCM software before version 5.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) DCM software |
Version: before version 5.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:15.935Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-33942",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:27.267713Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693 Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:52:11.139Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) DCM software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Protection mechanism failure in the Intel(R) DCM software before version 5.0 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:08.833Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-33942",
"datePublished": "2022-11-11T15:48:43.742Z",
"dateReserved": "2022-06-17T20:54:11.143Z",
"dateUpdated": "2025-02-05T20:52:11.139Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29486 (GCVE-0-2022-29486)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper buffer restrictions in the Hyperscan library maintained by Intel(R) all versions downloaded before 04/29/2022 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Hyperscan library maintained by Intel(R) |
Version: all versions downloaded before 04/29/2022 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:26:06.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00695.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00695.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-29486",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:47.143773Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:48:07.001Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Hyperscan library maintained by Intel(R)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "all versions downloaded before 04/29/2022"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions in the Hyperscan library maintained by Intel(R) all versions downloaded before 04/29/2022 may allow an unauthenticated user to potentially enable escalation of privilege via network access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:09.522Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00695.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00695.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-29486",
"datePublished": "2022-11-11T15:48:44.247Z",
"dateReserved": "2022-04-20T00:10:11.699Z",
"dateUpdated": "2025-02-05T20:48:07.001Z",
"requesterUserId": "e1538295-92a9-4bd5-bb63-88a76fc3a35c",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27187 (GCVE-0-2022-27187)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Quartus Prime Standard edition software |
Version: before version 21.1 Patch 0.02std |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:25:31.018Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-27187",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:30.350318Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:52:35.658Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Quartus Prime Standard edition software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 21.1 Patch 0.02std"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-07T04:31:45.250Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-27187",
"datePublished": "2022-11-11T15:48:42.269Z",
"dateReserved": "2022-04-05T15:11:17.474Z",
"dateUpdated": "2025-02-05T20:52:35.658Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26341 (GCVE-0-2022-26341)
Vulnerability from cvelistv5
Published
2022-11-11 15:47
Modified
2025-02-05 20:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may allow an authenticated user to potentially enable escalation of privilege via network access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) AMT SDK, Intel(R) EMA and Intel(R) MC |
Version: See references |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.764Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26341",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:41:47.226197Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:54:43.309Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) AMT SDK, Intel(R) EMA and Intel(R) MC",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may allow an authenticated user to potentially enable escalation of privilege via network access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:45:56.083Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-26341",
"datePublished": "2022-11-11T15:47:12.330Z",
"dateReserved": "2022-04-05T15:11:17.462Z",
"dateUpdated": "2025-02-05T20:54:43.309Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27639 (GCVE-0-2022-27639)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Incomplete cleanup in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via adjacent access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) XMM(TM) 7560 Modem software |
Version: before version M2_7560_R_01.2146.00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-27639",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:29.532787Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-459",
"description": "CWE-459 Incomplete Cleanup",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:46:47.989Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) XMM(TM) 7560 Modem software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version M2_7560_R_01.2146.00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incomplete cleanup in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via adjacent access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:15.117Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-27639",
"datePublished": "2022-11-11T15:48:48.279Z",
"dateReserved": "2022-04-05T15:11:54.304Z",
"dateUpdated": "2025-02-05T20:46:47.989Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33164 (GCVE-0-2021-33164)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2024-08-03 23:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper access control in BIOS firmware for some Intel(R) NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) NUCs |
Version: before version INWHL357.0046 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:42:20.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/434994"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:bios_firmware:intel_r_nucs:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "intel_r_nucs",
"vendor": "bios_firmware",
"versions": [
{
"lessThan": "nwhl357.0046",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-33164",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-01T14:30:53.127167Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T14:47:52.170Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) NUCs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version INWHL357.0046"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in BIOS firmware for some Intel(R) NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:16.495Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2021-33164",
"datePublished": "2022-11-11T15:48:49.297Z",
"dateReserved": "2021-05-18T00:31:17.250Z",
"dateUpdated": "2024-08-03T23:42:20.052Z",
"requesterUserId": "520cc88b-a1c8-44f6-9154-21a4d74c769f",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33159 (GCVE-0-2021-33159)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) AMT |
Version: before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:42:20.015Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-33159",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:39:15.361042Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:54:08.124Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) AMT",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:45:59.209Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2021-33159",
"datePublished": "2022-11-11T15:48:36.704Z",
"dateReserved": "2021-05-18T00:31:17.246Z",
"dateUpdated": "2025-02-05T20:54:08.124Z",
"requesterUserId": "520cc88b-a1c8-44f6-9154-21a4d74c769f",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28126 (GCVE-0-2022-28126)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper input validation in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) XMM(TM) 7560 Modem software |
Version: before version M2_7560_R_01.2146.00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-28126",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:37.937111Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:47:19.981Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) XMM(TM) 7560 Modem software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version M2_7560_R_01.2146.00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:13.002Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-28126",
"datePublished": "2022-11-11T15:48:46.764Z",
"dateReserved": "2022-04-05T15:11:54.313Z",
"dateUpdated": "2025-02-05T20:47:19.981Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26367 (GCVE-0-2022-26367)
Vulnerability from cvelistv5
Published
2022-11-11 15:48
Modified
2025-02-05 20:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Improper buffer restrictions in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) XMM(TM) 7560 Modem software |
Version: before version M2_7560_R_01.2146.00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26367",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:35.041407Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:47:12.300Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) XMM(TM) 7560 Modem software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version M2_7560_R_01.2146.00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:13.685Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-26367",
"datePublished": "2022-11-11T15:48:47.217Z",
"dateReserved": "2022-04-05T15:11:54.299Z",
"dateUpdated": "2025-02-05T20:47:12.300Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…