The latest security information on Intel® products.

Intel® Product Security Center Advisories

Intel is focused on ensuring the security of our customers computing environments. We are committed to rapidly addressing issues as they arise, and providing recommendations through security advisories and security notices.

Security advisories are fixes or workarounds for vulnerabilities identified with Intel products.

Advisories Updated Release Date
Insecure Handling of BIOS and AMT Passwords July 10, 2018
July 10, 2018
EDK II Untested memory not covered by SMM page protection July 10, 2018 July 10, 2018
Platform firmware included insecure handling of certain UEFI variables July 10, 2018 July 10, 2018
Intel® Quartus® Prime Pro July 10, 2018
July 10, 2018
Firmware Authentication Bypass July 10, 2018 July 10, 2018
Intel® Quartus Family of Tools Privilege Escalation Vulnerability July 10, 2018 July 10, 2018
Insufficient Input Validation in Intel® VTune Amplifier, Intel® Advisor and Intel® Inspector products before version 2018 Update 3 potentially allows an unprivileged user to trigger a Denial of Service via local vector July 10, 2018 July 10, 2018
BMC Firmware Vulnerability Intel Server Boards, Compute Modules and Systems July 10, 2018 July 10, 2018
Insufficient Input Validation in Bleach module in Intel® Distribution for Python (IDP) version IDP 2018 Update 2 potentially allows an unprivileged user to bypass URI sanitization and cause a Denial of Service via local vector July 10, 2018 Juy 10, 2018
Intel® Converged Security Management Engine (Intel® CSME) 11.x issue July 10, 2018 July 10, 2018
Intel® Optane™ memory module update July 10, 2018 July 10, 2018
Intel Q1’18 Intel® Active Management Technology 9.x/10.x/11.x Security Review Cumulative Update July 10, 2018 July 10, 2018
DCI Policy Update July 9, 2018 July 9, 2018
Intel® Processor Diagnostic Tool Privilege Escalation Vulnerability June 27, 2018 June 27, 2018
Intel® Saffron MemoryBase Upate June 26, 2018 June 26, 2018
Lazy FP State Restore June 13, 2018 June 13, 2018
Q2 2018 Speculative Execution Side Channel Update June 25, 2018 May 21, 2018
Buffer Overflow in System Configuration Utilities May 15, 2018 May 15, 2018
Bounds check vulnerability in User Mode Driver in Intel Graphics Driver 15.40.x.4 and 21.20.x.x allows unprivileged user to cause a denial of service via local access. May 14, 2018 May 14, 2018
Parameter corruption in NDIS filter driver in Intel® Online Connect Access 1.9.22.0 allows an attacker to cause a denial of service via local access May 14, 2018 May 14, 2018
Intel® Integrated Performance Primitives Cryptography Library Update June 4, 2018 May 10, 2018
Intel® SGX SDK and Intel® SGX Platform Software Updates May 10, 2018 May 10, 2018
Elevation of Privilege vulnerability when installing Intel Wireless Drivers and related Software May 9, 2018 May 2, 2018
Intel® NUC BIOS SW SMI Call-Out Apr 17, 2018 Apr 17, 2018
Intel® 2G Firmware Update for Modems using ETWS Apr 11, 2018 Apr 4, 2018
Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method Apr 4, 2018 Jan 3, 2018
Intel® Remote Keyboard Unauthenticated Keystroke Injection Apr 3, 2018 Apr 3, 2018
Unsafe Opcodes exposed in Intel SPI based products Apr 3, 2018 Apr 3, 2018
Intel® SGX SDK Edger8r and Intel® Software Guard Extensions Platform Software Component Mar 19, 2018 Mar 20, 2018
Intel Q3’17 ME 6.x/7.x/8.x/9.x/10.x/11.x, SPS 4.0, and TXE 3.0 Security Review Cumulative Update Feb 7, 2018 Nov 20, 2017
Type Confusion in Content Protection HECI Service in Intel® Graphics Driver allows unprivileged user to elevate privileges via local access Feb 7, 2018 Dec 12, 2017
Pointer dereference in subsystem in Intel(R) Graphics Driver allows unprivileged user to elevate privileges via local access Jan 31, 2018 Jan 31, 2018
Untrusted search path in Intel Graphics Driver allows unprivileged user to elevate privileges via local access Jan 16, 2018 Jan 16, 2018
Intel® NUC Kit with Infineon Trusted Platform Module Jan 16, 2018 Jan 16, 2018
Intel Driver and Support Assistant Information Disclosure Jan 9, 2018 Jan 9, 2018
One or more Intel Products affected by the Wi-Fi Protected Access II (WPA2) protocol vulnerability Dec 7, 2017 Oct 16, 2017
Frame replay vulnerability in Wi-Fi subsystem in Intel® Dual-Band and Tri-Band Wireless-AC Products allows remote attacker to replay frames via channel-based man-in-the-middle Dec 7, 2017 Nov 20, 2017
Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege Dec 1, 2017 May 1, 2017
Intel® Deep Learning Training Tool Beta 1 security vulnerability Nov 20, 2017 Nov 20, 2017
Intel Unite ® App denial of service and information disclosure vulnerability Nov 14, 2017 Nov 14, 2017
Intel® NUC BIOS Security Updates Oct 10, 2017 Oct 6, 2017
Intel AMT® Upgradable to Vulnerable Firmware Sep 5, 2017 Sep 5, 2017
Intel® SSD 540s, Intel® SSD Pro 5400s, Intel® SSD E 5400s, and Intel® SSD DC S3100 data corruption vulnerability Aug 8, 2017 Aug 8, 2017
Intel® SSD Pro 6000p Series data corruption vulnerability Aug 8, 2017 Aug 8, 2017
Denial of Service in Kernel in multiple versions of the Intel Graphics Driver allows local attacker to perform a Denial of Service via an Out of Bounds Read Aug 1, 2017 Jul 31, 2017
SGX Update Jul 25, 2017 Jul 25, 2017
Intel® AMT Clickjacking Vulnerability
Jun 5, 2017 Jun 5, 2017
Intel® Solid State Drive Toolbox™ Escalation of Privilege Vulnerability
May 30, 2017 May 30, 2017
Intel® Branded NUC’s Vulnerable to SMM exploit
May 2, 2017 May 2, 2017
Intel® Hardware Accelerated Execution Manager Driver Privilege Escalation Vulnerability
Apr 3, 2017 Apr 3, 2017
Intel® NUC and Intel® Compute Stick DCI Disable
Apr 3, 2017 Apr 3, 2017
Intel® QuickAssist Technology RSA-CRT Vulnerability
Mar 7, 2017 Mar 7, 2017
Intel PSET Application Install wrapper contains an escalation of privilege vulnerability.
Feb 28, 2017 Feb 28, 2017
Intel® Ethernet Controller X710/XL710 Driver Security Vulnerability Feb 27, 2017 Feb 27, 2017
Vulnerability in Intel® RealSense™ Web Component allows authenticated users to elevate privileges via updater subsystem
Feb 7, 2017 Feb 7, 2017
Intel® Ethernet Controller X710/XL710 NVM Security Vulnerability Jan 9, 2017 Jan 9, 2017
Multiple Intel Software Products impacted by CVE-2016-2108
Dec 12, 2016 Dec 12, 2016
Intel® PROSet/Wireless Software Denial of Service
Dec 7, 2016 Dec 7, 2016
Intel® Wireless Bluetooth® Driver Unquoted Service Path
Dec 6, 2016 Dec 6, 2016
Intel® Branded NUC’s Vulnerable to SMM Exploit
Nov 29, 2016 Oct 3, 2016
Stack overflow vulnerability in Wind River VxWorks
Nov 1, 2016 Nov 1, 2016
Vulnerability in Intel SSD Toolbox allows authenticated users to elevate privileges via updater subsystem
Oct 4, 2016 Oct 4, 2016
A vulnerability in Intel Integrated Performance Primitives (IPP) Cryptography allows local users to recover the RSA private key via a potential side-channel.
Oct 4, 2016 Oct 4, 2016
SmmRuntime Escalation of Privilege Sep 30, 2016 Aug 8, 2016
Multiple Intel Software Products impacted by CVE-2016-4300
Sep 13, 2016 Sep 13, 2016
Multiple Potential Vulnerabilities in the Intel® Graphics Driver for Microsoft Windows
Aug 31, 2016 Jul 11, 2016
Certain Intel® SATA Solid State Drives Impacted by ATA Drive Password Vulnerability
Aug 1, 2016 Aug 1, 2016
Vulnerability impacting the Intel® Solid-State Drive 540s Series, Intel® Solid State Drive E 5400s Series and Intel® Solid State Drive DC S3100 Series drives
Aug 1, 2016 Jun 14, 2016
Potential vulnerability in the Intel® Ethernet Controller X710 and XL710 product families May 31, 2016 May 31, 2016
Multiple Intel Software Products and Services impacted by CVE-2015-7547 May 26, 2016 Mar 08, 2016
Potential vulnerability in the Intel® Ethernet diagnostics driver for Windows® May 06, 2016 Apr 11, 2016
Potential vulnerability in Intel® SSD Data Center Family for SATA Mar 15, 2016 Mar 15, 2016
Potential vulnerability in the Intel® Driver Update Utility Jan 19, 2016 Jan 19, 2016
Potential vulnerability of Intel® SSD 750 Series and Intel® SSD DC P3500 Series Nov 17, 2015 Nov 17, 2015
Local APIC Elevation of Privilege
Sep 3, 2015 Aug 4, 2015
Configuration Bypass During S3 Resume
Aug 13, 2015 Jun 29, 2015
Potential Vulnerability with Intel® LAN Products with SR-IOV
Aug 12, 2015 Aug 12, 2015
Potential vulnerability in Intel® SSD Pro 1500 Series (Opal ready SKU)
Jul 13, 2015 Jul 13, 2015
Enhanced Protection of UEFI Variables
Apr 3, 2015 May 27, 2014
Privilege Elevation Issue Affecting Some Intel® Solid-State Drive Data Center Family for PCIe Products
Feb 9, 2015 Feb 9, 2015
BIOS Security Updates for Multiple Issues
Jan 7, 2015 Dec 23, 2014
ASLR bypass issue affecting multiple Intel® Software Development Products
Nov 3, 2014 Sep 22, 2014
