CVSS: 7.2EPSS: 0%CPEs: 336EXPL: 0CVE-2023-32666
https://notcve.org/view.php?id=CVE-2023-32666
14 Mar 2024 — On-chip debug and test interface with improper access control in some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. La interfaz de prueba y depuración en el chip con control de acceso inadecuado en algunos procesadores Intel(R) Xeon(R) de cuarta generación cuando se utiliza Intel(R) SGX o Intel(R) TDX puede permitir que un usuario privilegiado habilite potencialmente la escalada d... • https://security.netapp.com/advisory/ntap-20240405-0010 • CWE-1191: On-Chip Debug and Test Interface With Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 446EXPL: 1CVE-2023-23583 – Debian Security Advisory 5563-1
https://notcve.org/view.php?id=CVE-2023-23583
14 Nov 2023 — Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. La secuencia de instrucciones del procesador genera un comportamiento inesperado en Intel(R) Processors que pueden permitir que un usuario autenticado potencialmente habilite la escalada de privilegios y/o la divulgación de información y/o la denegación de servicio a ... • https://github.com/Mav3r1ck0x1/CVE-2023-23583-Reptar- • CWE-276: Incorrect Default Permissions CWE-1281: Sequence of Processor Instructions Leads to Unexpected Behavior •
CVSS: 4.4EPSS: 0%CPEs: 2024EXPL: 0CVE-2022-43505
https://notcve.org/view.php?id=CVE-2022-43505
11 Aug 2023 — Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access. La gestión insuficiente del flujo de control en el firmware de la BIOS para algunos procesadores Intel(R) puede permitir que un usuario con privilegios habilite potencialmente la denegación de servicio mediante acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html • CWE-691: Insufficient Control Flow Management •
CVSS: 6.1EPSS: 0%CPEs: 474EXPL: 0CVE-2022-38083
https://notcve.org/view.php?id=CVE-2022-38083
11 Aug 2023 — Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Una inicialización incorrecta en el firmware de la BIOS para algunos procesadores Intel(R) puede permitir que un usuario con privilegios permita potencialmente la divulgación de información mediante acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html • CWE-665: Improper Initialization •
CVSS: 7.2EPSS: 0%CPEs: 228EXPL: 0CVE-2022-37343
https://notcve.org/view.php?id=CVE-2022-37343
11 Aug 2023 — Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Un control de acceso inadecuado en el firmware de la BIOS para algunos procesadores Intel(R) puede permitir a un usuario con privilegios habilitar potencialmente una escalada de privilegios mediante acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html • CWE-284: Improper Access Control •
CVSS: 6.0EPSS: 0%CPEs: 414EXPL: 0CVE-2023-23908 – Debian Security Advisory 5474-1
https://notcve.org/view.php?id=CVE-2023-23908
11 Aug 2023 — Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access. Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. It was discovered that some Intel Xeon Processors did not properly restrict error injection for Intel SGX ... • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html • CWE-284: Improper Access Control •
CVSS: 7.2EPSS: 0%CPEs: 383EXPL: 0CVE-2022-41804 – Debian Security Advisory 5474-1
https://notcve.org/view.php?id=CVE-2022-41804
11 Aug 2023 — Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. La inyección de errores no autorizada en Intel(R) SGX o Intel(R) TDX para algunos procesadores Intel(R) Xeon(R) puede permitir que un usuario privilegiado habilite potencialmente la escalada de privilegios a través del acceso local. Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitec... • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00837.html • CWE-1334: Unauthorized Error Injection Can Degrade Hardware Redundancy •
CVSS: 6.5EPSS: 0%CPEs: 1575EXPL: 2CVE-2022-40982 – hw: Intel: Gather Data Sampling (GDS) side channel vulnerability
https://notcve.org/view.php?id=CVE-2022-40982
11 Aug 2023 — Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. La exposición de información a través del estado microarquitectónico tras la ejecución transitoria en determinadas unidades de ejecución vectorial de algunos procesadores Intel(R) puede permitir a un usuario autenticado la divulgación potencial de información a través del a... • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy CWE-1342: Information Exposure through Microarchitectural State after Transient Execution •
CVSS: 5.5EPSS: 0%CPEs: 934EXPL: 0CVE-2022-38087
https://notcve.org/view.php?id=CVE-2022-38087
10 May 2023 — Exposure of resource to wrong sphere in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. • https://security.netapp.com/advisory/ntap-20231124-0006 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.2EPSS: 0%CPEs: 272EXPL: 0CVE-2022-33196 – kernel: Intel firmware update for Incorrect default permissions in some memory controller configurations
https://notcve.org/view.php?id=CVE-2022-33196
16 Feb 2023 — Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access. A flaw was found in the Linux kernel. Some Intel(R) Xeon(R) processors with Intel® Software Guard Extensions (SGX) may allow privilege escalation. This issue may allow a privileged user to enable privilege escalation via local access. Erik C. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00738.html • CWE-276: Incorrect Default Permissions •