Vulnerabilities > Intel

DATE CVE VULNERABILITY TITLE RISK
2022-11-15 CVE-2022-29277 Out-of-bounds Write vulnerability in multiple products
Incorrect pointer checks within the the FwBlockServiceSmm driver can allow arbitrary RAM modifications During review of the FwBlockServiceSmm driver, certain instances of SpiAccessLib could be tricked into writing 0xff to arbitrary system and SMRAM addresses.
local
low complexity
amd intel CWE-787
8.8
2022-11-11 CVE-2021-26251 Improper Input Validation vulnerability in Intel Openvino 2018
Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Toolkit may allow an authenticated user to potentially enable denial of service via network access.
network
low complexity
intel CWE-20
6.5
2022-11-11 CVE-2021-33064 Uncontrolled Search Path Element vulnerability in Intel System Studio
Uncontrolled search path in the software installer for Intel(R) System Studio for all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-427
7.8
2022-11-11 CVE-2021-33159 Improper Authentication vulnerability in Intel Active Management Technology
Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-287
6.7
2022-11-11 CVE-2021-33164 Unspecified vulnerability in Intel products
Improper access control in BIOS firmware for some Intel(R) NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel
6.7
2022-11-11 CVE-2022-21198 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Intel products
Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
local
high complexity
intel CWE-367
6.4
2022-11-11 CVE-2022-21794 Improper Authentication vulnerability in Intel products
Improper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067 may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-287
6.7
2022-11-11 CVE-2022-25917 Unspecified vulnerability in Intel products
Uncaught exception in the firmware for some Intel(R) Server Board M50CYP Family before version R01.01.0005 may allow a privileged user to potentially enable a denial of service via local access.
local
low complexity
intel
4.4
2022-11-11 CVE-2022-26006 Improper Input Validation vulnerability in Intel products
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-20
6.7
2022-11-11 CVE-2022-26024 Unspecified vulnerability in Intel products
Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel
7.8