Vulnerabilities > Intel
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-20 | CVE-2022-26873 | Out-of-bounds Write vulnerability in multiple products A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. | 8.2 |
| 2022-09-20 | CVE-2022-40246 | Out-of-bounds Write vulnerability in Intel products A potential attacker can write one byte by arbitrary address at the time of the PEI phase (only during S3 resume boot mode) and influence the subsequent boot stages. | 7.2 |
| 2022-09-20 | CVE-2022-40250 | Out-of-bounds Write vulnerability in multiple products An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it. | 8.8 |
| 2022-09-20 | CVE-2022-40261 | Classic Buffer Overflow vulnerability in multiple products An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it. | 8.2 |
| 2022-09-20 | CVE-2022-40262 | Out-of-bounds Write vulnerability in multiple products A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. | 8.2 |
| 2022-09-20 | CVE-2021-33076 | Improper Authentication vulnerability in Intel products Improper authentication in firmware for some Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | 6.8 |
| 2022-09-20 | CVE-2021-33079 | Unspecified vulnerability in Intel products Protection mechanism failure in firmware for some Intel(R) SSD DC Products may allow a privileged user to potentially enable information disclosure via local access. | 4.4 |
| 2022-09-20 | CVE-2021-33081 | Unspecified vulnerability in Intel products Protection mechanism failure in firmware for some Intel(R) SSD DC Products may allow a privileged user to potentially enable information disclosure via local access. | 4.4 |
| 2022-08-18 | CVE-2022-27493 | Improper Initialization vulnerability in Intel Lapbc510 Firmware and Lapbc710 Firmware Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable an escalation of privilege via local access. | 7.8 |
| 2022-08-18 | CVE-2022-28697 | Unspecified vulnerability in Intel products Improper access control in firmware for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially enable escalation of privilege via physical access. low complexity intel | 6.8 |