Vulnerability-Lookup

CVE-2024-45332 (GCVE-0-2024-45332)

Vulnerability from cvelistv5 – Published: 2025-05-13 21:03 – Updated: 2025-11-03 19:30

Summary

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Severity ?

5.6 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

CWE

Information Disclosure
CWE-1423 - Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution

Assigner

intel

References

URL

Tags

https://intel.com/content/www/us/en/security-cent…

Impacted products

	Vendor	Product	Version
	n/a	Intel(R) Processors	Affected: See references

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:30:52.919Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/05/13/7"
          },
          {
            "url": "https://comsec.ethz.ch/research/microarch/branch-privilege-injection/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00021.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45332",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-14T13:56:46.683867Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-14T13:57:24.912Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) Processors",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en"
            },
            {
              "cweId": "CWE-1423",
              "description": "Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-13T21:03:12.207Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html",
          "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2024-45332",
    "datePublished": "2025-05-13T21:03:12.207Z",
    "dateReserved": "2024-09-19T03:00:23.104Z",
    "dateUpdated": "2025-11-03T19:30:52.919Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2025/05/13/7\"}, {\"url\": \"https://comsec.ethz.ch/research/microarch/branch-privilege-injection/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2025/05/msg00021.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T19:30:52.919Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-45332\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-14T13:56:46.683867Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-14T13:57:17.969Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5.6, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 5.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"Intel(R) Processors\", \"versions\": [{\"status\": \"affected\", \"version\": \"See references\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html\", \"name\": \"https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Information Disclosure\"}, {\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1423\", \"description\": \"Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution\"}]}], \"providerMetadata\": {\"orgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"shortName\": \"intel\", \"dateUpdated\": \"2025-05-13T21:03:12.207Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-45332\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-03T19:30:52.919Z\", \"dateReserved\": \"2024-09-19T03:00:23.104Z\", \"assignerOrgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"datePublished\": \"2025-05-13T21:03:12.207Z\", \"assignerShortName\": \"intel\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

GHSA-M3HM-6GQP-PF9F

Vulnerability from github – Published: 2025-05-13 21:30 – Updated: 2025-11-03 21:33

Details

Severity ?

5.6 (Medium)


                  
                    CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

5.7 (Medium)


                  
                    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-45332"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-13T21:16:01Z",
    "severity": "MODERATE"
  },
  "details": "Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
  "id": "GHSA-m3hm-6gqp-pf9f",
  "modified": "2025-11-03T21:33:54Z",
  "published": "2025-05-13T21:30:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45332"
    },
    {
      "type": "WEB",
      "url": "https://comsec.ethz.ch/research/microarch/branch-privilege-injection"
    },
    {
      "type": "WEB",
      "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00021.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2025/05/13/7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

FKIE_CVE-2024-45332

Vulnerability from fkie_nvd - Published: 2025-05-13 21:16 - Updated: 2025-11-03 20:16

Severity ?

5.6 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Summary

References

	URL	Tags
	secure@intel.com	https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2025/05/13/7
	af854a3a-2127-422b-91ae-364da2661108	https://comsec.ethz.ch/research/microarch/branch-privilege-injection/
	af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/05/msg00021.html

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
    },
    {
      "lang": "es",
      "value": "La exposici\u00f3n de informaci\u00f3n confidencial causada por el estado del predictor microarquitect\u00f3nico compartido que influye en la ejecuci\u00f3n transitoria en los predictores de rama indirecta para algunos Intel(R) Processors puede permitir que un usuario autenticado habilite potencialmente la divulgaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso local."
    }
  ],
  "id": "CVE-2024-45332",
  "lastModified": "2025-11-03T20:16:30.310",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.1,
        "impactScore": 4.0,
        "source": "secure@intel.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "HIGH",
          "attackRequirements": "PRESENT",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 5.7,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "secure@intel.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-05-13T21:16:01.230",
  "references": [
    {
      "source": "secure@intel.com",
      "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2025/05/13/7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://comsec.ethz.ch/research/microarch/branch-privilege-injection/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00021.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Awaiting Analysis"
}

