Intel Patches Critical and High-Severity Vulnerabilities

February 15, 2023

Intel has released patches for multiple critical- and high-severity vulnerabilities across its product portfolio, including CVE-2021-39296 (CVSS score of 10), which impacts the Integrated Baseboard Management Controller (BMC) and OpenBMC firmware of several Intel platforms. This bug could allow an attacker to obtain root access to the BMC, bypassing authentication using crafted IPMI messages. Four other vulnerabilities were addressed in BMC and OpenBMC firmware, including a high-severity out-of-bounds read issue that could lead to denial-of-service (DoS). Intel also released updates to resolve high-severity privilege escalation defects in the BIOS firmware and Trusted Execution Technology (TXT) Secure Initialization (SINIT) Authenticated Code Modules (ACM) of some processors, as well as high- and medium-severity vulnerabilities in Battery Life Diagnostic Tool, oneAPI Toolkits, System Usage Report (SUR), Server Platform Services (SPS) firmware, and Quartus Prime Pro and Standard edition software. Intel recommends that users update to the latest available firmware and software versions as soon as possible.

Latest News

• Arris Routers Vulnerable to Remote Code Execution
• Fortinet Releases Security Updates for FortiNAC and FortiWeb
• SolarWinds Patches High-Severity Vulnerabilities
• ProxyShellMiner Exploits Microsoft Exchange Vulnerabilities
• CISA Adds Four Security Vulnerabilities to Known Exploited List