Intel microcode
This hub aggregates every CVE we track for Intel microcode, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.
20
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
MEDIUM17HIGH3
Monthly trend
0
0
0
0
0
0
0
0
0
0
3
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Intel microcode.
- CVE-2025-20623Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel(R) Core™ processors (10th Generation) may allow an authent...5.6
- CVE-2025-20103Insufficient resource pool in the core management mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.6.5
- CVE-2025-20054Uncaught exception in the core management mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.6.5
- CVE-2023-39368Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network access.6.5
- CVE-2022-41804Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.7.2
- CVE-2023-23908Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.6.0
- CVE-2022-40982Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable ...6.5
- CVE-2022-38090Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local a...6.0
- CVE-2022-33196Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potent...7.2
- CVE-2022-33972Incorrect calculation in microcode keying mechanism for some 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable information disclosure via local a...6.1
- CVE-2022-21216Insufficient granularity of access control in out-of-band management in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privile...7.5
- CVE-2022-21127Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.5.5
- CVE-2021-33120Out of bounds read under complex microarchitectural condition in memory subsystem for some Intel Atom(R) Processors may allow authenticated user to potentially enable information disclosure or caus...5.4
- CVE-2021-0127Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access.5.5
- CVE-2021-0145Improper initialization of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.5.5
Product normalization is registry-driven with AI assist and human review. How it works