Common Weakness Enumeration

CWE-1191

Allowed

On-Chip Debug and Test Interface With Improper Access Control

Abstraction: Base · Status: Stable

The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test modes through the physical debug/test interface.

35 vulnerabilities reference this CWE, most recent first.

CVE-2024-48970 (GCVE-0-2024-48970)

Vulnerability from cvelistv5 – Published: 2024-11-14 21:31 – Updated: 2024-11-18 15:23
VLAI
Title
Life2000 Ventilator microcontroller lacks memory protection
Summary
The ventilator's microcontroller lacks memory protection. An attacker could connect to the internal JTAG interface and read or write to flash memory using an off-the-shelf debugging tool, which could disrupt the function of the device and/or cause unauthorized information disclosure.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-1191 - On-Chip Debug and Test Interface with Improper Access Control
Assigner
Impacted products
Vendor Product Version
Baxter Life2000 Ventilation System Affected: 06.08.00.00 and prior
Create a notification for this product.
baxter life2000_ventilator_firmware Affected: 0 , ≤ 06.08.00.00 (custom)
    cpe:2.3:o:baxter:life2000_ventilator_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-11-14 21:28
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:baxter:life2000_ventilator_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "life2000_ventilator_firmware",
            "vendor": "baxter",
            "versions": [
              {
                "lessThanOrEqual": "06.08.00.00",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-48970",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-18T15:22:31.746766Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-18T15:23:48.292Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Life2000 Ventilation System",
          "vendor": "Baxter",
          "versions": [
            {
              "status": "affected",
              "version": "06.08.00.00 and prior"
            }
          ]
        }
      ],
      "datePublic": "2024-11-14T21:28:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The ventilator\u0027s microcontroller lacks memory protection. An attacker could connect to the internal JTAG interface and read or write to flash memory using an off-the-shelf debugging tool, which could disrupt the function of the device and/or cause unauthorized information disclosure."
            }
          ],
          "value": "The ventilator\u0027s microcontroller lacks memory protection. An attacker could connect to the internal JTAG interface and read or write to flash memory using an off-the-shelf debugging tool, which could disrupt the function of the device and/or cause unauthorized information disclosure."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-117",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-117 Interception"
            }
          ]
        },
        {
          "capecId": "CAPEC-458",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-458 Flash Memory Attacks"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1191",
              "description": "CWE-1191 On-Chip Debug and Test Interface with Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-14T21:53:34.989Z",
        "orgId": "dba971b9-eb30-4121-91e1-3b45611354aa",
        "shortName": "Baxter"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-319-01"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Life2000 Ventilator microcontroller lacks memory protection",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dba971b9-eb30-4121-91e1-3b45611354aa",
    "assignerShortName": "Baxter",
    "cveId": "CVE-2024-48970",
    "datePublished": "2024-11-14T21:31:14.701Z",
    "dateReserved": "2024-10-10T19:24:41.494Z",
    "dateUpdated": "2024-11-18T15:23:48.292Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-41692 (GCVE-0-2024-41692)

