Vulnerabilities (CVE)

Improper conditions check in Intel(R) Power Gadget software for macOS all versions may allow an authenticated user to potentially enable information disclosure via local access.

Uncontrolled search path for some Intel(R) Advisor software may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncontrolled search path for some Intel(R) Advisor software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Generation of weak initialization vector in an Intel(R) IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access.

Uncontrolled search path for some Intel(R) IPP software for Windows before version 2021.12.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper access control for some Intel(R) EMA software before version 1.13.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper Input validation in some Intel(R) VTune(TM) Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable denial of service via local access.

Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.

Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.

Insufficient control flow management in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable denial of service via local access.

Out-of-bounds read in some Intel(R) TDX module software before version TDX_1.5.07.00.774 may allow an authenticated user to potentially enable information disclosure via local access.

NULL pointer dereference in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable denial of service via local access.

Improper neutralization in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper access control in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper buffer restrictions in Intel(R) Media SDK all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper initialization in some Intel(R) Power Gadget software for Windwos all versions may allow an authenticated user to potentially enable denial of service via local access.

Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Insecure inherited permissions in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Incomplete cleanup in Intel(R) Power Gadget software for macOS all versions may allow an authenticated user to potentially enable denial of service via local access.

Improper neutralization in Intel(R) Power Gadget software for macOS all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Use after free in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncontrolled search path for some Intel(R) IPP Cryptography software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncontrolled search path in some Intel(R) Advisor software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncontrolled search path in some Intel(R) Processor Diagnostic Tool software before version 4.1.9.41 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper input validation in Intel(R) Media SDK software all versions may allow an authenticated user to potentially enable denial of service via local access.

Improper buffer restrictions in Intel(R) Media SDK software all versions may allow an authenticated user to potentially enable denial of service via local access.

Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DSA Service. By creating a symbolic link, an attacker can abuse the service to write a file. An attacker can le ... Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DSA Service. By creating a symbolic link, an attacker can abuse the service to write a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21845.

Show More

Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DSA Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can l ... Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DSA Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21846.

Show More

An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it. Running arbitrary code in SMM additionally bypasses SMM-based SPI flash protections against modifications, which can help an attacker to install a firmware backdoor/implant into BIOS. Such a malicious firmware code in BIOS could persist across operating system re-insta ... An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it. Running arbitrary code in SMM additionally bypasses SMM-based SPI flash protections against modifications, which can help an attacker to install a firmware backdoor/implant into BIOS. Such a malicious firmware code in BIOS could persist across operating system re-installs. Additionally, this vulnerability potentially could be used by malicious actors to bypass security mechanisms provided by UEFI firmware (for example, Secure Boot and some types of memory isolation for hypervisors). This issue affects: Module name: OverClockSmiHandler SHA256: a204699576e1a48ce915d9d9423380c8e4c197003baf9d17e6504f0265f3039c Module GUID: 4698C2BD-A903-410E-AD1F-5EEF3A1AE422

Show More

An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it. Running arbitrary code in SMM additionally bypasses SMM-based SPI flash protections against modifications, which can help an attacker to install a firmware backdoor/implant into BIOS. Such a malicious firmware code in BIOS could persist across operating system re-insta ... An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it. Running arbitrary code in SMM additionally bypasses SMM-based SPI flash protections against modifications, which can help an attacker to install a firmware backdoor/implant into BIOS. Such a malicious firmware code in BIOS could persist across operating system re-installs. Additionally, this vulnerability potentially could be used by malicious actors to bypass security mechanisms provided by UEFI firmware (for example, Secure Boot and some types of memory isolation for hypervisors). This issue affects: Module name: SmmSmbiosElog SHA256: 3a8acb4f9bddccb19ec3b22b22ad97963711550f76b27b606461cd5073a93b59 Module GUID: 8e61fd6b-7a8b-404f-b83f-aa90a47cabdf This issue affects: AMI Aptio 5.x. This issue affects: AMI Aptio 5.x.

Show More

A potential attacker can write one byte by arbitrary address at the time of the PEI phase (only during S3 resume boot mode) and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines (VMs) and bypassing memory isolation and confidential computing boundaries. Additionally, an attacker can build a payload which can be injected into the SMRAM memory. This issue affects: Module name: Sb ... A potential attacker can write one byte by arbitrary address at the time of the PEI phase (only during S3 resume boot mode) and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines (VMs) and bypassing memory isolation and confidential computing boundaries. Additionally, an attacker can build a payload which can be injected into the SMRAM memory. This issue affects: Module name: SbPei SHA256: d827182e5f9b7a9ff0b9d3e232f7cfac43b5237e2681e11f005be627a49283a9 Module GUID: c1fbd624-27ea-40d1-aa48-94c3dc5c7e0d

Show More

A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines (VMs) and bypassing memory isolation and confidential computing boundaries. Additionally, an attacker can build a payload which can be injected into the SMRAM memory. This issue affects: Module name: S3Resume2Pei SHA256: 7bb29f05534a8a1e010443213 ... A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines (VMs) and bypassing memory isolation and confidential computing boundaries. Additionally, an attacker can build a payload which can be injected into the SMRAM memory. This issue affects: Module name: S3Resume2Pei SHA256: 7bb29f05534a8a1e010443213451425098faebd45948a4642db969b19d0253fc Module GUID: 89E549B0-7CFE-449D-9BA3-10D8B2312D71

Show More

A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines (VMs) and bypassing memory isolation and confidential computing boundaries. Additionally, an attacker can build a payload which can be injected into the SMRAM memory. This issue affects: Module name: PlatformInitAdvancedPreMem SHA256: 644044fdb8d ... A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines (VMs) and bypassing memory isolation and confidential computing boundaries. Additionally, an attacker can build a payload which can be injected into the SMRAM memory. This issue affects: Module name: PlatformInitAdvancedPreMem SHA256: 644044fdb8daea30a7820e0f5f88dbf5cd460af72fbf70418e9d2e47efed8d9b Module GUID: EEEE611D-F78F-4FB9-B868-55907F169280 This issue affects: AMI Aptio 5.x.

Show More

Unquoted search path or element in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper input validation in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable escalation of privilege via local access.

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable information disclosure via local access.

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable information disclosure and escalation of privilege via network access.