Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2024-AVI-0213
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Intel. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une élévation de privilèges et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Intel | N/A | Intel Local Manageability Service versions antérieures à 2316.5.1.2. | ||
| Intel | N/A | Intel Xeon D | ||
| Intel | N/A | Processor Bus Lock | ||
| Intel | N/A | Intel CSME software installer versions antérieures à 2328.5.5.0. | ||
| Intel | N/A | Bios | ||
| Intel | N/A | Intel Xeon de 3ème et 4ème génération | ||
| Intel | N/A | Intel SPS versions antérieures à SPS_E5_04.04.04.500.0 ou SPS_E5_06.01.02.048.0. |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Intel Local Manageability Service versions ant\u00e9rieures \u00e0 2316.5.1.2.",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon D",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processor Bus Lock",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel CSME software installer versions ant\u00e9rieures \u00e0 2328.5.5.0.",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Bios",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon de 3\u00e8me et 4\u00e8me g\u00e9n\u00e9ration",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel SPS versions ant\u00e9rieures \u00e0 SPS_E5_04.04.04.500.0 ou SPS_E5_06.01.02.048.0.",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-32666",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32666"
},
{
"name": "CVE-2023-27502",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27502"
},
{
"name": "CVE-2023-35191",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35191"
},
{
"name": "CVE-2023-32633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32633"
},
{
"name": "CVE-2023-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38575"
},
{
"name": "CVE-2023-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32282"
},
{
"name": "CVE-2023-43490",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43490"
},
{
"name": "CVE-2023-22655",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22655"
},
{
"name": "CVE-2023-39368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39368"
},
{
"name": "CVE-2023-28389",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28389"
}
],
"initial_release_date": "2024-03-13T00:00:00",
"last_revision_date": "2024-03-13T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0213",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-03-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Intel\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance,\nune \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00923 du 12 mars 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00982 du 12 mars 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00982.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01045 du 12 mars 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01045.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00986 du 12 mars 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00960 du 12 mars 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00960.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00972 du 12 mars 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00972.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00929 du 12 mars 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00929.html"
}
]
}
CVE-2023-35191 (GCVE-0-2023-35191)
Vulnerability from cvelistv5
Published
2024-03-14 16:45
Modified
2025-02-13 16:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
- CWE-400 - Uncontrolled resource consumption
Summary
Uncontrolled resource consumption for some Intel(R) SPS firmware versions may allow a privileged user to potentially enable denial of service via network access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) SPS firmware versions |
Version: See references |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35191",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-14T17:45:23.579667Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:08.924Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240405-0005/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) SPS firmware versions",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled resource consumption for some Intel(R) SPS firmware versions may allow a privileged user to potentially enable denial of service via network access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en"
},
{
"cweId": "CWE-400",
"description": "Uncontrolled resource consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T09:05:58.441Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240405-0005/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-35191",
"datePublished": "2024-03-14T16:45:47.845Z",
"dateReserved": "2023-06-17T03:00:02.662Z",
"dateUpdated": "2025-02-13T16:55:49.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27502 (GCVE-0-2023-27502)
Vulnerability from cvelistv5
Published
2024-03-14 16:45
Modified
2024-08-02 12:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
- CWE-532 - Insertion of sensitive information into log file
Summary
Insertion of sensitive information into log file for some Intel(R) Local Manageability Service software before version 2316.5.1.2 may allow an authenticated user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Local Manageability Service software |
Version: before version 2316.5.1.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27502",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-14T18:33:39.723040Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:24:51.209Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:16:35.443Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Local Manageability Service software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2316.5.1.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insertion of sensitive information into log file for some Intel(R) Local Manageability Service software before version 2316.5.1.2 may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-532",
"description": "Insertion of sensitive information into log file",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-14T16:45:49.763Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-27502",
"datePublished": "2024-03-14T16:45:49.763Z",
"dateReserved": "2023-03-08T04:00:03.653Z",
"dateUpdated": "2024-08-02T12:16:35.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32633 (GCVE-0-2023-32633)
Vulnerability from cvelistv5
Published
2024-03-14 16:45
Modified
2024-08-02 15:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
- CWE-20 - Improper input validation
Summary
Improper input validation in the Intel(R) CSME installer software before version 2328.5.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME installer software |
Version: before version 2328.5.5.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32633",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-14T18:23:06.058885Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:26:25.320Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:36.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) CSME installer software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2328.5.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in the Intel(R) CSME installer software before version 2328.5.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper input validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-14T16:45:49.120Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-32633",
"datePublished": "2024-03-14T16:45:49.120Z",
"dateReserved": "2023-06-06T03:00:04.981Z",
"dateUpdated": "2024-08-02T15:25:36.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22655 (GCVE-0-2023-22655)
Vulnerability from cvelistv5
Published
2024-03-14 16:45
Modified
2025-02-13 16:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
- CWE-693 - Protection mechanism failure
Summary
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX |
Version: See references |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:49.758Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00960.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00960.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240405-0006/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:3rd_gen_intel_xeon_scalable_processor_family:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "3rd_gen_intel_xeon_scalable_processor_family",
"vendor": "intel",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:intel:xeon_d_processor:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xeon_d_processor",
"vendor": "intel",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:intel:4th_generation_intel_xeon_platinum_processors:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "4th_generation_intel_xeon_platinum_processors",
"vendor": "intel",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:intel:4th_generation_intel_xeon_gold_processors:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "4th_generation_intel_xeon_gold_processors",
"vendor": "intel",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:intel:4th_gen_intel_xeon_scalable_processors:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "4th_gen_intel_xeon_scalable_processors",
"vendor": "intel",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:intel:4th_gen_intel_xeon_platinum_processors:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "4th_gen_intel_xeon_platinum_processors",
"vendor": "intel",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:intel:4th_gen_intel_xeon_gold_processors:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "4th_gen_intel_xeon_gold_processors",
"vendor": "intel",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:intel:4th_gen_intel_xeon_silver_processors:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "4th_gen_intel_xeon_silver_processors",
