18 results (0.020 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1312EXPL: 0

Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. Un valor de retorno no comprobado en el firmware de algunos procesadores Intel(R) puede permitir a un usuario con privilegios habilitar potencialmente una escalada de privilegios mediante acceso local. • https://security.netapp.com/advisory/ntap-20220210-0007 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00527.html • CWE-1188: Initialization of a Resource with an Insecure Default •

CVSS: 7.2EPSS: 0%CPEs: 1312EXPL: 0

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access. Una inicialización no segura de variables predeterminadas para la funcionalidad Intel BSSA DFT puede permitir a un usuario con privilegios habilitar potencialmente una escalada de privilegios por medio de acceso local • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00525.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00527.html • CWE-1188: Initialization of a Resource with an Insecure Default •

CVSS: 7.6EPSS: 0%CPEs: 345EXPL: 0

Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation Intel Core Processor contains a logic error which may allow physical attacker to potentially bypass firmware authentication. El firmware del código de muestra de la plataforma en 4ª, 5ª, 6ª, 7ª y 8ª generación del procesador Intel Core contiene un error lógico que podría permitir a un atacante físico omitir la autenticación del firmware. • http://www.securityfocus.com/bid/105387 https://edk2-docs.gitbooks.io/security-advisory/content/unauthenticated-firmware-chain-of-trust-bypass.html https://support.lenovo.com/us/en/solutions/LEN-20527 • CWE-287: Improper Authentication •

CVSS: 5.6EPSS: 0%CPEs: 463EXPL: 0

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. Los sistemas con microprocesadores que emplean la ejecución especulativa y traducciones de direcciones podría permitir la divulgación no autorizada de información que reside en la caché de datos L1 a un atacante con acceso de usuario local mediante un error de página del terminal y un análisis de canal lateral. Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks. • http://support.lenovo.com/us/en/solutions/LEN-24163 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en http://www.securityfocus.com/bid/105080 http://www.securitytracker.com/id/1041451 http://www.vmware.com/security/advisories/VMSA-2018-0021.html http://xenbits.xen.org/xsa/advisory-273.html https://access.redhat.com/errata/RHSA-2018:2384 https://access.redhat.com/errata/RHSA-2018:2387 https://access.redhat.com/errata/RHSA-2018:2388 https: • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •

CVSS: 6.4EPSS: 0%CPEs: 129EXPL: 0

Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis. Los sistemas con microprocesadores que emplean ejecución especulativa y extensiones Intel software guard (Intel SGX) podría permitir la fuga no autorizada de información que reside en la caché de datos L1 desde un enclave a un atacante con acceso de usuario local mediante un análisis de canal lateral. • http://support.lenovo.com/us/en/solutions/LEN-24163 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en http://www.securityfocus.com/bid/105080 http://www.securitytracker.com/id/1041451 https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf https://foreshadowattack.eu https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html https://psirt.global.sonicwall.com/vuln-detail/ • CWE-203: Observable Discrepancy •