November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Advisory – Multiple Microsoft SQL Vulnerabilities
February 15, 2023Rewterz Threat Advisory – Multiple Microsoft Exchange Server Vulnerabilities
February 15, 2023Rewterz Threat Advisory – Multiple Microsoft SQL Vulnerabilities
February 15, 2023Rewterz Threat Advisory – Multiple Microsoft Exchange Server Vulnerabilities
February 15, 2023
Severity
High
Analysis Summary
CVE-2022-37340 CVSS:6.7
Intel QuickAssist Technology (QAT) drivers for Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path. By placing a specially-crafted file in the search path, an attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-36397 CVSS:7.3
Intel QuickAssist Technology (QAT) drivers for Linux could allow a local authenticated attacker to gain elevated privileges on the system, caused by incorrect default permissions in the software installer. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2022-37340
- CVE-2022-36397
Affected Vendors
Intel
Affected Products
- Intel QuickAssist Technology for Windows
- Intel QuickAssist Technology for Linux
Remediation
Refer to Intel Security Advisory for patch, upgrade or suggested workaround information.