- 85/2024
- High
Intel has released security updates to address several vulnerabilities in multiple Intel products.
The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, or perform denial-of-service attacks on the affected products.
Samples of the addressed vulnerabilities:
1. 4th Generation Intel Xeon Processors using Intel SGX or Intel TDX Privilege Escalation Vulnerability (CVE-2023-32666):
- CVSS: 7.2
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: High
- User Interaction: None
- Consequences: Gain Privileges
2. Multiple Intel Processors Denial of Service Vulnerability (CVE-2023-39368):
- CVSS: 6.5
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Denial of Service
Sample of the affected products:
- Intel Xeon D Processor.
- Intel Xeon CPU Max Series processors.
- 4th Generation Intel Xeon Scalable, Platinum, Gold, Silver, and Bronze processors.
Vulnerabilities
- CVE-2023-43490
- CVE-2023-32666
- CVE-2023-39368
- CVE-2023-38575
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.