Multiple Security Issues with Intel® Manycore Platform Software Stack (Intel® MPSS) release 3.x
Aug 26, 2014 Aug 26, 2014
Multiple Intel Software Products and API Services impacted by CVE-2014-0160 Apr 30, 2014 Apr 15, 2014
Intel® Manycore Platform Software Stack Privilege Escalation
Mar 31, 2014 Mar 31, 2014
SINIT Authenticated Code Module Privilege Escalation
Jul 1, 2013 Jul 1, 2013
Potential for Signature Integrity Compromise and HMAC secret recovery in Intel® Integrated Performance Primitives (Intel® IPP) Cryptography Domain
Oct 29, 2012 Oct 29, 2012
Potential for signature integrity compromise in Intel® Integrated Performance Primitives (Intel® IPP) Cryptography Domain
Sep 11, 2012 Sep 11, 2012
Privilege Escalation in Intel® Hybrid Cloud (IHC)
Jul 19, 2012 Jul 10, 2012
Low Entropy RSA Issue in Intel EPSD Baseboard Management Controller (BMC) Firmware
Jul 3, 2012 Jul 3, 2012
SINIT Buffer Overflow Vulnerability
Dec 6, 2011 Dec 5, 2011
Intel® Active System Console v4.4 and Intel® Multi-Server Manager v1.0 Denial of Service
Aug 8, 2011 Aug 8, 2011
Intel® Ethernet 82598 and 82599 10 Gigabit Ethernet Controller Denial of Service.
May 18, 2011 May 18, 2011
Intel® C++ Compiler and Intel® Fortran Compiler Insecure File Permission Local Privilege Escalation Vulnerability Dec 20, 2010 Dec 21, 2010
Intel®Xeon® 5500, 5600 Series Baseboard Management Component (BMC) Firmware Privilege Escalation
Nov 1, 2010 Nov 1, 2010
Intel® Math Kernel Library Insecure File Permission Local Privilege Escalation
Jul 23, 2010 Jul 20, 2010
OpenSSL* vulnerability – Software Development Tools for Intel® Active Management Technology (Intel® AMT)
Jul 20, 2010 Jul 20, 2010
Intel® Active Management Technology Software Development Kit Remote Code Execution
Mar 29, 2010 Mar 29, 2010
Intel® Desktop Boards Privilege Escalation
Feb 16, 2010 Feb 1, 2010
SINIT misconfiguration allows for Privilege Escalation
Dec 21, 2009
Dec 21, 2009
Intel® Desktop Board Buffer Overflow Local Privilege Escalation
Oct 30, 2009 Oct 30, 2009
New BIOS available for Intel® Desktop Board products BIOS to prevent unauthorized downgrading to a previous BIOS version.
Oct 16, 2009 Oct 16, 2009
Intel® Desktop and Intel® Server Boards Privilege Escalation
Oct 5, 2009 Jul 28, 2009
Intel Keyboard Buffer Information Disclosure Vulnerability Aug 25, 2008 Aug 25, 2008
Intel® Desktop and Intel® Mobile Boards Privilege Escalation
Aug 25, 2008 Aug 25, 2008
Intel® LAN Driver Buffer Overflow Local Privilege Escalation
Jan 24, 2008 Jan 12, 2007
Intel® Enterprise Southbridge 2 Baseboard Management Controller Denial of Service
Jan 19, 2007 Jan 19, 2007
Intel® Centrino Wireless Driver Malformed Frame Privilege Escalation Jan 12, 2007 Jan 12, 2007
Intel® Centrino Wireless Driver Malformed Frame Remote Code Execution
Jan 12, 2007 Jan 12, 2007
Intel® PROSet/Wireless Software Local Information Disclosure
Jan 12, 2007 Jan 12, 2007

Report a Vulnerability

If you have information about a security issue or vulnerability with an Intel branded product or technology, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

  • The products and versions affected
  • Detailed description of the vulnerability
  • Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

For issues related to Intel managed open source projects, please visit http://www.01.org/security

Intel's Bug Bounty Program

Intel Corporation believes that working with skilled security researchers across the globe is a crucial part of identifying and mitigating security vulnerabilities in Intel products.

Like other major technology companies, Intel incentivizes security researchers to report security vulnerabilities in Intel products to us to enable a coordinated response. To encourage closer collaboration with the security research community on these kinds of issues, Intel created its Bug Bounty Program.

If you believe you've found a security vulnerability in an Intel product or technology, we encourage you to notify us through our program and work with us to mitigate and to coordinate disclosure of the vulnerability.

Read full details.

Need product support?

The secure@intel.com e-mail address should only be used for reporting security issues.

If you...

  • Have questions about the security features of an Intel product
  • Require technical support
  • Want product updates or patches


Please visit Support & Downloads.