CWE-1281
Sequence of Processor Instructions Leads to Unexpected Behavior
Description
Specific combinations of processor instructions lead to undesirable behavior such as locking the processor until a hard reset performed.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-212
CVEs mapped to this weakness (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-22840 | Hig | 0.48 | 7.4 | 0.00 | Aug 12, 2025 | Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access | ||
| CVE-2023-46103 | Med | 0.31 | 4.7 | 0.00 | May 16, 2024 | Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2024-37020 | Low | 0.25 | 3.8 | 0.00 | Feb 12, 2025 | Sequence of processor instructions leads to unexpected behavior in the Intel(R) DSA V1.0 for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2026-47233 | 0.00 | — | 0.00 | May 29, 2026 | ## Summary Commit `d37ca6b27b9674238e58491cf7ba292e66898f15` ("Delete item not check admin rights #2024", 2026-04-12) added a missing `isAdministratorInventory()` gate to `case 'item_delete':` in `modules/inventory.php`. The same fix was not applied to the sibling `case… |
- risk 0.48cvss 7.4epss 0.00
Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access
- risk 0.31cvss 4.7epss 0.00
Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access.
- risk 0.25cvss 3.8epss 0.00
Sequence of processor instructions leads to unexpected behavior in the Intel(R) DSA V1.0 for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2026-47233May 29, 2026risk 0.00cvss —epss 0.00
## Summary Commit `d37ca6b27b9674238e58491cf7ba292e66898f15` ("Delete item not check admin rights #2024", 2026-04-12) added a missing `isAdministratorInventory()` gate to `case 'item_delete':` in `modules/inventory.php`. The same fix was not applied to the sibling `case…