CNVD-2025-21314

Vulnerability from cnvd - Published: 2025-09-16

Title

Intel Processors信息泄露漏洞

Description

Intel Processors是英特尔公司生产的处理器系列，涵盖笔记本电脑、台式机、工作站及服务器等多个领域，提供从基础到专业级的性能支持。 Intel Processors存在信息泄露漏洞，该漏洞源于共享微架构预测器状态敏感信息泄露，攻击者可利用该漏洞导致本地信息泄露。

Severity

低

Patch Name

Intel Processors信息泄露漏洞的补丁

Patch Description

Intel Processors是英特尔公司生产的处理器系列，涵盖笔记本电脑、台式机、工作站及服务器等多个领域，提供从基础到专业级的性能支持。 Intel Processors存在信息泄露漏洞，该漏洞源于共享微架构预测器状态敏感信息泄露，攻击者可利用该漏洞导致本地信息泄露。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级程序修复该安全问题，详情见厂商官网： https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html

Reference

http://www.openwall.com/lists/oss-security/2025/05/13/7

Impacted products

Name
Intel Processors

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-45332",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-45332"
    }
  },
  "description": "Intel Processors\u662f\u82f1\u7279\u5c14\u516c\u53f8\u751f\u4ea7\u7684\u5904\u7406\u5668\u7cfb\u5217\uff0c\u6db5\u76d6\u7b14\u8bb0\u672c\u7535\u8111\u3001\u53f0\u5f0f\u673a\u3001\u5de5\u4f5c\u7ad9\u53ca\u670d\u52a1\u5668\u7b49\u591a\u4e2a\u9886\u57df\uff0c\u63d0\u4f9b\u4ece\u57fa\u7840\u5230\u4e13\u4e1a\u7ea7\u7684\u6027\u80fd\u652f\u6301\u3002\n\nIntel Processors\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5171\u4eab\u5fae\u67b6\u6784\u9884\u6d4b\u5668\u72b6\u6001\u654f\u611f\u4fe1\u606f\u6cc4\u9732\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u672c\u5730\u4fe1\u606f\u6cc4\u9732\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u7a0b\u5e8f\u4fee\u590d\u8be5\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u89c1\u5382\u5546\u5b98\u7f51\uff1a\r\nhttps://intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-21314",
  "openTime": "2025-09-16",
  "patchDescription": "Intel Processors\u662f\u82f1\u7279\u5c14\u516c\u53f8\u751f\u4ea7\u7684\u5904\u7406\u5668\u7cfb\u5217\uff0c\u6db5\u76d6\u7b14\u8bb0\u672c\u7535\u8111\u3001\u53f0\u5f0f\u673a\u3001\u5de5\u4f5c\u7ad9\u53ca\u670d\u52a1\u5668\u7b49\u591a\u4e2a\u9886\u57df\uff0c\u63d0\u4f9b\u4ece\u57fa\u7840\u5230\u4e13\u4e1a\u7ea7\u7684\u6027\u80fd\u652f\u6301\u3002\r\n\r\nIntel Processors\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5171\u4eab\u5fae\u67b6\u6784\u9884\u6d4b\u5668\u72b6\u6001\u654f\u611f\u4fe1\u606f\u6cc4\u9732\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u672c\u5730\u4fe1\u606f\u6cc4\u9732\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Intel Processors\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Intel Processors"
  },
  "referenceLink": "http://www.openwall.com/lists/oss-security/2025/05/13/7",
  "serverity": "\u4f4e",
  "submitTime": "2025-05-28",
  "title": "Intel Processors\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