Vulnerability from cvelistv5 – Published: 2024-07-26 12:11 – Updated: 2024-08-02 04:46
VLAI
Title
Incorrect Access Control Vulnerability
Summary
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary commands with root privileges on the targeted system.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
Assigner
References
Impacted products
Vendor Product Version
SyroTech SyroTech SY-GPON-1110-WDONT router Affected: 3.1.02-231102
Create a notification for this product.
syrotech sy-gpon-1110-wdont_firmware Affected: 3.1.02-231102
    cpe:2.3:o:syrotech:sy-gpon-1110-wdont_firmware:3.1.02-231102:*:*:*:*:*:*:*
Create a notification for this product.
Credits
These vulnerabilities are discovered by Shravan Singh, Rahul Giri, & Karan Patel from Redfox Cyber Security Inc, Toronto, Canada.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:syrotech:sy-gpon-1110-wdont_firmware:3.1.02-231102:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sy-gpon-1110-wdont_firmware",
            "vendor": "syrotech",
            "versions": [
              {
                "status": "affected",
                "version": "3.1.02-231102"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41692",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-26T12:49:18.593985Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-26T16:22:01.339Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:46:52.682Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0225"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "SyroTech SY-GPON-1110-WDONT router",
          "vendor": "SyroTech",
          "versions": [
            {
              "status": "affected",
              "version": "3.1.02-231102"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "These vulnerabilities are discovered by Shravan Singh, Rahul Giri, \u0026 Karan Patel from Redfox Cyber Security Inc, Toronto, Canada."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation of this vulnerability could allow the attacker to execute arbitrary commands with root privileges on the targeted system.\u003cbr\u003e"
            }
          ],
          "value": "This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to execute arbitrary commands with root privileges on the targeted system."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-180",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "PHYSICAL",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1191",
              "description": "CWE-1191: On-Chip Debug and Test Interface With Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-01T07:50:52.960Z",
        "orgId": "66834db9-ab24-42b4-be80-296b2e40335c",
        "shortName": "CERT-In"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0225"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Upgrade SyroTech SY-GPON-1110-WDONT Router firmware to patched version 3.1.02-240517\u003cbr\u003e\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://drive.google.com/file/d/1JQc3AkJm69mV0kg2c-b-zzaojc87Rru9/view\"\u003ehttp://drive.google.com/file/d/1JQc3AkJm69mV0kg2c-b-zzaojc87Rru9/view\u003c/a\u003e\u003cbr\u003e"
            }
          ],
          "value": "Upgrade SyroTech SY-GPON-1110-WDONT Router firmware to patched version 3.1.02-240517\n\n http://drive.google.com/file/d/1JQc3AkJm69mV0kg2c-b-zzaojc87Rru9/view"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Incorrect Access Control Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "66834db9-ab24-42b4-be80-296b2e40335c",
    "assignerShortName": "CERT-In",
    "cveId": "CVE-2024-41692",
    "datePublished": "2024-07-26T12:11:27.774Z",
    "dateReserved": "2024-07-19T11:24:20.421Z",
    "dateUpdated": "2024-08-02T04:46:52.682Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-36319 (GCVE-0-2024-36319)

Vulnerability from cvelistv5 – Published: 2026-02-12 17:41 – Updated: 2026-02-26 14:44
VLAI
Summary
Debug code left active in AMD's Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
Assigner
AMD
Impacted products
Vendor Product Version
AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics; AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2
Create a notification for this product.
AMD AMD Ryzen™ AI MAX Series Processors Unaffected: AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2
Create a notification for this product.
AMD AMD Ryzen™ AI 300 Series Processors Unaffected: AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2
Create a notification for this product.
AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2
Create a notification for this product.
AMD AMD Ryzen™ Embedded 8000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
Create a notification for this product.
AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
Create a notification for this product.
AMD AMD Ryzen™ Embedded 9000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
Create a notification for this product.
AMD AMD Radeon™ RX 7000 Series Graphics Products Unaffected: 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2(25.10.10), Radeon Software For Linux 25.10.1
Create a notification for this product.
AMD AMD Radeon™ PRO W7000 Series Graphics Products Unaffected: 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2(25.10.10), Radeon Software For Linux 25.10.1
Create a notification for this product.
AMD AMD Instinct™ MI300X Unaffected: ROCm 6.2.4
Create a notification for this product.
AMD AMD Instinct™ MI300A Unaffected: ROCm 6.2.4
Create a notification for this product.
AMD AMD Instinct™ MI308X Unaffected: ROCm 6.2.4
Create a notification for this product.
AMD AMD Instinct™ MI325X Unaffected: ROCm 6.2.4
Create a notification for this product.
AMD AMD Radeon™ PRO V710 Unaffected: Contact your AMD Customer Engineering representative
Create a notification for this product.
Date Public
2026-02-12 17:40
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36319",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-13T04:56:40.296265Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T14:44:20.866Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics;\r\nAMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI MAX Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 AI 300 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 25.5.1, AMD Software: PRO Edition 25.Q2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2(25.10.10), Radeon Software For Linux 25.10.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2(25.10.10), Radeon Software For Linux 25.10.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300X",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.2.4"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300A",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.2.4"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI308X",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.2.4"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI325X",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ROCm 6.2.4"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V710",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        }
      ],
      "datePublic": "2026-02-12T17:40:51.607Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Debug code left active in AMD\u0027s Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system.\u003cbr\u003e"
            }
          ],
          "value": "Debug code left active in AMD\u0027s Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1191",
              "description": "CWE-1191  On-Chip Debug and Test Interface With Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-12T17:41:06.194Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2024-36319",
    "datePublished": "2026-02-12T17:41:06.194Z",
    "dateReserved": "2024-05-23T19:44:40.300Z",
    "dateUpdated": "2026-02-26T14:44:20.866Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-4231 (GCVE-0-2024-4231)