"vendor": "intel",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:intel:4th_gen_intel_xeon_bronze_processors:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "4th_gen_intel_xeon_bronze_processors",
"vendor": "intel",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:intel:xeon_cpu_max_series_processors:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xeon_cpu_max_series_processors",
"vendor": "intel",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:intel:4th_gen_intel_xeon_scalable_processors_with_intel_vran:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "4th_gen_intel_xeon_scalable_processors_with_intel_vran",
"vendor": "intel",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22655",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-14T18:28:48.835937Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T18:17:37.653Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-693",
"description": "Protection mechanism failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-04T16:05:52.199Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00960.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00960.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240405-0006/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22655",
"datePublished": "2024-03-14T16:45:46.683Z",
"dateReserved": "2023-01-27T04:00:04.248Z",
"dateUpdated": "2025-02-13T16:44:02.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-43490 (GCVE-0-2023-43490)
Vulnerability from cvelistv5
Published
2024-03-14 16:45
Modified
2025-02-13 17:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
- CWE-682 - Incorrect calculation
Summary
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Xeon(R) D Processors with Intel(R) SGX |
Version: See references |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-43490",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-14T18:34:04.120787Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:26:04.431Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:44:42.766Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01045.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01045.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240405-0009/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Xeon(R) D Processors with Intel(R) SGX",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-682",
"description": "Incorrect calculation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-04T16:05:57.199Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01045.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01045.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240405-0009/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-43490",
"datePublished": "2024-03-14T16:45:44.079Z",
"dateReserved": "2023-11-27T04:00:20.205Z",
"dateUpdated": "2025-02-13T17:13:15.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39368 (GCVE-0-2023-39368)
Vulnerability from cvelistv5
Published
2024-03-14 16:45
Modified
2025-02-13 17:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
- CWE-693 - Protection mechanism failure
Summary
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Version: See references |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39368",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-15T15:31:40.103640Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:26:55.053Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.238Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00972.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00972.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240405-0007/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en"
},
{
"cweId": "CWE-693",
"description": "Protection mechanism failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-04T16:05:53.830Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00972.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00972.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240405-0007/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-39368",
"datePublished": "2024-03-14T16:45:46.050Z",
"dateReserved": "2023-08-01T18:07:23.335Z",
"dateUpdated": "2025-02-13T17:03:02.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32282 (GCVE-0-2023-32282)
Vulnerability from cvelistv5
Published
2024-03-14 16:45
Modified
2025-04-10 20:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Summary
Race condition in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Version: See references |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32282",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-14T18:32:50.656205Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T20:31:56.746Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:24.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00929.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00929.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Race condition in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-367",
"description": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-14T16:45:47.270Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00929.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00929.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-32282",
"datePublished": "2024-03-14T16:45:47.270Z",
"dateReserved": "2023-05-11T03:00:02.597Z",
"dateUpdated": "2025-04-10T20:31:56.746Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38575 (GCVE-0-2023-38575)
Vulnerability from cvelistv5
Published
2024-03-14 16:45
Modified
2025-02-13 17:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- information disclosure
- CWE-1303 - Non-Transparent Sharing of Microarchitectural Resources
Summary
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Version: some Intel(R) Processors |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:46:56.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00982.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00982.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240405-0008/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38575",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T19:25:29.180109Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T19:25:40.916Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "some Intel(R) Processors"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-1303",
"description": "Non-Transparent Sharing of Microarchitectural Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-04T16:05:58.808Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00982.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00982.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240405-0008/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-38575",
"datePublished": "2024-03-14T16:45:45.360Z",
"dateReserved": "2023-08-02T03:00:04.673Z",
"dateUpdated": "2025-02-13T17:01:56.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28389 (GCVE-0-2023-28389)
Vulnerability from cvelistv5
Published
2024-03-14 16:45
Modified
2024-08-02 12:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
- CWE-276 - Incorrect default permissions
Summary
Incorrect default permissions in some Intel(R) CSME installer software before version 2328.5.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME installer software |
Version: before version 2328.5.5.0 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:converged_security_and_manageability_engine:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "converged_security_and_manageability_engine",
"vendor": "intel",
"versions": [
{
"lessThan": "2328.5.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-14T18:27:01.638187Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T21:07:47.885Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:24.754Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) CSME installer software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2328.5.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incorrect default permissions in some Intel(R) CSME installer software before version 2328.5.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-276",
"description": "Incorrect default permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-14T16:45:48.448Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-28389",
"datePublished": "2024-03-14T16:45:48.448Z",
"dateReserved": "2023-05-11T03:00:02.698Z",
"dateUpdated": "2024-08-02T12:38:24.754Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32666 (GCVE-0-2023-32666)
Vulnerability from cvelistv5
Published
2024-03-14 16:45
Modified
2025-02-13 16:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
- CWE-1191 - On-chip debug and test interface with improper access control
Summary
On-chip debug and test interface with improper access control in some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX |
