CVE-2020-12318
Protection mechanism failure in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an authenticated user to potentially enable escalation of privilege via local access.
Source: CVE-2020-12318
[월:] 2020년 11월
CVE-2020-12322
CVE-2020-12322
Improper input validation in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
Source: CVE-2020-12322
CVE-2020-12354
CVE-2020-12354
Incorrect default permissions in Windows(R) installer in Intel(R) AMT SDK versions before 14.0.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Source: CVE-2020-12354
CVE-2020-12321
CVE-2020-12321
Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
Source: CVE-2020-12321
CVE-2020-13771
CVE-2020-13771
Various components in Ivanti Endpoint Manager through 2020.1.1 rely on Windows search order when loading a (nonexistent) library file, allowing (under certain conditions) one to gain code execution (and elevation of privileges to the level of privilege held by the vulnerable component such as NT AUTHORITYSYSTEM) via DLL hijacking. This affects ldiscn32.exe, IpmiRedirectionService.exe, LDAPWhoAmI.exe, and ldprofile.exe.
Source: CVE-2020-13771
CVE-2020-13770
CVE-2020-13770
Several services are accessing named pipes in Ivanti Endpoint Manager through 2020.1.1 with default or overly permissive security attributes; as these services run as user ‘NT AUTHORITYSYSTEM’, the issue can be used to escalate privileges from a local standard or service account having SeImpersonatePrivilege (eg. user ‘NT AUTHORITYNETWORK SERVICE’).
Source: CVE-2020-13770
CVE-2020-0593
CVE-2020-0593
Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Source: CVE-2020-0593
CVE-2020-12310
CVE-2020-12310
Insufficient control flow managementin firmware in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access.
Source: CVE-2020-12310
CVE-2020-12308
CVE-2020-12308
Improper access control for the Intel(R) Computing Improvement Program before version 2.4.5982 may allow an unprivileged user to potentially enable information disclosure via network access.
Source: CVE-2020-12308
CVE-2020-0591
CVE-2020-0591
Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Source: CVE-2020-0591