Vulnerability from cvelistv5 – Published: 2024-05-10 13:29 – Updated: 2024-08-01 20:33
VLAI
Title
Incorrect Access Control Vulnerability in Digisol Router
Summary
This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by identifying UART pins and accessing the root shell on the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to access the sensitive information on the targeted system.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
Assigner
References
Impacted products
Vendor Product Version
Digisol Digisol Router DG-GR1321 Affected: v3.2.02
Create a notification for this product.
digisol dg-gr1321_firmware Affected: 3.2.02
    cpe:2.3:o:digisol:dg-gr1321_firmware:3.2.02:*:*:*:*:*:*:*
Create a notification for this product.
Credits
This vulnerability is discovered by Shravan Singh, Ganesh Bakare and Karan Patel from Redfox Cyber Security Inc, Toronto, Canada.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:digisol:dg-gr1321_firmware:3.2.02:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "dg-gr1321_firmware",
            "vendor": "digisol",
            "versions": [
              {
                "status": "affected",
                "version": "3.2.02"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "PHYSICAL",
              "availabilityImpact": "NONE",
              "baseScore": 4.6,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-4231",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-24T17:06:32.072169Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-24T17:14:26.318Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:33:52.975Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0158"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Digisol Router DG-GR1321",
          "vendor": "Digisol",
          "versions": [
            {
              "status": "affected",
              "version": "v3.2.02"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "This vulnerability is discovered by Shravan Singh, Ganesh Bakare and Karan Patel from Redfox Cyber Security Inc, Toronto, Canada."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThis vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L;  Firmware version : v3.2.02) due to presence of root terminal access on a serial interface without proper access control. An\u00a0attacker\u00a0with\u00a0physical\u00a0access\u00a0could exploit this by identifying UART pins and accessing the root shell on the vulnerable system.\u003c/p\u003e\u003cp\u003eSuccessful exploitation of this vulnerability could allow the attacker to access the sensitive information on the targeted system.\u003c/p\u003e"
            }
          ],
          "value": "This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L;  Firmware version : v3.2.02) due to presence of root terminal access on a serial interface without proper access control. An\u00a0attacker\u00a0with\u00a0physical\u00a0access\u00a0could exploit this by identifying UART pins and accessing the root shell on the vulnerable system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to access the sensitive information on the targeted system."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "PHYSICAL",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1191",
              "description": "CWE-1191: On-Chip Debug and Test Interface With Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-05T12:21:30.085Z",
        "orgId": "66834db9-ab24-42b4-be80-296b2e40335c",
        "shortName": "CERT-In"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0158"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Upgrade Digisol Router firmware to version v3.1.02-240311.\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.digisol.com/firmware/\"\u003ehttps://www.digisol.com/firmware/\u003c/a\u003e\u003cbr\u003e"
            }
          ],
          "value": "Upgrade Digisol Router firmware to version v3.1.02-240311.\n https://www.digisol.com/firmware/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Incorrect Access Control Vulnerability in Digisol Router",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "66834db9-ab24-42b4-be80-296b2e40335c",
    "assignerShortName": "CERT-In",
    "cveId": "CVE-2024-4231",
    "datePublished": "2024-05-10T13:29:46.081Z",
    "dateReserved": "2024-04-26T09:44:57.958Z",
    "dateUpdated": "2024-08-01T20:33:52.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-32666 (GCVE-0-2023-32666)

