Intel: Security Vulnerabilities
Intel NUC kits with insufficient input validation in system firmware, potentially allows a local attacker to elevate privileges to System Management Mode (SMM).
CVSS Score
7.8
EPSS Score
0.0
Published
2018-05-10
DLL injection vulnerability in the installation executables (Autorun.exe and Setup.exe) for Intel's wireless drivers and related software in Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC family of products allows a local attacker to cause escalation of privilege via remote code execution.
CVSS Score
7.8
EPSS Score
0.002
Published
2018-05-10
Buffer overflow in ETWS processing module Intel XMM71xx, XMM72xx, XMM73xx, XMM74xx and Sofia 3G/R allows remote attacker to potentially execute arbitrary code via an adjacent network.
CVSS Score
8.3
EPSS Score
0.005
Published
2018-04-05
Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker to alter the behavior of the SPI flash potentially leading to a Denial of Service.
CVSS Score
6.0
EPSS Score
0.001
Published
2018-04-03
Escalation of privilege in all versions of the Intel Remote Keyboard allows an authorized local attacker to execute arbitrary code as a privileged user.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-04-03
Escalation of privilege in all versions of the Intel Remote Keyboard allows a network attacker to inject keystrokes as a local user.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-04-03
Escalation of privilege in all versions of the Intel Remote Keyboard allows a local attacker to inject keystrokes into another remote keyboard session.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-04-03
AESM daemon in Intel Software Guard Extensions Platform Software Component for Linux before 2.1.102 can effectively be disabled by a local attacker creating a denial of services like remote attestation provided by the AESM.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-04-03
Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an attacker with local user access via a side-channel attack on the directional branch predictor, as demonstrated by a pattern history table (PHT), aka BranchScope.
CVSS Score
5.6
EPSS Score
0.001
Published
2018-03-27
The main function in android_main.cpp in thermald allows local users to write to arbitrary files via a symlink attack on /tmp/thermald.pid.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-03-26