# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.

1 CVE-2019-11184 362 2019-09-16 2019-09-18 2.9 None Local Network Medium Not required Partial None None

A race condition in specific microprocessors using Intel (R) DDIO cache allocation and RDMA may allow an authenticated user to potentially enable partial information disclosure via adjacent access.

2 CVE-2019-11166 269 2019-09-16 2019-09-17 4.6 None Local Low Not required Partial Partial Partial

Improper file permissions in the installer for Intel(R) Easy Streaming Wizard before version 2.1.0731 may allow an authenticated user to potentially enable escalation of privilege via local attack.

3 CVE-2019-11163 284 DoS 2019-08-19 2019-08-29 4.6 None Local Low Not required Partial Partial Partial

Insufficient access control in a hardware abstraction driver for Intel(R) Processor Identification Utility for Windows before version 6.1.0731 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.

4 CVE-2019-11148 275 2019-08-19 2019-08-27 4.6 None Local Low Not required Partial Partial Partial

Improper permissions in the installer for Intel(R) Remote Displays SDK before version 2.0.1 R2 may allow an authenticated user to potentially enable escalation of privilege via local access.

5 CVE-2019-11143 275 2019-08-19 2019-08-27 4.6 None Local Low Not required Partial Partial Partial

Improper permissions in the software installer for Intel(R) Authenticate before 3.8 may allow an authenticated user to potentially enable escalation of privilege via local access.

6 CVE-2019-11140 20 DoS 2019-08-19 2019-08-27 4.6 None Local Low Not required Partial Partial Partial

Insufficient session validation in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

7 CVE-2019-11129 125 DoS 2019-06-13 2019-06-20 4.6 None Local Low Not required Partial Partial Partial

Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

8 CVE-2019-11128 20 DoS 2019-06-13 2019-06-24 4.6 None Local Low Not required Partial Partial Partial

Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

9 CVE-2019-11127 119 DoS Overflow 2019-06-13 2019-06-24 4.6 None Local Low Not required Partial Partial Partial

Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

10 CVE-2019-11126 119 DoS Overflow 2019-06-13 2019-06-24 4.6 None Local Low Not required Partial Partial Partial

Pointer corruption in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

11 CVE-2019-11125 20 DoS 2019-06-13 2019-06-24 4.6 None Local Low Not required Partial Partial Partial

Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

12 CVE-2019-11124 125 DoS 2019-06-13 2019-06-24 4.6 None Local Low Not required Partial Partial Partial

Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

13 CVE-2019-11123 20 DoS 2019-06-13 2019-06-24 4.6 None Local Low Not required Partial Partial Partial

Insufficient session validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.

14 CVE-2019-11119 20 2019-06-13 2019-06-24 7.5 None Remote Low Not required Partial Partial Partial

Insufficient session validation in the service API for Intel(R) RWC3 version 4.186 and before may allow an unauthenticated user to potentially enable escalation of privilege via network access.

15 CVE-2019-11114 20 DoS 2019-05-17 2019-05-21 2.1 None Local Low Not required None None Partial

Insufficient input validation in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable denial of service via local access.

16 CVE-2019-11095 284 2019-05-17 2019-05-21 2.1 None Local Low Not required Partial None None

Insufficient access control in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access.

17 CVE-2019-11094 20 DoS 2019-05-17 2019-05-21 4.6 None Local Low Not required Partial Partial Partial

Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.

18 CVE-2019-11093 264 2019-05-17 2019-05-21 4.6 None Local Low Not required Partial Partial Partial

Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.

19 CVE-2019-11092 254 2019-06-13 2019-06-14 3.6 None Local Low Not required Partial Partial None

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

20 CVE-2019-11091 200 Exec Code +Info 2019-05-30 2019-06-11 4.7 None Local Medium Not required Complete None None

Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

21 CVE-2019-0183 200 +Info 2019-06-13 2019-06-24 2.1 None Local Low Not required Partial None None

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

22 CVE-2019-0182 22 Dir. Trav. 2019-06-13 2019-06-24 2.1 None Local Low Not required Partial None None

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

23 CVE-2019-0181 20 2019-06-13 2019-06-24 4.6 None Local Low Not required Partial Partial Partial

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

24 CVE-2019-0180 254 2019-06-13 2019-06-24 3.6 None Local Low Not required Partial Partial None

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

25 CVE-2019-0179 254 2019-06-13 2019-06-24 3.6 None Local Low Not required Partial Partial None

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

26 CVE-2019-0178 362 2019-06-13 2019-06-24 3.3 None Local Medium Not required Partial Partial None

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

27 CVE-2019-0177 20 2019-06-13 2019-06-24 3.6 None Local Low Not required Partial Partial None

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

28 CVE-2019-0175 264 2019-06-13 2019-06-24 3.6 None Local Low Not required Partial Partial None

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

29 CVE-2019-0174 200 +Info 2019-06-13 2019-06-19 2.1 None Local Low Not required Partial None None

Logic condition in specific microprocessors may allow an authenticated user to potentially enable partial physical address information disclosure via local access.