Vulnerability from cvelistv5 – Published: 2024-03-14 16:45 – Updated: 2025-02-13 16:54
VLAI
Summary
On-chip debug and test interface with improper access control in some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • escalation of privilege
  • CWE-1191 - On-chip debug and test interface with improper access control
Assigner
Impacted products
Vendor Product Version
n/a 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX Affected: some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX
intel xeon_e-2124g_firmware Affected: 0 , < * (custom)
    cpe:2.3:o:intel:e3-1220l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e3-1226_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e3-1230l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e3-1231_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e3-1241_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e3-1246_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e3-1265l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e3-1271_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e3-1275l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e3-1276_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e3-1281_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e3-1285l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e3-1286_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e3-1286l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-1428l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-1620_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-1630_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-1650_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-1660_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-1680_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2408l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2418l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2428l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2438l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2603_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2608l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2609_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2618l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2620_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2623_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2628l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2630_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2630l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2637_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2640_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2643_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2648l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2650_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2650l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2658a_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2658_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2660_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2667_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2670_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2680_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2683_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2687w_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2690_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2695_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2697_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2698_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-2699_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-4610_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-4620_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-4627_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-4640_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-4648_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-4650_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-4655_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-4660_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-4667_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e5-4669_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e7-4809_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e7-4820_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e7-4830_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e7-4850_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e7-8860_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e7-8867_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e7-8870_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e7-8880_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e7-8880l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e7-8890_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e7-8891_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:e7-8893_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_3040_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_3050_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_3060_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_3065_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_3070_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_3104_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_3106_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_3204_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_3206r_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4108_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4109t_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4110_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4112_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4114_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4114t_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4116_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4116t_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4208_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4208r_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4209t_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4210_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4210r_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4214c_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4214_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4214r_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4214y_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4215_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4216_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_4216r_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5030_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5040_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5050_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5060_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5063_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5070_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5080_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5110_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5115_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5118_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5119t_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5120_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5120t_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5122_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5130_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5140_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5150_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5160_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5215_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5215l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5215m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5215r_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5217_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5218b_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5218_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5218n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5218t_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5220_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5220r_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5220s_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5220t_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_5222_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6126f_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6126_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6126t_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6128_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6130f_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6130_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6130t_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6132_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6134_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6134m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6136_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6138f_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6138_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6138t_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6140_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6140m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6142f_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6142_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6142m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6144_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6146_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6148f_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6148_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6150_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6152_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6154_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6222v_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6226_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6230_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6230n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6230t_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6234_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6238_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6238l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6238m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6238t_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6240_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6240l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6240m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6240y_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6242_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6244_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6246_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6248_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6252_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6252n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6254_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_6262v_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_7020_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_7030_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_7040_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_7041_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_7110m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_7110n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_7120m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_7120n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_7130m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_7130n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_7140m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_7140n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_7150n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8153_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8156_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8158_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8160f_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8160_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8160m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8160t_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8164_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8168_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8170_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8170m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8176f_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8176_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8176m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8180_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8180m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8253_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8256_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8260_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8260l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8260m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8260y_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8268_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8270_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8276_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8276l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8276m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8280_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8280l_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_8280m_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_9220_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_9221_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_9222_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_9242_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_9282_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_bronze_3104_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_bronze_3106_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_bronze_3204_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_bronze_3206r_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_bronze_3408u_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_bronze_processors_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1513n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1518_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1520_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1521_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1523n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1524n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1527_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1528_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1529_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1531_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1533n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1537_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1539_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1540_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1541_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1543n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1548_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1553n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1557_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1559_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1563n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1564n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1567_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1571_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1573n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1577_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1581_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1587_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1602_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1612_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1622_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1623n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1627_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1632_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1633n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1637_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1649n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1653n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d1700_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1702_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1712tr_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1713nte_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1713nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1714_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1715ter_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1718t_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1722ne_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1726_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1731nte_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1732te_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1733nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1734nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1735tr_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1736_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1736nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1739_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1746ter_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1747nte_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1748te_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-1749nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2123it_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2141i_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2142it_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2143it_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2145nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2146nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2161i_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2163it_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2166nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2173it_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2177nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2183it_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2187nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2191_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d2700_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2712t_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2733nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2738_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2745nx_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2752nte_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2752ter_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2753nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2757nx_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2766nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2775te_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2776nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2777nx_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2779_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2786nte_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2795nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2796nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2796te_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2798nt_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2798nx_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_d-2799_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_e-1105c_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_e-2104g_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_e-2124_firmware:-:*:*:*:*:windows:*:*
    cpe:2.3:o:intel:xeon_e-2124_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:xeon_e-2124g_firmware:-:*:*:*:*:windows:*:*
    cpe:2.3:o:intel:xeon_e-2124g_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:25:36.717Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html",