CERTFR-2025-AVI-0402

Vulnerability from certfr_avis - Published: 2025-05-14 - Updated: 2025-05-14

De multiples vulnérabilités ont été découvertes dans les produits Intel. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Intel	N/A	Intel RealSense SDK software versions antérieures à 2.56.2.
Intel	N/A	Intel Advisor standalone component software software versions antérieures à 2024.2.
Intel	N/A	Intel Server Board D50DNP et M50FCP UEFI versions antérieures à R01.02.0003.
Intel	N/A	Intel Ethernet Connections Boot Utility versions antérieures à 29.4.
Intel	N/A	9th Gen Intel Core processor family
Intel	N/A	OpenVINO model server software maintained by Intel versions antérieures à 2024.4.
Intel	N/A	Intel oneAPI Level Zero software versions antérieures à 1.5.4.
Intel	N/A	NVM Update Utility for Intel Ethernet Network Adapter E810 Series versions antérieures à 4.6.
Intel	N/A	Intel Arc Pro graphics versions antérieures à 32.0.101.6303.
Intel	N/A	Intel Graphics Driver software versions antérieures à 32.0.101.6083_101.5736.
Intel	N/A	Intel oneAPI Base Toolkit versions antérieures à 2024.2.
Intel	N/A	Intel Atom, Pentium et Celeron processor family
Intel	N/A	Intel Iris Xe Dedicated Graphics family
Intel	N/A	Edge Orchestrator software versions antérieures à 24.11 for Intel Tiber Edge Platform.
Intel	N/A	Endurance Gaming Mode software versions antérieures à 1.5.651.0.
Intel	N/A	Intel QAT software versions antérieures à 2.3.0.
Intel	N/A	Intel Network Adapter Driver for Microsoft Windows 11 versions antérieures à 29.4.
Intel	N/A	13th Gen Intel Core processor family
Intel	N/A	12th Gen Intel Core processor family
Intel	N/A	FPGA Support Package for the Intel oneAPI DPC++/C++ Compiler software for Windows versions antérieures à 2025.0.0.
Intel	N/A	7th-10th Gen Intel Core processor family versions antérieures à 31.0.101.2134.
Intel	N/A	Intel Atom, Pentium et Celeron processors versions antérieures à 31.0.101.2134.
Intel	N/A	Intel Arc Graphics family
Intel	N/A	Intel Data Center GPU Flex Series versions antérieures à 32.0.101.6314.
Intel	N/A	10th Gen Intel Core processor family
Intel	N/A	Intel Graphics Windows DCH driver software versions antérieures à 30.0.100.9955.
Intel	N/A	Intel 7th-10th Gen Processor Graphics for Windows driver versions antérieures à 31.0.101.2130:
Intel	N/A	Intel Data Center GPU Flex Series for Windows driver versions antérieures à 31.0.101.4314: Intel Data Center GPU Flex 140 Intel Data Center GPU Flex 170
Intel	N/A	Administrative Tools for Intel Network Adapters versions antérieures à 29.4.
Intel	N/A	Intel Arc et Iris Xe Graphics for Windows driver versions antérieures à 32.0.101.6083/32.0.101.5736:
Intel	N/A	Intel Graphics Drivers pour Intel Arc graphics versions antérieures à 32.0.101.6449/32.0.101.6256.
Intel	N/A	Intel 6th Gen Processor Graphics driver toutes versions.
Intel	N/A	Intel Core Ultra processor family
Intel	N/A	11th Gen Intel Core processor family
Intel	N/A	8th Gen Intel Core processor family
Intel	N/A	Intel Graphics Windows DCH driver software versions antérieures à 30.0.101.1191.
Intel	N/A	Intel Ethernet Adapter Complete Driver Pack versions antérieures à 29.4.
Intel	N/A	7th Gen Intel Core processor family
Intel	N/A	Intel Gaudi software installer versions antérieures à before 1.18.
Intel	N/A	Intel oneAPI DPC++/C++ Compiler software versions antérieures à 2025.0.0
Intel	N/A	Intel Arc™ Pro A-series graphics versions antérieures à 30.0.101.1729.
Intel	N/A	Intel Core Processor with Intel Hybrid Technology
Intel	N/A	Intel Simics Package Manager software versions antérieures à 1.12.0.
Intel	N/A	14th Gen Intel Core processor family
Intel	N/A	Intel Pentium et Celeron processor family
Intel	N/A	Intel Arc™ A-Series graphics versions antérieures à 31.0.101.3277.
Intel	N/A	Intel Iris Xe graphics versions antérieures à 32.0.101.6449/32.0.101.6256.

