Intel® Security Vulnerabilities

Screen SFT DAB 600/C Authentication Bypass / Erase Account

...

Screen SFT DAB 600/C Authentication Bypass / Reset Board Config

...

Screen SFT DAB 600/C Authentication Bypass / Account Creation

...

Screen SFT DAB 600/C Unauthenticated Information Disclosure (userManager.cgx)

Title: Screen SFT DAB 600/C Unauthenticated Information Disclosure (userManager.cgx) Advisory ID: ZSL-2023-5776 Type: Local/Remote Impact: Spoofing, Exposure of System Information, Exposure of Sensitive Information Risk: (3/5) Release Date: 13.05.2023 Summary Screen's new radio DAB Transmitter...

Screen SFT DAB 600/C Authentication Bypass Admin Password Change Exploit

Title: Screen SFT DAB 600/C Authentication Bypass Erase Account Exploit Advisory ID: ZSL-2023-5774 Type: Local/Remote Impact: Privilege Escalation, Security Bypass, DoS Risk: (4/5) Release Date: 13.05.2023 Summary Screen's new radio DAB Transmitter is reaching the highest technology level in...

Screen SFT DAB 600/C Authentication Bypass Reset Board Config Exploit

Title: Screen SFT DAB 600/C Authentication Bypass Reset Board Config Exploit Advisory ID: ZSL-2023-5775 Type: Local/Remote Impact: Privilege Escalation, Security Bypass, DoS Risk: (3/5) Release Date: 13.05.2023 Summary Screen's new radio DAB Transmitter is reaching the highest technology level...

Screen SFT DAB 600/C Authentication Bypass Password Change Exploit

Title: Screen SFT DAB 600/C Authentication Bypass Password Change Exploit Advisory ID: ZSL-2023-5772 Type: Local/Remote Impact: Privilege Escalation, Security Bypass Risk: (4/5) Release Date: 13.05.2023 Summary Screen's new radio DAB Transmitter is reaching the highest technology level in both...

Screen SFT DAB 600/C Authentication Bypass Erase Account Exploit

Title: Screen SFT DAB 600/C Authentication Bypass Erase Account Exploit Advisory ID: ZSL-2023-5773 Type: Local/Remote Impact: Privilege Escalation, Security Bypass, DoS Risk: (4/5) Release Date: 13.05.2023 Summary Screen's new radio DAB Transmitter is reaching the highest technology level in...

Screen SFT DAB 600/C Authentication Bypass Account Creation Exploit

Title: Screen SFT DAB 600/C Authentication Bypass Account Creation Exploit Advisory ID: ZSL-2023-5771 Type: Local/Remote Impact: Privilege Escalation, Security Bypass Risk: (4/5) Release Date: 13.05.2023 Summary Screen's new radio DAB Transmitter is reaching the highest technology level in both...

Intel Unite® Client Software May 2023 Security Update

Intel has informed HP of potential security vulnerability in the Intel® Unite® Client software for Windows, which might allow escalation of privilege. Intel is releasing firmware updates to mitigate these potential vulnerability. Intel has released updates to mitigate the potential vulnerability......

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Monitoring.

Summary Vulnerabilities in IBM® Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring (ITM) components. CVEs: CVE-2023-21830, CVE-2023-21843, CVE-2022-21426 Vulnerability Details ** CVEID: CVE-2022-21426 DESCRIPTION: **An unspecified vulnerability in Java SE related...

Intel® Virtual RAID on CPU (VROC) May 2023 Security Update

Intel has informed HP of potential security vulnerabilities in the Intel® Virtual RAID on CPU (VROC) software, which might allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate...

Security Bulletin: Security vulnerabilities have been identified in IBM Db2 shipped with IBM Security Guardium Key Lifecycle Manager (CVE-2022-43930, CVE-2014-3577, CVE-2022-43927, CVE-2022-43929)

Summary IBM Db2 is shipped as a component of IBM Security Key Lifecycle Manager (SKLM/GKLM). Information about multiple security vulnerabilities affecting IBM Db2 has been published in a security bulletin. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI - IBM® Java SDK CVE-2023-30441

Summary Websphere Application Server (WAS) is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about security vulnerabilities affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section....

People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection

Summary The United States and international cybersecurity authorities are issuing this joint Cybersecurity Advisory (CSA) to highlight a recently discovered cluster of activity of interest associated with a People’s Republic of China (PRC) state-sponsored cyber actor, also known as Volt Typhoon....

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server traditional and Liberty profile shipped with IBM Business Automation Workflow (CVE-2023-30441)

Summary WebSphere Application Server traditional and WebSphere Application Server Liberty profile are shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional and Liberty profile have been...

Intel® Unite® Plugin SDK Advisory

Summary: A potential security vulnerability in the Intel® Unite® Plugin Software Development Kit (SDK) may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-32576 Description: Uncontrolled search path....

Intel® Unite® Client Software Advisory

Summary: A potential security vulnerability in the Intel® Unite® Client software for Windows may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-33963 Description: Incorrect default permissions in...

Intel® Unite® Android App Advisory

Summary: Potential security vulnerabilities in the Intel® Unite® android application may allow information disclosure or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-25179 Description: Uncontrolled...

Intel® Quartus® Prime Pro Software Advisory

Summary: A potential security vulnerability in the Intel® Quartus® Prime Pro edition software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-41693 Description: Uncontrolled search path in the...

Intel® QAT Advisory

Summary: Potential security vulnerabilities in some Intel® QuickAssist Technology (QAT) drivers for Windows may allow escalation of privilege or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-41699...