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240405-0010/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:intel:e3-1220l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e3-1226_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e3-1230l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e3-1231_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e3-1241_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e3-1246_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e3-1265l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e3-1271_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e3-1275l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e3-1276_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e3-1281_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e3-1285l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e3-1286_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e3-1286l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-1428l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-1620_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-1630_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-1650_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-1660_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-1680_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2408l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2418l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2428l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2438l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2603_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2608l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2609_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2618l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2620_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2623_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2628l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2630_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2630l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2637_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2640_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2643_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2648l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2650_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2650l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2658a_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2658_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2660_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2667_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2670_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2680_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2683_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2687w_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2690_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2695_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2697_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2698_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-2699_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-4610_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-4620_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-4627_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-4640_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-4648_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-4650_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-4655_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-4660_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-4667_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e5-4669_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e7-4809_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e7-4820_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e7-4830_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e7-4850_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e7-8860_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e7-8867_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e7-8870_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e7-8880_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e7-8880l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e7-8890_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e7-8891_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:e7-8893_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_3040_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_3050_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_3060_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_3065_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_3070_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_3104_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_3106_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_3204_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_3206r_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4108_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4109t_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4110_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4112_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4114_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4114t_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4116_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4116t_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4208_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4208r_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4209t_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4210_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4210r_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4214c_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4214_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4214r_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4214y_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4215_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4216_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_4216r_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5030_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5040_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5050_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5060_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5063_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5070_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5080_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5110_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5115_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5118_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5119t_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5120_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5120t_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5122_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5130_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5140_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5150_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5160_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5215_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5215l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5215m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5215r_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5217_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5218b_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5218_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5218n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5218t_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5220_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5220r_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5220s_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5220t_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_5222_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6126f_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6126_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6126t_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6128_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6130f_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6130_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6130t_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6132_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6134_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6134m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6136_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6138f_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6138_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6138t_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6140_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6140m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6142f_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6142_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6142m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6144_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6146_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6148f_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6148_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6150_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6152_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6154_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6222v_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6226_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6230_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6230n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6230t_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6234_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6238_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6238l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6238m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6238t_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6240_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6240l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6240m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6240y_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6242_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6244_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6246_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6248_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6252_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6252n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6254_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_6262v_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_7020_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_7030_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_7040_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_7041_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_7110m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_7110n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_7120m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_7120n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_7130m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_7130n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_7140m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_7140n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_7150n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8153_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8156_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8158_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8160f_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8160_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8160m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8160t_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8164_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8168_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8170_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8170m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8176f_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8176_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8176m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8180_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8180m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8253_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8256_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8260_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8260l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8260m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8260y_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8268_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8270_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8276_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8276l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8276m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8280_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8280l_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_8280m_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_9220_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_9221_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_9222_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_9242_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_9282_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_bronze_3104_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_bronze_3106_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_bronze_3204_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_bronze_3206r_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_bronze_3408u_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_bronze_processors_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1513n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1518_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1520_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1521_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1523n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1524n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1527_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1528_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1529_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1531_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1533n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1537_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1539_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1540_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1541_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1543n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1548_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1553n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1557_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1559_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1563n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1564n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1567_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1571_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1573n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1577_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1581_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1587_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1602_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1612_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1622_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1623n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1627_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1632_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1633n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1637_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1649n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1653n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d1700_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1702_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1712tr_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1713nte_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1713nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1714_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1715ter_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1718t_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1722ne_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1726_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1731nte_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1732te_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1733nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1734nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1735tr_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1736_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1736nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1739_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1746ter_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1747nte_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1748te_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-1749nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2123it_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2141i_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2142it_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2143it_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2145nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2146nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2161i_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2163it_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2166nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2173it_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2177nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2183it_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2187nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2191_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d2700_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2712t_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2733nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2738_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2745nx_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2752nte_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2752ter_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2753nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2757nx_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2766nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2775te_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2776nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2777nx_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2779_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2786nte_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2795nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2796nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2796te_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2798nt_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2798nx_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_d-2799_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e-1105c_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e-2104g_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e-2124_firmware:-:*:*:*:*:windows:*:*",
              "cpe:2.3:o:intel:xeon_e-2124_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:intel:xeon_e-2124g_firmware:-:*:*:*:*:windows:*:*",
              "cpe:2.3:o:intel:xeon_e-2124g_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "xeon_e-2124g_firmware",
            "vendor": "intel",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-32666",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-15T18:02:00.632301Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-26T20:44:28.557Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "On-chip debug and test interface with improper access control in some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "escalation of privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-1191",
              "description": "On-chip debug and test interface with improper access control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-05T09:05:53.842Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html",
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00986.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240405-0010/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2023-32666",
    "datePublished": "2024-03-14T16:45:44.785Z",
    "dateReserved": "2023-08-04T03:00:04.683Z",
    "dateUpdated": "2025-02-13T16:54:56.071Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GHSA-2VHM-8PV3-VJ8C