References

Title

Publication Time

Tags

Bulletin de sécurité Intel INTEL-SA-01268	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01216	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01271	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01290	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01252	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01274	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01293	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01305	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01263	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01244	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01254	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01270	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01272	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01297	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01259	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01278	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01239	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01273	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01180	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01295	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01253	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01243	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01269	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01247	2025-05-13	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-01294	2025-05-13	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Intel RealSense SDK software versions ant\u00e9rieures \u00e0 2.56.2.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Advisor standalone component software software versions ant\u00e9rieures \u00e0 2024.2.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Board D50DNP et M50FCP UEFI versions ant\u00e9rieures \u00e0 R01.02.0003.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Ethernet Connections Boot Utility versions ant\u00e9rieures \u00e0 29.4.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "9th Gen Intel Core processor family",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "OpenVINO model server software maintained by Intel versions ant\u00e9rieures \u00e0 2024.4.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel oneAPI Level Zero software versions ant\u00e9rieures \u00e0 1.5.4.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "NVM Update Utility for Intel Ethernet Network Adapter E810 Series versions ant\u00e9rieures \u00e0 4.6.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Arc Pro graphics versions ant\u00e9rieures \u00e0 32.0.101.6303.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Graphics Driver software versions ant\u00e9rieures \u00e0 32.0.101.6083_101.5736.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel oneAPI Base Toolkit versions ant\u00e9rieures \u00e0 2024.2.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Atom, Pentium et Celeron processor family",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Iris Xe Dedicated Graphics family",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Edge Orchestrator software versions ant\u00e9rieures \u00e0 24.11 for Intel Tiber Edge Platform.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Endurance Gaming Mode software versions ant\u00e9rieures \u00e0 1.5.651.0.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel QAT software versions ant\u00e9rieures \u00e0 2.3.0.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Network Adapter Driver for Microsoft Windows 11 versions ant\u00e9rieures \u00e0 29.4.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "13th Gen Intel Core processor family",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "12th Gen Intel Core processor family",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "FPGA Support Package for the Intel oneAPI DPC++/C++ Compiler software for Windows versions ant\u00e9rieures \u00e0 2025.0.0.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "7th-10th Gen Intel Core processor family versions ant\u00e9rieures \u00e0 31.0.101.2134.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Atom, Pentium et Celeron processors versions ant\u00e9rieures \u00e0 31.0.101.2134.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Arc Graphics family",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Data Center GPU Flex Series versions ant\u00e9rieures \u00e0 32.0.101.6314.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "10th Gen Intel Core processor family",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Graphics Windows DCH driver software versions ant\u00e9rieures \u00e0 30.0.100.9955.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel 7th-10th Gen Processor Graphics for Windows driver versions ant\u00e9rieures \u00e0 31.0.101.2130:",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Data Center GPU Flex Series for Windows driver versions ant\u00e9rieures \u00e0 31.0.101.4314:\n\nIntel Data Center GPU Flex 140\nIntel Data Center GPU Flex 170\n",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Administrative Tools for Intel Network Adapters versions ant\u00e9rieures \u00e0 29.4.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Arc et Iris Xe Graphics for Windows driver versions ant\u00e9rieures \u00e0 32.0.101.6083/32.0.101.5736:",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Graphics Drivers pour Intel Arc graphics versions ant\u00e9rieures \u00e0 32.0.101.6449/32.0.101.6256.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel 6th Gen Processor Graphics driver toutes versions.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Core Ultra processor family",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "11th Gen Intel Core processor family",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "8th Gen Intel Core processor family",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Graphics Windows DCH driver software versions ant\u00e9rieures \u00e0 30.0.101.1191.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Ethernet Adapter Complete Driver Pack versions ant\u00e9rieures \u00e0 29.4.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "7th Gen Intel Core processor family",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Gaudi software installer versions ant\u00e9rieures \u00e0 before 1.18.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel oneAPI DPC++/C++ Compiler software versions ant\u00e9rieures \u00e0 2025.0.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Arc\u2122 Pro A-series graphics versions ant\u00e9rieures \u00e0 30.0.101.1729.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Core Processor with Intel Hybrid Technology",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Simics Package Manager software versions ant\u00e9rieures \u00e0 1.12.0.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "14th Gen Intel Core processor family",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Pentium et Celeron processor family",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Arc\u2122 A-Series graphics versions ant\u00e9rieures \u00e0 31.0.101.3277.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Iris Xe graphics versions ant\u00e9rieures \u00e0 32.0.101.6449/32.0.101.6256.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-20618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20618"
    },
    {
      "name": "CVE-2025-20008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20008"
    },
    {
      "name": "CVE-2024-31150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-31150"
    },
    {
      "name": "CVE-2025-20041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20041"
    },
    {
      "name": "CVE-2025-20043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20043"
    },
    {
      "name": "CVE-2025-21099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21099"
    },
    {
      "name": "CVE-2025-22892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22892"
    },
    {
      "name": "CVE-2025-20084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20084"
    },
    {
      "name": "CVE-2025-20022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20022"
    },
    {
      "name": "CVE-2025-23233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23233"
    },
    {
      "name": "CVE-2025-20095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20095"
    },
    {
      "name": "CVE-2025-20101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20101"
    },
    {
      "name": "CVE-2024-45067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45067"
    },
    {
      "name": "CVE-2024-43420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43420"
    },
    {
      "name": "CVE-2025-22848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22848"
    },
    {
      "name": "CVE-2025-20039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20039"
    },
    {
      "name": "CVE-2025-20006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20006"
    },
    {
      "name": "CVE-2025-22843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22843"
    },
    {
      "name": "CVE-2025-21094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21094"
    },
    {
      "name": "CVE-2025-20616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20616"
