[German]Intel published security advisories on January 14, 2020 on various vulnerabilities in its products. These security advisories refer to fixes or workarounds for vulnerabilities identified in Intel products.
Advertising
Blog reader Ismail has additionally informed me by mail about these security warnings, which are available on this Intel page.
- Intel® DAAL Advisory: INTEL-SA-00332, A potential vulnerability in Intel® Data Analytics Acceleration Library (DAAL) could allow information disclosure. Intel is releasing software updates to address this potential vulnerability.
- Intel® VTune™ Amplifier for Windows* Advisory: INTEL-SA-00325, A potential vulnerability in Intel® VTune™ amplifier for Windows* may allow an escalation of privilege. Intel is releasing software updates to address this potential vulnerability. CVE-2019-14613 describes that improper access control in the driver for Intel(R) VTune(TM) Amplifier for Windows* prior to update 8 may allow an authenticated user to enable escalation of privilege via local access.
- Intel® Processor Graphics Advisory: INTEL-SA-00314, A potential vulnerability in Intel® Processor Graphics may allow information disclosure. Intel will release software updates to address this potential vulnerability.
- Intel® RWC 3 for Windows* Advisory: INTEL-SA-00308: A potential security vulnerability in Intel® RAID Web Console (RWC) 3 for Windows* may allow permissions to be escalated. Intel is releasing software updates to address this potential vulnerability. CVE-2019-14601: Incorrect permissions in the Intel(R) RWC 3 for Windows installer prior to version 7.010.009.000 could allow an authenticated user to potentially enable permission escalation via local access.
- Intel® Chipset Device Software Advisory: INTEL-SA-00306, a potential security vulnerability in the Intel® Chipset Device Software INF Utility may allow the disclosure of information. Intel is releasing software updates to address this potential vulnerability.
- Intel® SNMP Subagent Stand-Alone Advisory for Windows*: INTEL-SA-00300, a potential vulnerability in the Intel® SNMP Subagent Stand-Alone for Windows* can allow permissions to escalate. Intel is not releasing updates to address this potential vulnerability and has issued a product announcement for Intel® SNMP Subagent Stand-Alone for Windows*.
More details can be found in the linked individual articles. Bleeping Computer has published something here, and there is also this blog post from Intel.
