Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
March 9, 2022Rewterz Threat Advisory – Multiple SAP Vulnerabilities
March 9, 2022Severity
High
Analysis Summary
CVE-2022-0002
Multiple Intel Processors could allow a local authenticated attacker to obtain sensitive information, caused by an issue with non-transparent sharing of branch predictor selectors between contexts. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2022-0001
Multiple Intel Processors could allow a local authenticated attacker to obtain sensitive information, caused by an issue with non-transparent sharing of branch predictor selectors between contexts. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2021-33150
Multiple Intel products could allow a physical attacker to gain elevated privileges on the system, caused by an issue with hardware allows activation of test or debug logic at runtime. By performing specially-crafted operations, an attacker could exploit this vulnerability to gain elevated privileges.
Impact
- Information Disclosure
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2022-0002
- CVE-2022-0001
- CVE-2021-33150
Affected Vendors
Intel
Affected Products
- Intel Xeon Scalable Processor
- Intel 6th Gen Core Processors
- Intel 7th Gen Core Processors
- Intel 8th Gen Core Processors
- Intel Atom Processor A Series
Remediation
Refer to INTEL Security Advisory for patch, upgrade or suggested workaround information.