    },
    {
      "name": "CVE-2025-22446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22446"
    },
    {
      "name": "CVE-2024-48869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-48869"
    },
    {
      "name": "CVE-2024-28954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28954"
    },
    {
      "name": "CVE-2024-39833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39833"
    },
    {
      "name": "CVE-2025-20003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20003"
    },
    {
      "name": "CVE-2025-20629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20629"
    },
    {
      "name": "CVE-2024-21829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21829"
    },
    {
      "name": "CVE-2025-20018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20018"
    },
    {
      "name": "CVE-2025-22895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22895"
    },
    {
      "name": "CVE-2024-43101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43101"
    },
    {
      "name": "CVE-2025-20013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20013"
    },
    {
      "name": "CVE-2025-22844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22844"
    },
    {
      "name": "CVE-2025-20057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20057"
    },
    {
      "name": "CVE-2025-21100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21100"
    },
    {
      "name": "CVE-2024-47550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47550"
    },
    {
      "name": "CVE-2024-39758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39758"
    },
    {
      "name": "CVE-2024-21859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21859"
    },
    {
      "name": "CVE-2025-20612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20612"
    },
    {
      "name": "CVE-2025-20046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20046"
    },
    {
      "name": "CVE-2024-47800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47800"
    },
    {
      "name": "CVE-2025-24308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24308"
    },
    {
      "name": "CVE-2025-20611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20611"
    },
    {
      "name": "CVE-2024-28047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28047"
    },
    {
      "name": "CVE-2025-20082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20082"
    },
    {
      "name": "CVE-2025-20054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20054"
    },
    {
      "name": "CVE-2025-20034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20034"
    },
    {
      "name": "CVE-2025-20047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20047"
    },
    {
      "name": "CVE-2024-31073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-31073"
    },
    {
      "name": "CVE-2025-20079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20079"
    },
    {
      "name": "CVE-2025-20052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20052"
    },
    {
      "name": "CVE-2024-29222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29222"
    },
    {
      "name": "CVE-2025-21081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21081"
    },
    {
      "name": "CVE-2025-22448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22448"
    },
    {
      "name": "CVE-2025-20015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20015"
    },
    {
      "name": "CVE-2025-20083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20083"
    },
    {
      "name": "CVE-2025-20026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20026"
    },
    {
      "name": "CVE-2025-20624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20624"
    },
    {
      "name": "CVE-2025-20103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20103"
    },
    {
      "name": "CVE-2024-46895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46895"
    },
    {
      "name": "CVE-2024-36292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36292"
    },
    {
      "name": "CVE-2025-20071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20071"
    },
    {
      "name": "CVE-2025-20031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20031"
    },
    {
      "name": "CVE-2025-20100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20100"
    },
    {
      "name": "CVE-2025-20104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20104"
    },
    {
      "name": "CVE-2024-31157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-31157"
    },
    {
      "name": "CVE-2025-20108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20108"
    },
    {
      "name": "CVE-2025-20623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20623"
    },
    {
      "name": "CVE-2025-20076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20076"
    },
    {
      "name": "CVE-2024-28036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28036"
    },
    {
      "name": "CVE-2024-45333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45333"
    },
    {
      "name": "CVE-2024-47795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47795"
    },
    {
      "name": "CVE-2025-20032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20032"
    },
    {
      "name": "CVE-2025-20004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20004"
    },
    {
      "name": "CVE-2025-20009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20009"
    },
    {
      "name": "CVE-2024-31155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-31155"
    },
    {
      "name": "CVE-2025-20062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20062"
    },
    {
      "name": "CVE-2024-45332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45332"
    },
    {
      "name": "CVE-2024-45371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45371"
    },
    {
      "name": "CVE-2025-20030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20030"
    }
  ],
  "initial_release_date": "2025-05-14T00:00:00",
  "last_revision_date": "2025-05-14T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0402",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-05-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
  "vendor_advisories": [
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01268",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01268.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01216",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01216.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01271",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01271.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01290",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01290.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01252",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01252.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01274",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01274.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01293",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01293.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01305",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01305.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01263",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01263.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01244",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01244.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01254",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01254.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01270",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01270.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01272",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01272.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01297",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01297.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01259",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01259.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01278",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01278.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01239",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01239.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01273",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01273.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01180",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01180.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01295",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01295.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01253",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01253.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01243",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01243.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01269",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01269.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01247",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html"
    },
    {
      "published_at": "2025-05-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01294",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01294.html"
    }
  ]
}

