Potential security vulnerabilities in some Intel® XMM™ 7560 Modem software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities.
CVEID: CVE-2022-26513
Description: Out-of-bounds write in some Intel® XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 and M2_7560_V2_01.2146.00 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVSS Base Score: 8.0 High
CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H
CVEID: CVE-2022-27874
Description: Improper authentication in some Intel® XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 and M2_7560_V2_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access.
CVSS Base Score: 6.8 Medium
CVSS Vector: CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
CVEID: CVE-2022-28611
Description: Improper input validation in some Intel® XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 and M2_7560_V2_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access.
CVSS Base Score: 6.8 Medium
CVSS Vector: CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
CVEID: CVE-2022-26369
Description: Out-of-bounds read in some Intel® XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 and M2_7560_V2_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via adjacent access.
CVSS Base Score: 6.2 Medium
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
CVEID: CVE-2022-28126
Description: Improper input validation in some Intel® XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 and M2_7560_V2_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 6.0 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVEID: CVE-2022-26367
Description: Improper buffer restrictions in some Intel® XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 and M2_7560_V2_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 6.0 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
CVEID: CVE-2022-26079
Description: Improper conditions check in some Intel® XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 and M2_7560_V2_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 6.0 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVEID: CVE-2022-27639
Description: Incomplete cleanup in some Intel® XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 and M2_7560_V2_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via adjacent access.
CVSS Base Score: 5.4 Medium
CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
CVEID: CVE-2022-26045
Description: Improper buffer restrictions in some Intel® XMM™ 7560 Modem software before version M2_7560_R_01.2146.00 and M2_7560_V2_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access.
CVSS Base Score: 3.3 Low
CVSS Vector: CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L
Intel® XMM™ 7560 Modem M.2 software for Windows or Linux before version M2_7560_R_01.2146.00.
Intel® XMM™ 7560 Modem M.2 software for Windows or Linux before version M2_7560_V2_01.2146.00.
Intel recommends that users of Intel® XMM™ 7560 Modem M.2 software for Windows or Linux update to the latest version provided by the system manufacturer that addresses these issues.
These issues were found internally by Intel employee Bharats Chandra.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.