Vulnerability from github – Published: 2025-07-09 03:30 – Updated: 2025-07-09 03:30
VLAI
Details

A vulnerability classified as critical has been found in FNKvision FNK-GU2 up to 40.1.7. Affected is an unknown function of the component UART Interface. The manipulation leads to on-chip debug and test interface with improper access control. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-7213"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-09T03:15:31Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability classified as critical has been found in FNKvision FNK-GU2 up to 40.1.7. Affected is an unknown function of the component UART Interface. The manipulation leads to on-chip debug and test interface with improper access control. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-2vhm-8pv3-vj8c",
  "modified": "2025-07-09T03:30:24Z",
  "published": "2025-07-09T03:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7213"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/@pundhapat/sqli-in-the-cloud-root-on-the-board-a-beginners-journey-into-iot-hacking-06efb2539a21"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.315162"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.315162"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.608025"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-4RQQ-PPH2-52G5

Vulnerability from github – Published: 2025-12-25 18:30 – Updated: 2025-12-25 18:30
VLAI
Details

A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown function of the component UART Interface. Executing manipulation can lead to on-chip debug and test interface with improper access control. The physical device can be targeted for the attack. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-15083"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-25T18:15:40Z",
    "severity": "LOW"
  },
  "details": "A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown function of the component UART Interface. Executing manipulation can lead to on-chip debug and test interface with improper access control. The physical device can be targeted for the attack. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-4rqq-pph2-52g5",
  "modified": "2025-12-25T18:30:16Z",
  "published": "2025-12-25T18:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15083"
    },
    {
      "type": "WEB",
      "url": "https://hacklab.eu.org/blogs/zlt_m30s_debug_interface"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.338411"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.338411"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.707974"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6572-8R92-7FJF

Vulnerability from github – Published: 2024-07-26 15:31 – Updated: 2024-08-01 09:30
VLAI
Details

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system.

Successful exploitation of this vulnerability could allow the attacker to execute arbitrary commands with root privileges on the targeted system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-41692"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-26T13:15:09Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to execute arbitrary commands with root privileges on the targeted system.",
  "id": "GHSA-6572-8r92-7fjf",
  "modified": "2024-08-01T09:30:49Z",
  "published": "2024-07-26T15:31:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41692"
    },
    {
      "type": "WEB",
      "url": "https://cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0225"
    },
    {
      "type": "WEB",
      "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0225"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6JW6-77Q7-32WQ

Vulnerability from github – Published: 2025-12-10 21:31 – Updated: 2025-12-11 21:31
VLAI
Details

