VARIoT IoT vulnerabilities database

Insufficient access control in the firmware of the Intel(R) Ethernet 700 Series Controllers before version 7.3 may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. Intel(R) Ethernet 700 Series Controller Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Intel Ethernet 700 Series Controllers is a 700 series Ethernet controller from Intel Corporation. Intel(R) Ethernet 700 Series Controllers versions prior to 7.3 have a security vulnerability. The vulnerability is due to insufficient access control

Protection mechanism failure in Intel(R) Ethernet 700 Series Controllers before version 7.3 may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. Intel(R) Ethernet 700 Series Controller Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Intel Ethernet 700 Series Controllers is a 700 series Ethernet controller from Intel Corporation. Intel(R) Ethernet 700 Series Controllers versions prior to 7.3 have a security vulnerability. The vulnerability is caused by a malfunction in the protection mechanism

A logic issue in the firmware of the Intel(R) Ethernet 700 Series Controllers may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. Intel(R) Ethernet 700 Series Controller Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Intel Ethernet 700 Series Controllers is a 700 series Ethernet controller from Intel Corporation

Improper buffer restrictions in the firmware of the Intel(R) Ethernet 700 Series Controllers may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. Intel(R) Ethernet 700 Series Controller Is vulnerable to a buffer error.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Uncaught exception in the Intel(R) 50GbE IP Core for Intel(R) Quartus Prime before version 20.2 may allow an authenticated user to potentially enable denial of service via local access

Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable information disclosure via network access. This product mainly provides real-time power supply and heat dissipation data of equipment

Improper buffer restrictions in the Intel(R) Stratix(R) 10 FPGA firmware provided with the Intel(R) Quartus(R) Prime Pro software before version 20.1 may allow an unauthenticated user to potentially enable escalation of privilege and/or information disclosure via physical access. Intel PAC with Arria 10 GX FPGA is a programmable accelerator card from Intel Corporation using Intel Arria 10 GX FPGA (Field Programmable Gate Array)

Incorrect default permissions in the Intel(R) Board ID Tool version v.1.01 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel Board ID Tool is a software used by Intel Corporation to interact with Intel motherboards

Insufficient control flow management in the Open WebRTC Toolkit before version 4.3.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Open WebRTC Toolkit Contains an unspecified vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Intel Open WebRTC Toolkit is an open-source, cross-platform WebRTC client framework based on Gstreamer, an end-to-end audio/video communication development kit developed by Intel Corporation. This toolkit is used to create high-performance, reliable and scalable real-time communication applications. A security vulnerability exists in Intel Open WebRTC Toolkit versions prior to 4.3.1

Improper permissions in the installer for the Intel(R) Advisor tools before version 2020 Update 2 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) Advisor tools The installer contains a vulnerability related to improper retention of permissions.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Intel Advisor tools is a programming-oriented vector optimization and prototyping software from Intel Corporation. The software can analyze the code and provide code operation efficiency through a variety of analysis methods

Insufficiently protected credentials in the Intel(R) QAT for Linux before version 1.7.l.4.10.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) QAT for Linux Exists in an inadequate protection of credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Intel QuickAssist Technology for Linux is a technology of Intel Corporation that can improve server utilization. This technology balances server pressure by sharing the pressure of computing-intensive tasks to improve server efficiency

Improper access controls in Intel Unite(R) Cloud Service client before version 4.2.12212 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel Unite is an enterprise conference collaboration solution developed by Intel Corporation of the United States. An attacker could exploit this vulnerability to escalate privileges

Uncontrolled search path in the Intel(R) VTune(TM) Profiler before version 2020 Update 1 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) VTune(TM) Profiler There is a vulnerability in an element of an uncontrolled search path.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Intel VTune Profiler is a performance testing tool used by Intel Corporation to optimize software. The software can perform performance tests on embedded applications of the Internet of Things, media software, Java applications, and high-performance computing applications. The previous version of Intel(R) VTune(TM) Profiler 2020 Update 1 has a security vulnerability. The vulnerability stems from a controlled search path. Attackers can use this vulnerability to upgrade privileges

Insufficiently protected credentials in the Intel(R) EMA before version 1.3.3 may allow an authorized user to potentially enable information disclosure via local access. Intel(R) EMA Exists in an inadequate protection of credentials.Information may be obtained. Intel Endpoint Management Assistant (Intel EMA) is a management software developed by Intel Corporation for managing remote devices. The software provides security and convenience for telecommuting

Path traversal in the Intel(R) EMA before version 1.3.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Intel(R) EMA Contains a path traversal vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. Intel Active Management Technology versions prior to 1.3.3 have an access control error vulnerability, which stems from the fact that network systems or products do not properly restrict resource access from unauthorized roles

Improper permissions in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable denial of service via network access. Intel Data Center Manager SDK is a data center management SDK (Software Development Kit) of Intel Corporation. This product mainly provides real-time power supply and heat dissipation data of equipment

Improper access control in the Intel(R) XTU before version 6.5.1.360 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) XTU Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Intel Extreme Tuning Utility is a software from Intel Corporation that can increase CPU frequency. In addition to supporting CPU and graphics card overclocking, the software also has the functions of system hardware information detection and real-time monitoring of the current system status to ensure system stability after overclocking

Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable information disclosure via network access. This product mainly provides real-time power supply and heat dissipation data of equipment

Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable escalation of privilege via network access. Intel Data Center Manager SDK is a data center management SDK (Software Development Kit) of Intel Corporation. This product mainly provides real-time power supply and heat dissipation data of equipment

Improper permissions in the installer for the Intel(R) Battery Life Diagnostic Tool before version 1.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) Battery Life Diagnostic Tool Is vulnerable to incorrect default permissions.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Intel Battery Life Diagnostic Tool is a battery life analysis software developed by Intel Corporation