Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
September 18, 2023
Severity Medium Analysis Summary Lumma is an information stealer that is sold as a Malware-as-a-Service (MaaS) on Russian-speaking underground forums and Telegram. Lumma is an information […]September 18, 2023Severity Medium Analysis Summary CVE-2023-4948 CVSS:4.3 WooCommerce CVR Payment Gateway Plugin for WordPress could allow a remote attacker to bypass security restrictions, caused by missing capability […]September 18, 2023Severity High Analysis Summary Microsoft has stated that a ransomware group working with an initial access broker has recently started using Microsoft Teams for their phishing […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
September 18, 2023Severity Medium Analysis Summary Lumma is an information stealer that is sold as a Malware-as-a-Service (MaaS) on Russian-speaking underground forums and Telegram. Lumma is an information […]September 18, 2023Severity Medium Analysis Summary CVE-2023-4948 CVSS:4.3 WooCommerce CVR Payment Gateway Plugin for WordPress could allow a remote attacker to bypass security restrictions, caused by missing capability […]September 18, 2023Severity High Analysis Summary Microsoft has stated that a ransomware group working with an initial access broker has recently started using Microsoft Teams for their phishing […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Rewterz Threat Advisory – CVE-2022-41103 – Microsoft Word Vulnerability
November 10, 2022Rewterz Threat Advisory – Intel Quartus Prime Pro and Intel Quartus Prime Standard Vulnerabilities
November 11, 2022
Severity
Medium
Analysis Summary
CVE-2022-26047 CVSS:4.3
Intel devices are vulnerable to a denial of service, caused by improper input validation. A remote attacker within the local network could exploit this vulnerability to cause a denial of service.
CVE-2022-26086 CVSS:6.7
Intel PresentMon could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path element. An attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-30297 CVSS:3.8
Intel Endpoint Management Assistant could allow a local authenticated attacker to gain elevated privileges on the system, caused by cross-site scripting. An attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-33973 CVSS:3.3
Intel WLAN Authentication and Privacy Infrastructure Security software for Windows 10/11 could allow a local authenticated attacker to obtain sensitive information, caused by improper access control. An attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system.
CVE-2022-36367 CVSS:4.4
Intel Support Android application could allow a local authenticated attacker to obtain sensitive information, caused by incorrect default permissions. An attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system.
CVE-2022-30691 CVSS:5.9
Intel Support Android application is vulnerable to a denial of service, caused by uncontrolled resource consumption. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2022-26341 CVSS:8.2
Intel Active Management Technology (AMT) SDK, Endpoint Management Assistant (EMA), and Manageability Commander could allow a remote authenticated attacker to gain elevated privileges on the system, caused by insufficiently protected credentials. An attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-26028 CVSS:6.7
Intel VTune Profiler software could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path. An attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-21198 CVSS:7.9
Intel processors could allow a local authenticated attacker to gain elevated privileges on the system, caused by a time-of-check time-of-use race condition in the BIOS firmware. An attacker could exploit this vulnerability to gain elevated privileges.
CVE-2021-33064 CVSS:6.7
Intel System Studio could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path in the software installer. An attacker could exploit this vulnerability to gain elevated privileges.
CVE-2021-26251 CVSS:5.3
Intel Distribution of OpenVINO Toolkit is vulnerable to a denial of service, caused by improper input validation. A remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2022-30548 CVSS:6.7
Intel Glorp could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path element. An attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-27499 CVSS:2.5
Intel SGX SDK could allow a local authenticated attacker to obtain sensitive information, caused by the premature release of resource during expected lifetime. An attacker could exploit this vulnerability to obtain sensitive information.
CVE-2022-26006 CVSS:8.2
Intel could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper input validation in the BIOS firmware. An attacker could exploit this vulnerability to gain elevated privileges on the system.
Impact
- Denial of Service
- Privilege Escalation
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2022-26047
- CVE-2022-26086
- CVE-2022-30297
- CVE-2022-33973
- CVE-2022-36367
- CVE-2022-30691
- CVE-2022-26341
- CVE-2022-26028
- CVE-2022-21198
- CVE-2021-33064
- CVE-2021-26251
- CVE-2022-30548
- CVE-2022-27499
- CVE-2022-26006
Affected Vendors
Intel
Affected Products
- Intel PresentMon 1.6.9
- Intel PresentMon 1.7.0
- Intel Endpoint Management Assistant 1.7.8
- Intel Endpoint Management Assistant 1.7.9
- Intel WLAN Authentication and Privacy Infrastructure Security software for Windows 10/11 22.2149.0.0
- Intel WLAN Authentication and Privacy Infrastructure Security software for Windows 10/11 22.2150.0.0
- Intel Support Android application 21.7.39
- Intel Support Android application 22.02.27
- Intel Active Management Technology 16.0.4.0
- Intel Endpoint Management Assistant 1.7.0
- Intel Manageability Commander 2.3.1
- Intel VTune Profiler 2022
- Intel VTune Profiler 2022.1
- Intel 10th Generation Intel Core Processor Family
- Intel 12th Gen Intel Core processor
- Intel Xeon E processor family
- Intel System Studio
- Intel Distribution of OpenVINO Toolkit 2021.4.0
- Intel Distribution of OpenVINO Toolkit 2021.4.1
- Intel Glorp 1.0.0
- Intel Xeon E Processor
Remediation
Refer to INTEL Security Advisory for patch, upgrade or suggested workaround information.
CVE-2022-26047
CVE-2022-26086
CVE-2022-30297
CVE-2022-33973
CVE-2022-36367
CVE-2022-30691
CVE-2022-26341
CVE-2022-26028
CVE-2022-21198
CVE-2021-33064
CVE-2021-26251
CVE-2022-30548
CVE-2022-27499
CVE-2022-26006