The ESP32 system on a chip (SoC) that powers the Meatmeet Pro was found to have JTAG enabled. By leaving JTAG enabled on an ESP32 in a commercial product an attacker with physical access to the device can connect over this port and reflash the device's firmware with malicious code which will be executed upon running. As a result, the victim will lose access to the functionality of their device and the attack may gain unauthorized access to the victim's Wi-Fi network by re-connecting to the SSID defined in the NVS partition of the device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-65822"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-10T21:16:07Z",
    "severity": "MODERATE"
  },
  "details": "The ESP32 system on a chip (SoC) that powers the Meatmeet Pro was found to have JTAG enabled. By leaving JTAG enabled on an ESP32 in a commercial product an attacker with physical access to the device can connect over this port and reflash the device\u0027s firmware with malicious code which will be executed upon running. As a result, the victim will lose access to the functionality of their device and the attack may gain unauthorized access to the victim\u0027s Wi-Fi network by re-connecting to the SSID defined in the NVS partition of the device.",
  "id": "GHSA-6jw6-77q7-32wq",
  "modified": "2025-12-11T21:31:27Z",
  "published": "2025-12-10T21:31:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65822"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/dead1nfluence/4dffc239b4a460f41a03345fd8e5feb5#file-jtag-enabled-md"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dead1nfluence/Meatmeet-Pro-Vulnerabilities/blob/main/Device/JTAG-Enabled.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7C3C-M7HV-59QQ

Vulnerability from github – Published: 2025-09-05 18:31 – Updated: 2025-09-05 18:31
VLAI
Details

On-Chip Debug and Test Interface With Improper Access Control and Improper Protection against Electromagnetic Fault Injection (EM-FI) in Nordic Semiconductor nRF52810 allow attacker to perform EM Fault Injection and bypass APPROTECT at runtime, requiring the least amount of modification to the hardware system possible.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-9709"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-05T18:15:50Z",
    "severity": "HIGH"
  },
  "details": "On-Chip Debug and Test Interface With Improper Access Control and Improper Protection against Electromagnetic Fault Injection (EM-FI) in Nordic Semiconductor nRF52810 allow attacker to perform EM Fault Injection and bypass APPROTECT at runtime, requiring the least amount of modification to the hardware system possible.",
  "id": "GHSA-7c3c-m7hv-59qq",
  "modified": "2025-09-05T18:31:28Z",
  "published": "2025-09-05T18:31:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27211"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9709"
    },
    {
      "type": "WEB",
      "url": "https://raelize.com/upload/research/2022/No_Hat_2022_-_Glitching_devices_for_code_execution_v1.1.pdf"
    },
    {
      "type": "WEB",
      "url": "https://raelize.com/upload/research/2025/Dartmouth_202505_False-Injections-Tales-of-Physics-Misconceptions-and-Weird-Machines_v1.1.pdf"
    },
    {
      "type": "WEB",
      "url": "https://www.toreon.com/cve-2025-9709-major-vulnerability-in-common-chip"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation
Architecture and Design

Strategy: Separation of Privilege

If feasible, the manufacturer should disable the JTAG interface or implement authentication and authorization for the JTAG interface. If authentication logic is added, it should be resistant to timing attacks. Security-sensitive data stored in registers, such as keys, etc. should be cleared when entering debug mode.

CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs

In applications, particularly web applications, access to functionality is mitigated by an authorization framework. This framework maps Access Control Lists (ACLs) to elements of the application's functionality; particularly URL's for web apps. In the case that the administrator failed to specify an ACL for a particular element, an attacker may be able to access it with impunity. An attacker with the ability to access functionality not properly constrained by ACLs can obtain sensitive information and possibly compromise the entire application. Such an attacker can access resources that must be available only to users at a higher privilege level, can access management sections of the application, or can run queries for data that they otherwise not supposed to.

CAPEC-180: Exploiting Incorrectly Configured Access Control Security Levels

An attacker exploits a weakness in the configuration of access controls and is able to bypass the intended protection that these measures guard against and thereby obtain unauthorized access to the system or network. Sensitive functionality should always be protected with access controls. However configuring all but the most trivial access control systems can be very complicated and there are many opportunities for mistakes. If an attacker can learn of incorrectly configured access security settings, they may be able to exploit this in an attack.