Version: some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:36.717Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240405-0010/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:intel:e3-1220l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1226_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1230l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1231_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1241_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1246_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1265l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1271_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1275l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1276_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1281_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1285l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1286_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e3-1286l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-1428l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-1620_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-1630_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-1650_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-1660_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-1680_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2408l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2418l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2428l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2438l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2603_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2608l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2609_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2618l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2620_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2623_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2628l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2630_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2630l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2637_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2640_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2643_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2648l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2650_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2650l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2658a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2658_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2660_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2667_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2670_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2680_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2683_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2687w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2690_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2695_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2697_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2698_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-2699_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4610_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4620_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4627_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4640_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4648_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4650_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4655_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4660_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4667_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e5-4669_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-4809_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-4820_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-4830_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-4850_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-8860_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-8867_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-8870_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-8880_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-8880l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-8890_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-8891_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:e7-8893_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3040_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3060_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3065_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3070_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3104_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3106_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3204_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_3206r_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4108_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4109t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4110_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4112_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4114_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4114t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4116_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4116t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4208_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4208r_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4209t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4210_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4210r_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4214c_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4214_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4214r_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4214y_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4215_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4216_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_4216r_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5030_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5040_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5060_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5063_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5070_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5080_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5110_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5115_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5118_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5119t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5120_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5120t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5122_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5130_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5140_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5150_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5160_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5215_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5215l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5215m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5215r_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5217_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5218b_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5218_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5218n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5218t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5220_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5220r_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5220s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5220t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_5222_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6126f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6126_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6126t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6128_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6130f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6130_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6130t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6132_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6134_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6134m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6136_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6138f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6138_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6138t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6140_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6140m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6142f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6142_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6142m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6144_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6146_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6148f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6148_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6150_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6152_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6154_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6222v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6226_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6230_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6230n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6230t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6234_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6238_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6238l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6238m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6238t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6240_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6240l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6240m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6240y_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6242_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6244_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6246_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6248_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6252_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6252n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6254_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_6262v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7020_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7030_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7040_