CERTFR-2025-AVI-0746

Vulnerability from certfr_avis - Published: 2025-08-29 - Updated: 2025-08-29

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	Cognos Dashboards	Cognos Command Center versions 10.2.4.1 et 10.2.5 antérieures à 10.2.5 FP1 IF1
IBM	Sterling	Sterling Secure Proxy versions 6.1.0.x antérieures à 6.1.0.2 GA
IBM	QRadar	QRadar SIEM versions 7.5.0 antérieures à QRadar 7.5.0 UP13 IF01
IBM	Sterling	Sterling Connect:Direct pour Microsoft Windows versions 6.4.x antérieures à 6.4.0.3
IBM	WebSphere	WebSphere Remote Server versions 9.1, 8.0 et 8.5 sans le dernier correctif de sécurité
IBM	Cognos Dashboards	Cognos Dashboards on Cloud Pak for Data versions 5.x antérieures à 5.2.1
IBM	Sterling	Sterling Secure Proxy versions 6.2.0.x antérieures à 6.2.0.2 GA
IBM	QRadar	QRadar Incident Forensics versions 7.5.0 antérieures à QIF 7.5.0 UP13 IF01
IBM	Sterling	Sterling External Authentication Server versions 6.1.0.x antérieures à 6.1.0.3 GA
IBM	Sterling	Sterling Connect:Direct pour Microsoft Windows versions 6.3.x antérieures à 6.3.0.6
IBM	Db2	Db2 Bridge versions antérieures à 1.1.1

