- 181/2022
- High
Intel has released security updates to address vulnerabilities in multiple products. The attackers could exploit some of these vulnerabilities to escalate privileges, disclose information or cause denial of service.
The released security updates are to address multiple products such as Intel Data Center Manager, Intel Active Management Technology (AMT) and Intel Standard Manageability, Intel® Driver & Support Assistant (DSA), Intel® PROSet/Wireless WiFi, Intel Ethernet 500/700 Series Controller drivers for VMWare, Intel Hardware Accelerated Execution Manager (HAXM), BIOS firmware for some Intel Processors and some of Intel Processors.
Samples of the addressed vulnerabilities:
- Intel Data Center Manager Software Privilege Escalation Vulnerability(CVE-2022-21225):
- CVSS: 9
- Attack Vector: Adjacent Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Consequences: Gain Privileges
- Intel AMT and Standard Manageability Privilege Escalation Vulnerability (CVE-2022-30601):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Gain Privileges
- Intel HAXM Privilege Escalation Vulnerability (CVE-2022-21812):
- CVSS: 8.8
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Consequences: Gain Privileges
Vulnerabilities
Addressed vulnerabilities identified with each Intel product in the below link:
https://www.intel.com/content/www/us/en/security-center/default.html
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.
https://www.intel.com/content/www/us/en/security-center/default.html