Intel Patches Critical and High-Severity Vulnerabilities
February 15, 2023
Intel has released patches for multiple critical- and high-severity vulnerabilities across its product portfolio, including CVE-2021-39296 (CVSS score of 10), which impacts the Integrated Baseboard Management Controller (BMC) and OpenBMC firmware of several Intel platforms. This bug could allow an attacker to obtain root access to the BMC, bypassing authentication using crafted IPMI messages. Four other vulnerabilities were addressed in BMC and OpenBMC firmware, including a high-severity out-of-bounds read issue that could lead to denial-of-service (DoS). Intel also released updates to resolve high-severity privilege escalation defects in the BIOS firmware and Trusted Execution Technology (TXT) Secure Initialization (SINIT) Authenticated Code Modules (ACM) of some processors, as well as high- and medium-severity vulnerabilities in Battery Life Diagnostic Tool, oneAPI Toolkits, System Usage Report (SUR), Server Platform Services (SPS) firmware, and Quartus Prime Pro and Standard edition software. Intel recommends that users update to the latest available firmware and software versions as soon as possible.
Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.
By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.
Accelerate Security Teams
Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.