30 CVE-2019-0173 287 Bypass 2019-08-19 2019-08-27 5.8 None Remote Medium Not required Partial Partial None

Authentication bypass in the web console for Intel(R) Raid Web Console 2 all versions may allow an unauthenticated attacker to potentially enable disclosure of information via network access.

31 CVE-2019-0172 264 2019-05-17 2019-05-20 7.5 None Remote Low Not required Partial Partial Partial

A logic issue in Intel Unite(R) Client for Android prior to version 4.0 may allow a remote attacker to potentially enable escalation of privilege via network access.

32 CVE-2019-0170 119 Overflow 2019-05-17 2019-06-20 4.6 None Local Low Not required Partial Partial Partial

Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.

33 CVE-2019-0164 264 2019-06-13 2019-06-17 4.4 None Local Medium Not required Partial Partial Partial

Improper permissions in the installer for Intel(R) Turbo Boost Max Technology 3.0 driver version 1.0.0.1035 and before may allow an authenticated user to potentially enable escalation of privilege via local access.

34 CVE-2019-0162 200 +Info 2019-04-17 2019-05-07 2.1 None Local Low Not required Partial None None

Memory access in virtual memory mapping for some microprocessors may allow an authenticated user to potentially enable information disclosure via local access.

35 CVE-2019-0158 264 2019-04-17 2019-04-18 4.6 None Local Low Not required Partial Partial Partial

Insufficient path checking in the installation package for Intel(R) Graphics Performance Analyzer for Linux version 18.4 and before may allow an authenticated user to potentially enable escalation of privilege via local access.

36 CVE-2019-0153 119 Overflow 2019-05-17 2019-05-28 7.5 None Remote Low Not required Partial Partial Partial

Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

37 CVE-2019-0138 264 2019-05-17 2019-05-20 4.6 None Local Low Not required Partial Partial Partial

Improper directory permissions in Intel(R) ACU Wizard version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.

38 CVE-2019-0135 264 2019-03-14 2019-06-13 4.6 None Local Low Not required Partial Partial Partial

Improper permissions in the installer for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an authenticated user to potentially enable escalation of privilege via local access. L-SA-00206

39 CVE-2019-0132 20 DoS 2019-05-17 2019-05-21 5.0 None Remote Low Not required None None Partial

Data Corruption in Intel Unite(R) Client before version 3.3.176.13 may allow an unauthenticated user to potentially cause a denial of service via network access.

40 CVE-2019-0127 200 +Info 2019-02-18 2019-04-01 2.1 None Local Low Not required Partial None None

Logic error in the installer for Intel(R) OpenVINO(TM) 2018 R3 and before for Linux may allow a privileged user to potentially enable information disclosure via local access.

41 CVE-2019-0126 264 DoS 2019-05-17 2019-06-06 7.2 None Local Low Not required Complete Complete Complete

Insufficient access control in silicon reference firmware for Intel(R) Xeon(R) Scalable Processor, Intel(R) Xeon(R) Processor D Family may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access.

42 CVE-2019-0121 264 2019-03-14 2019-04-18 4.6 None Local Low Not required Partial Partial Partial

Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and before may allow an authenticated user to potentially enable escalation of privilege via local access.

43 CVE-2019-0120 284 DoS 2019-05-17 2019-06-06 2.1 None Local Low Not required None None Partial

Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series may allow a privileged user to potentially enable denial of service via local access.

44 CVE-2019-0119 119 DoS Overflow 2019-05-17 2019-06-06 7.2 None Local Low Not required Complete Complete Complete

Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access.

45 CVE-2019-0116 125 DoS 2019-05-17 2019-05-21 2.1 None Local Low Not required None None Partial

An out of bound read in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow a privileged user to potentially enable denial of service via local access.

46 CVE-2019-0115 20 DoS 2019-05-17 2019-05-21 2.1 None Local Low Not required None None Partial

Insufficient input validation in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable denial of service via local access.

47 CVE-2019-0114 362 DoS 2019-05-17 2019-05-21 1.9 None Local Medium Not required None None Partial

A race condition in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access.

48 CVE-2019-0113 119 DoS Overflow 2019-05-17 2019-05-21 2.1 None Local Low Not required None None Partial

Insufficient bounds checking in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access.

49 CVE-2019-0098 264 2019-05-17 2019-06-19 7.2 None Local Low Not required Complete Complete Complete

Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

50 CVE-2019-0096 787 2019-05-17 2019-06-20 5.2 None Local Network Low Single system Partial Partial Partial