Vulnerabilities > Intel
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-11 | CVE-2022-37345 | Improper Authentication vulnerability in Intel products Improper authentication in BIOS firmware[A1] for some Intel(R) NUC Kits before version RY0386 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2022-11-11 | CVE-2022-38099 | Improper Input Validation vulnerability in Intel products Improper input validation in BIOS firmware for some Intel(R) NUC 11 Compute Elements before version EBTGL357.0065 may allow a privileged user to potentially enable escalation of privilege via local access. | 7.8 |
| 2022-11-10 | CVE-2021-0185 | Improper Input Validation vulnerability in Intel M10Jnp2Sb Firmware 7.209/7.210 Improper input validation in the firmware for some Intel(R) Server Board M10JNP Family before version 7.216 may allow a privileged user to potentially enable an escalation of privilege via local access. | 6.7 |
| 2022-09-20 | CVE-2022-26873 | Out-of-bounds Write vulnerability in multiple products A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. | 8.2 |
| 2022-09-20 | CVE-2022-40246 | Out-of-bounds Write vulnerability in Intel products A potential attacker can write one byte by arbitrary address at the time of the PEI phase (only during S3 resume boot mode) and influence the subsequent boot stages. | 7.2 |
| 2022-09-20 | CVE-2022-40250 | Out-of-bounds Write vulnerability in multiple products An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it. | 8.8 |
| 2022-09-20 | CVE-2022-40261 | Classic Buffer Overflow vulnerability in multiple products An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it. | 8.2 |
| 2022-09-20 | CVE-2022-40262 | Out-of-bounds Write vulnerability in multiple products A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. | 8.2 |
| 2022-09-20 | CVE-2021-33076 | Improper Authentication vulnerability in Intel products Improper authentication in firmware for some Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | 6.8 |
| 2022-09-20 | CVE-2021-33079 | Unspecified vulnerability in Intel products Protection mechanism failure in firmware for some Intel(R) SSD DC Products may allow a privileged user to potentially enable information disclosure via local access. | 4.4 |