Intel: Security Vulnerabilities
Privilege escalation in file permissions in Intel Computing Improvement Program before version 2.2.0.03942 may allow an authenticated user to potentially execute code as administrator via local access.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-09-12
Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network.
CVSS Score
9.8
EPSS Score
0.007
Published
2018-09-12
Privilege escalation in file permissions in Intel Driver and Support Assistant before 3.5.0.1 may allow an authenticated user to potentially execute code as administrator via local access.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-09-12
Buffer overflow in input handling in Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially deny service to the application via local access.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-09-12
lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal.
CVSS Score
4.3
EPSS Score
0.001
Published
2018-08-21
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
CVSS Score
6.4
EPSS Score
0.012
Published
2018-08-14
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.
CVSS Score
5.6
EPSS Score
0.03
Published
2018-08-14
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.
CVSS Score
5.6
EPSS Score
0.043
Published
2018-08-14
Out-of-bounds read condition in older versions of some Intel Graphics Driver for Windows code branches allows local users to perform a denial of service attack.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-08-01
Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-08-01