Rewterz Threat Alert – Mirai Botnet – Active IOCs
August 10, 2022Rewterz Threat Advisory – Multiple Intel AMT and Standard Manageability Vulnerabilities
August 10, 2022Rewterz Threat Alert – Mirai Botnet – Active IOCs
August 10, 2022Rewterz Threat Advisory – Multiple Intel AMT and Standard Manageability Vulnerabilities
August 10, 2022Severity
High
Analysis Summary
CVE-2022-34488 CVSS:7.5
Intel NUC Laptop Kit could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper buffer restrictions in the firmware. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-34345 CVSS:6.9
Intel NUC Laptop Kit could allow a physical authenticated attacker to gain elevated privileges on the system, caused by improper input validation in the firmware. By performing specially-crafted operations, an attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-33209 CVSS:8.2
Intel NUC Laptop Kit could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper input validation in the firmware. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-32579 CVSS:6.9
Intel NUC Laptop Kit could allow a physical authenticated attacker to gain elevated privileges on the system, caused by improper initialization in the firmware. By performing specially-crafted operations, an attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-28858 CVSS:8.2
Intel NUC Laptop Kit could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper buffer restriction in the firmware. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-27493 CVSS:7.5
Intel NUC Laptop Kit could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper initialization in the firmware. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2022-34488
- CVE-2022-34345
- CVE-2022-33209
- CVE-2022-32579
- CVE-2022-28858
- CVE-2022-27493
Affected Vendors
Intel
Affected Products
- Intel NUC M15 Laptop Kit LAPBC510
- Intel NUC M15 Laptop Kit LAPBC710
Remediation
Refer to INTEL Security Advisory for patch, upgrade or suggested workaround information.
INTEL Security Advisory