[German]Intel has released several security updates on July 9, 2019 to fix vulnerabilities in Intel Solid State Drives for Data Centers and Intel Processor Diagnostic Tool. One of the vulnerabilities is rated as high.
Advertising
I came across a message from the US-CERT via a private Twitter notification, which refers to the security updates for fixing vulnerabilities in Intel Solid State Drives for Data Centers and Intel Processor Diagnostic Tool.
An attacker could exploit these vulnerabilities to escalate permissions on a previously infected computer. The Cybersecurity and Infrastructure Security Agency (CISA) recommends that users and administrators review the Intel Security Advisories INTEL-SA-00267 and INTEL-SA-00268and perform the necessary updates.
INTEL-SA-00267
INTEL-SA-00267 describes a possible vulnerability (CVE-2018-18095) in Intel® Solid State Drives (SSD) firmware of the S4500/S4600 data center (DC) series. A vulnerability in the firmware may allow permissions to escalate.
CVSS Base Score: 5.3 Medium, affected products:
Intel® SSD DC S4500 Series firmware before SCV10150
Intel® SSD DC S4600 Series firmware before SCV10150
Updates can be downloaded here
Advertising
INTEL-SA-00268
INTEL-SA-00268 describes a potential vulnerability (CVE-2019-11133) in the Intel® Processor Diagnostic Tool. This can allow an escalation of privileges, denial of service or information disclosure.
CVSS Base Score: 8.2 High, affected products:
Intel® Processor Diagnostic Tool for 32-bit before version 4.1.2.24_32bit
Intel® Processor Diagnostic Tool for 64-bit before version 4.1.2.24_64bit
Updates can be downloaded here
Advertising