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7243411	2025-08-28	vendor-advisory
Bulletin de sécurité IBM 7242915	2025-08-22	vendor-advisory
Bulletin de sécurité IBM 7243372	2025-08-28	vendor-advisory
Bulletin de sécurité IBM 7242159	2025-08-26	vendor-advisory
Bulletin de sécurité IBM 7243146	2025-08-26	vendor-advisory
Bulletin de sécurité IBM 7242161	2025-08-28	vendor-advisory
Bulletin de sécurité IBM 7243144	2025-08-26	vendor-advisory
Bulletin de sécurité IBM 7243011	2025-08-25	vendor-advisory
Bulletin de sécurité IBM 7243373	2025-08-28	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cognos Command Center versions 10.2.4.1 et 10.2.5 ant\u00e9rieures \u00e0 10.2.5 FP1 IF1",
      "product": {
        "name": "Cognos Dashboards",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Secure Proxy versions 6.1.0.x ant\u00e9rieures \u00e0 6.1.0.2 GA",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar SIEM versions 7.5.0 ant\u00e9rieures \u00e0 QRadar 7.5.0 UP13 IF01",
      "product": {
        "name": "QRadar",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Connect:Direct pour Microsoft Windows versions 6.4.x ant\u00e9rieures \u00e0 6.4.0.3",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Remote Server versions 9.1, 8.0 et 8.5 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cognos Dashboards on Cloud Pak for Data versions 5.x ant\u00e9rieures \u00e0 5.2.1",
      "product": {
        "name": "Cognos Dashboards",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Secure Proxy versions 6.2.0.x ant\u00e9rieures \u00e0 6.2.0.2 GA",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar Incident Forensics versions 7.5.0 ant\u00e9rieures \u00e0 QIF 7.5.0 UP13 IF01",
      "product": {
        "name": "QRadar",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling External Authentication Server versions 6.1.0.x ant\u00e9rieures \u00e0 6.1.0.3 GA",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Connect:Direct pour Microsoft Windows versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.6",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Db2 Bridge versions ant\u00e9rieures \u00e0 1.1.1",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-6531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6531"
    },
    {
      "name": "CVE-2025-4447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4447"
    },
    {
      "name": "CVE-2024-21144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
    },
    {
      "name": "CVE-2025-24789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24789"
    },
    {
      "name": "CVE-2022-50020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-50020"
    },
    {
      "name": "CVE-2025-47944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47944"
    },
    {
      "name": "CVE-2024-50349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50349"
    },
    {
      "name": "CVE-2025-46835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46835"
    },
    {
      "name": "CVE-2024-57980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
    },
    {
      "name": "CVE-2024-43420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43420"
    },
    {
      "name": "CVE-2025-49794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
    },
    {
      "name": "CVE-2025-22004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
    },
    {
      "name": "CVE-2025-27614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27614"
    },
    {
      "name": "CVE-2022-49111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49111"
    },
    {
      "name": "CVE-2025-1470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1470"
    },
    {
      "name": "CVE-2022-49058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49058"
    },
    {
      "name": "CVE-2025-24970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
    },
    {
      "name": "CVE-2024-52006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52006"
    },
    {
      "name": "CVE-2025-4373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
    },
    {
      "name": "CVE-2024-13009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
    },
    {
      "name": "CVE-2025-50106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
    },
    {
      "name": "CVE-2025-48385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48385"
    },
    {
      "name": "CVE-2025-48060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
    },
    {
      "name": "CVE-2024-50154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50154"
    },
    {
      "name": "CVE-2025-27613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27613"
    },
    {
      "name": "CVE-2025-30754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
    },
    {
      "name": "CVE-2024-10917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10917"
    },
    {
      "name": "CVE-2022-49136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49136"
    },
    {
      "name": "CVE-2025-6965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
    },
    {
      "name": "CVE-2022-49846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49846"
    },
    {
      "name": "CVE-2019-17543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17543"
    },
    {
      "name": "CVE-2025-38086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
    },
    {
      "name": "CVE-2025-48384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48384"
    },
    {
      "name": "CVE-2025-7783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
    },
    {
      "name": "CVE-2025-27152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27152"
    },
    {
      "name": "CVE-2025-1471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1471"
    },
    {
      "name": "CVE-2025-38079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
    },
    {
      "name": "CVE-2025-20012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20012"
    },
    {
      "name": "CVE-2025-7425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
    },
    {
      "name": "CVE-2025-37738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
    },
    {
      "name": "CVE-2024-53920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53920"
    },
    {
      "name": "CVE-2025-48976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
    },
    {
      "name": "CVE-2025-21587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