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7041_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7110m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7110n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7120m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7120n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7130m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7130n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7140m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7140n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_7150n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8153_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8156_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8158_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8160f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8160_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8160m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8160t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8164_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8168_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8170_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8170m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8176f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8176_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8176m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8180_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8180m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8253_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8256_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8260_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8260l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8260m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8260y_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8268_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8270_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8276_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8276l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8276m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8280_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8280l_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_8280m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_9220_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_9221_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_9222_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_9242_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_9282_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_bronze_3104_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_bronze_3106_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_bronze_3204_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_bronze_3206r_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_bronze_3408u_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_bronze_processors_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1513n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1518_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1520_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1521_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1523n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1524n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1527_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1528_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1529_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1531_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1533n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1537_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1539_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1540_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1541_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1543n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1548_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1553n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1557_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1559_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1563n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1564n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1567_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1571_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1573n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1577_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1581_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1587_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1602_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1612_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1622_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1623n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1627_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1632_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1633n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1637_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1649n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1653n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d1700_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1702_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1712tr_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1713nte_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1713nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1714_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1715ter_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1718t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1722ne_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1726_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1731nte_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1732te_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1733nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1734nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1735tr_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1736_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1736nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1739_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1746ter_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1747nte_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1748te_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-1749nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2123it_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2141i_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2142it_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2143it_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2145nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2146nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2161i_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2163it_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2166nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2173it_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2177nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2183it_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2187nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2191_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d2700_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2712t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2733nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2738_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2745nx_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2752nte_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2752ter_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2753nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2757nx_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2766nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2775te_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2776nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2777nx_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2779_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2786nte_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2795nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2796nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2796te_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2798nt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2798nx_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_d-2799_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_e-1105c_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_e-2104g_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_e-2124_firmware:-:*:*:*:*:windows:*:*",
"cpe:2.3:o:intel:xeon_e-2124_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:intel:xeon_e-2124g_firmware:-:*:*:*:*:windows:*:*",
"cpe:2.3:o:intel:xeon_e-2124g_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xeon_e-2124g_firmware",
"vendor": "intel",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32666",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-15T18:02:00.632301Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-26T20:44:28.557Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On-chip debug and test interface with improper access control in some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-1191",
"description": "On-chip debug and test interface with improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T09:05:53.842Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240405-0010/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-32666",
"datePublished": "2024-03-14T16:45:44.785Z",
"dateReserved": "2023-08-04T03:00:04.683Z",
"dateUpdated": "2025-02-13T16:54:56.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…