November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Advisory – Multiple Intel AMT and Standard Manageability Vulnerabilities
August 10, 2022Rewterz Threat Advisory – CVE-2022-26074 – Intel Server Platform Services (SPS) Vulnerability
August 10, 2022Rewterz Threat Advisory – Multiple Intel AMT and Standard Manageability Vulnerabilities
August 10, 2022Rewterz Threat Advisory – CVE-2022-26074 – Intel Server Platform Services (SPS) Vulnerability
August 10, 2022
Severity
High
Analysis Summary
CVE-2022-26844 CVSS:6.7
Intel Single Event API (SEAPI) could allow a local authenticated attacker to gain elevated privileges on the system, caused by an insufficiently protected credentials in the installation binaries. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-26374 CVSS:6.7
Intel Single Event API (SEAPI) could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path flaw in the installation binaries. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-26344 CVSS:6.7
Intel Single Event API (SEAPI) could allow a local authenticated attacker to gain elevated privileges on the system, caused by an incorrect default permissions flaw in the installation binaries. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2022-26844
- CVE-2022-26374
- CVE-2022-26344
Affected Vendors
Intel
Affected Products
Intel Single Event API
Remediation
Refer to INTEL Security Advisory for patch, upgrade or suggested workaround information.
INTEL Security Advisory