Rewterz Threat Advisory – Multiple Intel processors Vulnerabilities
February 15, 2023Rewterz Threat Alert – Amadey Botnet – Active IOCs
February 15, 2023Rewterz Threat Advisory – Multiple Intel processors Vulnerabilities
February 15, 2023Rewterz Threat Alert – Amadey Botnet – Active IOCs
February 15, 2023Severity
High
Analysis Summary
CVE-2022-36348 CVSS:8.8
Intel Server Platform Services (SPS) could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the active debug code. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-36794 CVSS:6
Intel Server Platform Services (SPS) is vulnerable to a denial of service, caused by improper condition check. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Privilege Escalation
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-36348
- CVE-2022-36794
Affected Vendors
Intel
Affected Products
- Intel Server Platform Services SPS_E5_04
- Intel Server Platform Services SPS_E3_06
Remediation
Refer to Intel Security Advisory for patch, upgrade or suggested workaround information.