CIP software
by Intel
CVEs (30)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-36482 | Hig | 0.53 | 8.2 | 0.00 | Nov 13, 2024 | Improper input validation in some Intel(R) CIP software before version 2.4.10852 may allow a privileged user to potentially enable escalation of privilege via local access. | ||
| CVE-2022-40207 | Hig | 0.53 | 8.2 | 0.00 | May 10, 2023 | Improper access control in the Intel(R) SUR software before version 2.4.8989 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2022-29514 | Hig | 0.50 | 7.7 | 0.01 | Feb 16, 2023 | Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | ||
| CVE-2022-33964 | Hig | 0.48 | 7.4 | 0.01 | Feb 16, 2023 | Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | ||
| CVE-2023-39941 | Hig | 0.46 | 7.1 | 0.00 | Feb 14, 2024 | Improper access control in some Intel(R) SUR software before version 2.4.10587 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||
| CVE-2022-33190 | Hig | 0.46 | 7.1 | 0.00 | Feb 16, 2023 | Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2024-36276 | Med | 0.44 | 6.7 | 0.00 | Nov 13, 2024 | Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2023-38135 | Med | 0.44 | 6.7 | 0.00 | Feb 14, 2024 | Improper authorization in some Intel(R) PM software may allow a privileged user to potentially enable escalation of privilege via local access. | ||
| CVE-2023-35769 | Med | 0.44 | 6.7 | 0.00 | Feb 14, 2024 | Uncontrolled search path in some Intel(R) CIP software before version 2.4.10577 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2022-34854 | Med | 0.44 | 6.7 | 0.00 | Feb 16, 2023 | Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2022-30692 | Med | 0.38 | 5.9 | 0.01 | Feb 16, 2023 | Improper conditions check in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable denial of service via network access. | ||
| CVE-2023-43489 | Med | 0.36 | 5.5 | 0.00 | Aug 14, 2024 | Improper access control for some Intel(R) CIP software before version 2.4.10717 may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2022-33946 | Med | 0.36 | 5.6 | 0.00 | Feb 16, 2023 | Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2022-31476 | Med | 0.36 | 5.5 | 0.00 | Feb 16, 2023 | Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2025-24516 | Med | 0.29 | 4.5 | 0.00 | Nov 11, 2025 | Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data exposure.… | ||
| CVE-2023-41082 | Med | 0.29 | 4.4 | 0.00 | May 16, 2024 | Null pointer dereference for some Intel(R) CST software before version 2.1.10300 may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2023-39433 | Med | 0.29 | 4.4 | 0.00 | May 16, 2024 | Improper access control for some Intel(R) CST software before version 2.1.10300 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2022-27234 | Med | 0.28 | 4.3 | 0.00 | Feb 16, 2023 | Server-side request forgery in the CVAT software maintained by Intel(R) before version 2.0.1 may allow an authenticated user to potentially enable information disclosure via network access. | ||
| CVE-2022-32971 | Low | 0.20 | 3.1 | 0.00 | Feb 16, 2023 | Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow a privileged user to potentially enable escalation of privilege via network access. | ||
| CVE-2023-43745 | Low | 0.18 | 2.8 | 0.00 | May 16, 2024 | Improper input validation in some Intel(R) CBI software before version 1.1.0 may allow an authenticated user to potentially enable denial of service via local access. |
- risk 0.53cvss 8.2epss 0.00
Improper input validation in some Intel(R) CIP software before version 2.4.10852 may allow a privileged user to potentially enable escalation of privilege via local access.
- risk 0.53cvss 8.2epss 0.00
Improper access control in the Intel(R) SUR software before version 2.4.8989 may allow an authenticated user to potentially enable escalation of privilege via local access.
- risk 0.50cvss 7.7epss 0.01
Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
- risk 0.48cvss 7.4epss 0.01
Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
- risk 0.46cvss 7.1epss 0.00
Improper access control in some Intel(R) SUR software before version 2.4.10587 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
- risk 0.46cvss 7.1epss 0.00
Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.
- risk 0.44cvss 6.7epss 0.00
Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user to potentially enable escalation of privilege via local access.
- risk 0.44cvss 6.7epss 0.00
Improper authorization in some Intel(R) PM software may allow a privileged user to potentially enable escalation of privilege via local access.
- risk 0.44cvss 6.7epss 0.00
Uncontrolled search path in some Intel(R) CIP software before version 2.4.10577 may allow an authenticated user to potentially enable escalation of privilege via local access.
- risk 0.44cvss 6.7epss 0.00
Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.
- risk 0.38cvss 5.9epss 0.01
Improper conditions check in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable denial of service via network access.
- risk 0.36cvss 5.5epss 0.00
Improper access control for some Intel(R) CIP software before version 2.4.10717 may allow an authenticated user to potentially enable denial of service via local access.
- risk 0.36cvss 5.6epss 0.00
Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.
- risk 0.36cvss 5.5epss 0.00
Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable denial of service via local access.
- risk 0.29cvss 4.5epss 0.00
Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data exposure.…
- risk 0.29cvss 4.4epss 0.00
Null pointer dereference for some Intel(R) CST software before version 2.1.10300 may allow an authenticated user to potentially enable denial of service via local access.
- risk 0.29cvss 4.4epss 0.00
Improper access control for some Intel(R) CST software before version 2.1.10300 may allow an authenticated user to potentially enable escalation of privilege via local access.
- risk 0.28cvss 4.3epss 0.00
Server-side request forgery in the CVAT software maintained by Intel(R) before version 2.0.1 may allow an authenticated user to potentially enable information disclosure via network access.
- risk 0.20cvss 3.1epss 0.00
Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow a privileged user to potentially enable escalation of privilege via network access.
- risk 0.18cvss 2.8epss 0.00
Improper input validation in some Intel(R) CBI software before version 1.1.0 may allow an authenticated user to potentially enable denial of service via local access.
Page 1 of 2