    },
    {
      "name": "CVE-2025-52520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
    },
    {
      "name": "CVE-2024-52533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
    },
    {
      "name": "CVE-2024-28956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28956"
    },
    {
      "name": "CVE-2025-2697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2697"
    },
    {
      "name": "CVE-2025-47935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47935"
    },
    {
      "name": "CVE-2025-50059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
    },
    {
      "name": "CVE-2025-21928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
    },
    {
      "name": "CVE-2025-30761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
    },
    {
      "name": "CVE-2024-47535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
    },
    {
      "name": "CVE-2025-1494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1494"
    },
    {
      "name": "CVE-2025-1994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1994"
    },
    {
      "name": "CVE-2025-52434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
    },
    {
      "name": "CVE-2025-24495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24495"
    },
    {
      "name": "CVE-2025-30698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
    },
    {
      "name": "CVE-2022-49977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49977"
    },
    {
      "name": "CVE-2024-54661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-54661"
    },
    {
      "name": "CVE-2025-37890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
    },
    {
      "name": "CVE-2025-22020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
    },
    {
      "name": "CVE-2025-27533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27533"
    },
    {
      "name": "CVE-2025-6021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
    },
    {
      "name": "CVE-2025-55668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
    },
    {
      "name": "CVE-2025-25193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
    },
    {
      "name": "CVE-2024-58002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
    },
    {
      "name": "CVE-2025-32415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
    },
    {
      "name": "CVE-2025-21905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
    },
    {
      "name": "CVE-2024-23337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
    },
    {
      "name": "CVE-2025-30749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
    },
    {
      "name": "CVE-2025-38052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
    },
    {
      "name": "CVE-2025-2900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2900"
    },
    {
      "name": "CVE-2025-53506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
    },
    {
      "name": "CVE-2019-5427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5427"
    },
    {
      "name": "CVE-2022-49788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49788"
    },
    {
      "name": "CVE-2025-20623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20623"
    },
    {
      "name": "CVE-2025-48997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48997"
    },
    {
      "name": "CVE-2020-5260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-5260"
    },
    {
      "name": "CVE-2025-49796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
    },
    {
      "name": "CVE-2025-21919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
    },
    {
      "name": "CVE-2024-21131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
    },
    {
      "name": "CVE-2024-34397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
    },
    {
      "name": "CVE-2025-21991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
    },
    {
      "name": "CVE-2025-7338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7338"
    },
    {
      "name": "CVE-2025-24790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24790"
    },
    {
      "name": "CVE-2024-45332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45332"
    },
    {
      "name": "CVE-2025-47273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
    },
    {
      "name": "CVE-2025-23150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
    }
  ],
  "initial_release_date": "2025-08-29T00:00:00",
  "last_revision_date": "2025-08-29T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0746",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-08-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2025-08-28",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7243411",
      "url": "https://www.ibm.com/support/pages/node/7243411"
    },
    {
      "published_at": "2025-08-22",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7242915",
      "url": "https://www.ibm.com/support/pages/node/7242915"
    },
    {
      "published_at": "2025-08-28",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7243372",
      "url": "https://www.ibm.com/support/pages/node/7243372"
    },
    {
      "published_at": "2025-08-26",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7242159",
      "url": "https://www.ibm.com/support/pages/node/7242159"
    },
    {
      "published_at": "2025-08-26",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7243146",
      "url": "https://www.ibm.com/support/pages/node/7243146"
    },
    {
      "published_at": "2025-08-28",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7242161",
      "url": "https://www.ibm.com/support/pages/node/7242161"
    },
    {
      "published_at": "2025-08-26",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7243144",
      "url": "https://www.ibm.com/support/pages/node/7243144"
    },
    {
      "published_at": "2025-08-25",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7243011",
      "url": "https://www.ibm.com/support/pages/node/7243011"
    },
    {
      "published_at": "2025-08-28",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7243373",
      "url": "https://www.ibm.com/support/pages/node/7243373"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-45332 (GCVE-0-2024-45332)

GHSA-M3HM-6GQP-PF9F

FKIE_CVE-2024-45332

CNVD-2025-21314

CERTFR-2025-AVI-0402

Solutions

CERTFR-2025-AVI-0746

Solutions

Tags

Sightings

Nomenclature