Intel One Boot Flash Update — known CVE vulnerabilities
Every CVE whose affected-product data names Intel One Boot Flash Update, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2022-41784 — CVSS 8.8 (high): Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may allow an authenticated user to…
CVE-2023-32204 — CVSS 8.8 (high): Improper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable…
CVE-2023-29157 — CVSS 8.4 (high): Improper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable…
CVE-2022-42465 — CVSS 7.2 (high): Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may allow a privileged user to…
CVE-2023-25945 — CVSS 6.7 (medium): Protection mechanism failure in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable…
CVE-2023-29161 — CVSS 6.7 (medium): Uncontrolled search path in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable…
CVE-2021-33104 — CVSS 6.5 (medium): Improper access control in the Intel(R) OFU software before version 14.1.28 may allow an authenticated user to potentially enable denial of…