Vulnerabilities > Intel > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-29 | CVE-2020-11615 | Use of Hard-coded Credentials vulnerability in Intel BMC Firmware 1.06.06/2.47 NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure. | 7.5 |
| 2020-10-29 | CVE-2020-11489 | Insecure Default Initialization of Resource vulnerability in Intel BMC Firmware 1.06.06/2.47 NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contain a vulnerability in the AMI BMC firmware in which default SNMP community strings are used, which may lead to information disclosure. | 7.5 |
| 2020-10-29 | CVE-2020-11487 | Use of Hard-coded Credentials vulnerability in Intel BMC Firmware 1.06.06/2.47 NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. | 7.5 |
| 2020-10-29 | CVE-2020-11485 | Cross-Site Request Forgery (CSRF) vulnerability in Intel BMC Firmware 1.06.06/2.47 NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request, which can lead to information disclosure or code execution. | 8.8 |
| 2020-10-05 | CVE-2020-12302 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Driver & Support Assistant Improper permissions in the Intel(R) Driver & Support Assistant before version 20.7.26.7 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-10-05 | CVE-2019-14557 | Classic Buffer Overflow vulnerability in Intel Bios Buffer overflow in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable elevation of privilege or denial of service via adjacent access. | 8.0 |
| 2020-09-14 | CVE-2020-24457 | Unspecified vulnerability in Intel products Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processors may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access. low complexity intel | 7.6 |
| 2020-08-13 | CVE-2020-8688 | Improper Input Validation vulnerability in Intel Raid web Console 3 4.186/7.009.011.000/7.010.009.000 Improper input validation in the Intel(R) RAID Web Console 3 for Windows* may allow an unauthenticated user to potentially enable denial of service via network access. | 7.5 |
| 2020-08-13 | CVE-2020-8687 | Uncontrolled Search Path Element vulnerability in Intel Rste Software Raid Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-08-13 | CVE-2020-8681 | Out-of-bounds Write vulnerability in Intel Graphics Drivers 14.40/15.33/15.33.49.5100 Out of bounds write in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |