cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-25571,https://securityvulnerability.io/vulnerability/CVE-2024-25571,Improper Input Validation in Intel SPS Firmware,"An improper input validation vulnerability exists in some versions of Intel's SPS firmware, potentially enabling a privileged local user to cause a denial of service. Failure to validate input correctly could lead to the exploitation of this flaw, impacting the stability and availability of affected systems. Organizations using affected firmware versions should implement necessary security measures to mitigate the risk associated with local access exploitation.",Intel,Intel(r) Sps Firmware Before Sps E5 06.01.04.059.0,4.6,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-12T21:19:37.820Z,0
CVE-2023-35191,https://securityvulnerability.io/vulnerability/CVE-2023-35191,Potential Denial of Service Vulnerability in Intel SPS Firmware,"A vulnerability exists in certain versions of Intel SPS Firmware that can be exploited by a privileged user through network access. This exploitation could lead to uncontrolled resource consumption, negatively impacting system performance and availability. Organizations utilizing affected Intel SPS Firmware should be aware of the potential for denial of service attacks and take necessary precautions to mitigate risks associated with this vulnerability.",Intel,Intel(r) Sps Firmware Versions,6.8,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-14T16:45:47.845Z,0
CVE-2023-29153,https://securityvulnerability.io/vulnerability/CVE-2023-29153,Potential Denial of Service Vulnerability in Intel SPS Firmware,"The vulnerability involves uncontrolled resource consumption present in certain Intel SPS firmware versions, specifically prior to SPS_E5_06.01.04.002.0. This issue allows a privileged user to exploit the vulnerability, potentially leading to a denial of service via network access. Organizations utilizing affected versions of Intel's SPS firmware may face disruption in services, highlighting the importance of immediate updates and patching measures to secure their systems against unauthorized access and resource exhaustion.",Intel,Intel(r) Sps Firmware,4.9,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-14T13:38:17.590Z,0
CVE-2022-36794,https://securityvulnerability.io/vulnerability/CVE-2022-36794,Improper Condition Check in Intel SPS Firmware,"A security flaw exists in certain versions of Intel SPS firmware, allowing a privileged user local access that could lead to a denial of service condition. This improper condition check in the firmware may enable unauthorized actions if exploited, emphasizing the necessity of updating to safeguard against potential threats. For detailed insights, refer to Intel's security advisory.",Intel,Intel(r) Sps Firmware,6,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-02-16T20:00:01.515Z,0
CVE-2022-36348,https://securityvulnerability.io/vulnerability/CVE-2022-36348,Privilege Escalation Vulnerability in Intel SPS Firmware,Certain versions of Intel SPS firmware contain active debug code that could allow an authenticated user to elevate privileges through local access. This vulnerability underscores the need for timely updates to firmware in order to mitigate potential risks associated with unauthorized privilege escalation.,Intel,Intel (r) Sps Firmware,8.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-02-16T19:59:59.676Z,0
CVE-2022-29515,https://securityvulnerability.io/vulnerability/CVE-2022-29515,Memory Management Flaw in Intel SPS Firmware,"A vulnerability exists in the Intel SPS firmware where memory is not properly released after its effective lifetime. This flaw permits a privileged local user to potentially trigger a denial of service condition. The issue is applicable to firmware versions prior to SPS_E3_06.00.03.035.0, leading to concerns over system stability and availability due to improper memory handling. Remediation efforts should focus on updating to the latest firmware version to mitigate the risks associated with this vulnerability.",Intel,Intel(r) Sps,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-11-11T15:48:37.745Z,0
CVE-2022-29466,https://securityvulnerability.io/vulnerability/CVE-2022-29466,Improper Input Validation in Intel SPS Firmware,The firmware for Intel's Server Platform Services (SPS) prior to version SPS_E3_04.01.04.700.0 is susceptible to improper input validation. This vulnerability may allow an authenticated user to exploit the system to cause a denial of service via local access. Mitigation strategies should be employed to safeguard against potential disruptions.,Intel,Intel(r) Sps,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-11-11T15:48:37.244Z,0
CVE-2022-26074,https://securityvulnerability.io/vulnerability/CVE-2022-26074,Denial of Service Vulnerability in Intel SPS Firmware,"A vulnerability exists in the firmware subsystem of Intel® SPS, where incomplete cleanup processes could allow a privileged user to potentially induce a denial of service condition. This risk is particularly pertinent for users with local access to the system, highlighting the importance of keeping firmware updated to mitigate possible exploitation.",Intel,Intel(r) Sps,4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-08-18T19:56:02.000Z,0
CVE-2021-0060,https://securityvulnerability.io/vulnerability/CVE-2021-0060,Insufficient Compartmentalization in Intel SPS Subsystem,"The HECI subsystem for Intel Server Platform Services has a vulnerability stemming from insufficient compartmentalization. This flaw may enable an authenticated user with physical access to the hardware to potentially escalate their privileges. Certain versions of the SPS are affected, and users are encouraged to review the official advisories for mitigation strategies.",Intel,Intel(r) Sps,6.6,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-02-09T22:04:02.000Z,0
CVE-2021-0051,https://securityvulnerability.io/vulnerability/CVE-2021-0051,Improper Input Validation in Intel SPS Products,"A vulnerability exists in certain Intel SPS versions due to improper input validation. This flaw may allow a privileged user local access to enable a denial of service, potentially disrupting operations.",Intel,Intel(r) Sps Versions,4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-09T19:02:01.000Z,0
CVE-2020-24509,https://securityvulnerability.io/vulnerability/CVE-2020-24509,Insufficient Control Flow Management in Intel SPS Products,"Insufficient control flow management in the Intel Scalable Processor System allows a privileged user to potentially escalate their privileges through local access. This vulnerability affects various versions of the SPS product line, making it crucial for administrators to ensure that their systems are updated and secured against potential exploitation. For further details, consult Intel's advisory and related security documentation.",Intel,Intel(r) Sps Versions,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-09T18:47:35.000Z,0
CVE-2020-8755,https://securityvulnerability.io/vulnerability/CVE-2020-8755,Race Condition Vulnerability in Intel CSME and SPS Products,"A race condition exists in the Intel CSME and SPS subsystems that may allow an unauthenticated user with physical access to escalate their privileges. Affected versions of these products could potentially be exploited, resulting in significant security risks. Organizations should review the Intel security advisories for mitigation strategies and updates to prevent exploitation.",Intel,"Intel(r) Csme, Intel(r) Sps",6.4,MEDIUM,0.0012100000167265534,false,,false,false,false,,,false,false,,2020-11-12T18:09:17.000Z,0
CVE-2020-8705,https://securityvulnerability.io/vulnerability/CVE-2020-8705,Insecure Initialization in Intel Boot Guard and Management Engine,"This vulnerability involves insecure default initialization in Intel's Boot Guard and various CSME versions. It may allow an unauthenticated individual with physical access to potentially escalate privileges, posing a significant security risk. Versions prior to specified releases are at risk, underlining the importance of timely software updates to mitigate potential threats.",Intel,"Intel(r) Boot Guard, Intel(r) Csme, Intel(r) Txe, Intel(r) Sps",6.8,MEDIUM,0.0020000000949949026,false,,false,false,false,,,false,false,,2020-11-12T18:06:24.000Z,0
CVE-2020-8744,https://securityvulnerability.io/vulnerability/CVE-2020-8744,Improper Initialization in Intel CSME and TXE Products,"An improper initialization vulnerability exists in the Intel Common Smart Management Engine (CSME) and Intel Trusted Execution Engine (TXE) versions. This flaw may allow a privileged local user to potentially escalate their privileges, leading to unauthorized actions within the affected systems. It is crucial for users and administrators to understand the implications of this vulnerability and apply the necessary updates to mitigate risks. Reference links provide further details for remediation strategies.",Intel,"Intel(r) Csme Versions, Intel(r) Txe, Intel(r) Sps",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-11-12T18:06:17.000Z,0
CVE-2020-0545,https://securityvulnerability.io/vulnerability/CVE-2020-0545,"Integer Overflow Vulnerability in Intel CSME, TXE, and Server Platform Services","An integer overflow vulnerability exists in the subsystem of Intel's CSME, TXE, and Server Platform Services. This flaw may be exploited by a privileged user with local access to potentially enable a denial of service condition, affecting the stability and performance of systems reliant on these products. Proper patching is crucial to mitigate the risk posed by this vulnerability.",Intel,"Intel(r) Csme, Intel(r) Txe, And Intel(r) Sps",4.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-06-15T14:00:40.000Z,0
CVE-2020-0586,https://securityvulnerability.io/vulnerability/CVE-2020-0586,Improper Initialization in Intel SPS Products,"Improper initialization in the subsystem for certain versions of Intel SPS may permit an authenticated user to exploit this weakness, potentially leading to escalation of privileges or denial of service through local access. This vulnerability underscores the importance of updating to the latest software versions to mitigate potential security risks.",Intel,Intel(r) Sps,7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-06-15T13:56:39.000Z,0
CVE-2019-11109,https://securityvulnerability.io/vulnerability/CVE-2019-11109,Logic Issue in Intel SPS Subsystem,"A logic issue in the Intel SPS subsystem prior to specific versions can potentially allow a privileged user to execute actions that may lead to a denial of service. This vulnerability is particularly concerning as it can be exploited through local access, affecting the integrity and availability of the system. Users are advised to update to the latest versions to mitigate this risk.",Intel,Intel(r) Sps,4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2019-12-18T21:09:56.000Z,0
CVE-2019-0089,https://securityvulnerability.io/vulnerability/CVE-2019-0089,Improper Data Sanitization in Intel SPS Products,"An improper data sanitization vulnerability exists in a subsystem of Intel SPS products, which may allow an attacker with local access and sufficient privileges to escalate their privileges and potentially execute unauthorized commands. This issue could expose systems to further security risks, as users with elevated privileges may gain modifications to sensitive configurations and data.",Intel,Intel(r) Server Platform Services (sps),6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2019-0099,https://securityvulnerability.io/vulnerability/CVE-2019-0099,Insufficient Access Control in Intel SPS Products,"An insufficient access control issue exists within the Intel(R) Server Platform Services (SPS) that may allow an unauthenticated user with physical access to the device to potentially escalate their privileges. This could lead to unauthorized actions that the user normally would not have permissions to execute, compromising the integrity of the system. It is crucial for users and administrators to apply the necessary updates to ensure system security and mitigate this risk.",Intel,"Intel(r) Server Platform Services (sps), Intel (r) Trusted Execution Engine Interface (txe)",6.8,MEDIUM,0.0007699999841861427,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2019-0093,https://securityvulnerability.io/vulnerability/CVE-2019-0093,Insufficient Data Sanitization Vulnerability in Intel CSME and SPS Systems,"A significant vulnerability in the Intel HECI subsystem affects the CSME and SPS products, due to insufficient data sanitization. This flaw allows a privileged user to potentially disclose sensitive information through local access. Users operating under these affected versions are urged to evaluate their systems and apply necessary updates to safeguard against potential exploits.",Intel,"Intel(r) Converged Security & Management Engine (csme), Intel(r) Server Platform Services (sps)",4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2019-0090,https://securityvulnerability.io/vulnerability/CVE-2019-0090,Insufficient Access Control in Intel(R) CSME and Server Platform Services,"An insufficient access control vulnerability exists in the Intel(R) CSME, TXE, and Server Platform Services prior to specific versions. This flaw could allow an unauthenticated user with physical access to exploit the vulnerability and potentially escalate privileges, posing significant security risks to affected systems.",Intel,"Intel(r) Converged Security & Management Engine (csme), Intel(r) Server Platform Services (sps)",7.1,HIGH,0.0007699999841861427,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0