CVSS: 8.7EPSS: 0%CPEs: 112EXPL: 0CVE-2023-42772
https://notcve.org/view.php?id=CVE-2023-42772
16 Sep 2024 — Untrusted pointer dereference in UEFI firmware for some Intel(R) reference processors may allow a privileged user to potentially enable escalation of privilege via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01071.html • CWE-822: Untrusted Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 153EXPL: 0CVE-2024-21871
https://notcve.org/view.php?id=CVE-2024-21871
16 Sep 2024 — Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01071.html • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 336EXPL: 0CVE-2023-32666
https://notcve.org/view.php?id=CVE-2023-32666
14 Mar 2024 — On-chip debug and test interface with improper access control in some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. La interfaz de prueba y depuración en el chip con control de acceso inadecuado en algunos procesadores Intel(R) Xeon(R) de cuarta generación cuando se utiliza Intel(R) SGX o Intel(R) TDX puede permitir que un usuario privilegiado habilite potencialmente la escalada d... • https://security.netapp.com/advisory/ntap-20240405-0010 • CWE-1191: On-Chip Debug and Test Interface With Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 446EXPL: 1CVE-2023-23583 – Debian Security Advisory 5563-1
https://notcve.org/view.php?id=CVE-2023-23583
14 Nov 2023 — Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. La secuencia de instrucciones del procesador genera un comportamiento inesperado en Intel(R) Processors que pueden permitir que un usuario autenticado potencialmente habilite la escalada de privilegios y/o la divulgación de información y/o la denegación de servicio a ... • https://github.com/Mav3r1ck0x1/CVE-2023-23583-Reptar- • CWE-276: Incorrect Default Permissions CWE-1281: Sequence of Processor Instructions Leads to Unexpected Behavior •
CVSS: 4.4EPSS: 0%CPEs: 2024EXPL: 0CVE-2022-43505
https://notcve.org/view.php?id=CVE-2022-43505
11 Aug 2023 — Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access. La gestión insuficiente del flujo de control en el firmware de la BIOS para algunos procesadores Intel(R) puede permitir que un usuario con privilegios habilite potencialmente la denegación de servicio mediante acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html • CWE-691: Insufficient Control Flow Management •
CVSS: 6.1EPSS: 0%CPEs: 474EXPL: 0CVE-2022-38083
https://notcve.org/view.php?id=CVE-2022-38083
11 Aug 2023 — Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Una inicialización incorrecta en el firmware de la BIOS para algunos procesadores Intel(R) puede permitir que un usuario con privilegios permita potencialmente la divulgación de información mediante acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html • CWE-665: Improper Initialization •
CVSS: 7.2EPSS: 0%CPEs: 228EXPL: 0CVE-2022-37343
https://notcve.org/view.php?id=CVE-2022-37343
11 Aug 2023 — Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Un control de acceso inadecuado en el firmware de la BIOS para algunos procesadores Intel(R) puede permitir a un usuario con privilegios habilitar potencialmente una escalada de privilegios mediante acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html • CWE-284: Improper Access Control •
CVSS: 6.0EPSS: 0%CPEs: 414EXPL: 0CVE-2023-23908 – Debian Security Advisory 5474-1
https://notcve.org/view.php?id=CVE-2023-23908
11 Aug 2023 — Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access. Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. It was discovered that some Intel Xeon Processors did not properly restrict error injection for Intel SGX ... • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html • CWE-284: Improper Access Control •
CVSS: 7.2EPSS: 0%CPEs: 383EXPL: 0CVE-2022-41804 – Debian Security Advisory 5474-1
https://notcve.org/view.php?id=CVE-2022-41804
11 Aug 2023 — Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. La inyección de errores no autorizada en Intel(R) SGX o Intel(R) TDX para algunos procesadores Intel(R) Xeon(R) puede permitir que un usuario privilegiado habilite potencialmente la escalada de privilegios a través del acceso local. Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitec... • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00837.html • CWE-1334: Unauthorized Error Injection Can Degrade Hardware Redundancy •
CVSS: 5.5EPSS: 0%CPEs: 934EXPL: 0CVE-2022-38087
https://notcve.org/view.php?id=CVE-2022-38087
10 May 2023 — Exposure of resource to wrong sphere in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. • https://security.netapp.com/advisory/ntap-20231124-0006 • CWE-668: Exposure of Resource to Wrong Sphere •