Intel® DCM Advisory

Summary: Potential security vulnerabilities in the Intel® Data Center Manager (DCM) software may allow escalation of privilege or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-40210 Description:...

Intel® VROC Advisory

Summary: Potential security vulnerabilities in the Intel® Virtual RAID on CPU (VROC) software may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-29919 Description: Use after....

Intel® EMA Configuration Tool and Intel® MC Software Advisory

Summary: A potential security vulnerability in Intel® Endpoint Management Assistant (EMA) Configuration Tool and Intel® Manageability Commander (MC) software may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID:...

Intel® EMA Software Advisory

Summary: A potential security vulnerability in the Intel® Endpoint Management Assistant (EMA) software may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-45128 Description: Improper authorization in the.....

Intel® QAT Driver Advisory

Summary: Potential security vulnerabilities in some Intel® QuickAssist Technology (QAT) drivers may allow escalation of privilege, information disclosure or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID:...

Intel® SUR Software Advisory

Summary: A potential security vulnerability in the Intel® System Usage Report (SUR) software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-40207 Description: Improper access control in the...

Intel® MacCPUID Software Advisory

Summary: A potential security vulnerability in the Intel® MacCPUID software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-27180 Description: Uncontrolled search path in the Intel(R) MacCPUID...

Intel® FPGA Firmware Advisory

Summary: A potential security vulnerability in some Intel® Field Programmable Gate Array (FPGA) products may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-38787 Description: Improper input...

Intel® IPP Cryptography Advisory

Summary: Potential security vulnerabilities in Intel® Integrated Performance Primitives (IPP) Cryptography software may allow information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-37409 Description:...

Intel® SCS Software Advisory

Summary: A potential security vulnerability in the Intel® Setup and Configuration Software (SCS) may allow denial of service. Intel is not releasing updates to mitigate this potential vulnerability and has issued a Product Discontinuation Notice for the Intel® SCS software. Vulnerability Details:.....

Intel® VTuneTM Profiler Advisory

Summary: Potential security vulnerabilities in the Intel® VTune™ Profiler software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-41982 Description: Uncontrolled search path element in the...

Intel® OFU Software Advisory

Summary: Potential security vulnerabilities in the Intel® One Boot Flash Update (OFU) software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-41784 Description: Improper access control in...

Intel® DCM Software Advisory

Summary: Potential security vulnerabilities in the Intel® Data Center Manager (DCM) software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-44619 Description: Insecure storage of sensitive...

Intel ® NUC BIOS Firmware Advisory

Summary: Potential security vulnerabilities in some Intel® NUC firmware may allow escalation of privilege, denial of service or information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-36339 Description:...

Intel® QAT Engine for OpenSSL Advisory

Summary: A potential security vulnerability in the Intel® QuickAssist Technology (QAT) Engine for OpenSSL may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-43507 Description: Improper buffer...

Intel® Smart Campus Android App Advisory

Summary: A potential security vulnerability in the Intel® Smart Campus Android application may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-46645 Description: Uncontrolled resource consumption in the...

Intel® NUC Pro Software Suite Advisory

Summary: Potential security vulnerabilities in the Intel® NUC Pro Software Suite may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-46656 Description: Insecure inherited permissions for the...

Intel® Retail Edge Mobile App Advisory

Summary: Potential security vulnerabilities in the Intel® Retail Edge Mobile application may allow escalation of privilege, denial of service or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-41690...

Intel® NUC Laptop Element Software Advisory

Summary: Potential security vulnerabilities in some Intel® NUC Laptop Element software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-41687 Description: Insecure inherited permissions in the....

Intel® NUC BIOS Update Software Advisory

Summary: A potential security vulnerability in some Intel® NUC Chaco Canyon BIOS update software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-38101 Description: Uncontrolled search path in...

Intel® Connect M Android App Advisory

Summary: Potential security vulnerabilities in the Intel® Connect M Android application may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-41801 Description: Uncontrolled...

Intel® Server Board BMC Firmware Advisory

Summary: Potential security vulnerabilities in some Intel® Server Board Baseboard Management Controller (BMC) firmware may allow escalation of privilege, denial of service or information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability...

Intel® Pathfinder for RISC-V Advisory

Summary: A potential security vulnerability in some Intel® Pathfinder for RISC-V software may allow escalation of privilege. Intel is not releasing updates to mitigate this potential vulnerability and has issued a Product Discontinuation Notice for Intel® Pathfinder for RISC-V. Vulnerability...

Intel® SCS Add-on Software Installer Advisory

Summary: A potential security vulnerability in the Intel® Setup and Configuration Software (SCS) Add-on software installer for Microsoft System Center Configuration Manager (SCCM) may allow escalation of privilege. Intel is not releasing updates to mitigate this potential vulnerability and has...

Security Bulletin: Multiple vulnerabilities in golang affect IBM Db2® REST

Summary IBM Db2® REST is affected by multiple vulnerabilities found in Golang Vulnerability Details CVEID: CVE-2022-41723 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in the HPACK decoder. By sending a specially-crafted HTTP/2 stream, a remote attacker could...

Intel® NUC Software Studio Service Installer Advisory

Summary: A potential security vulnerability in the Intel® NUC Software Studio Service installer may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-38103 Description: Insecure inherited permissions.....

Intel® Trace Analyzer and Collector Software Advisory

Summary: Potential security vulnerabilities in some Intel® Trace Analyzer and Collector software may allow escalation of privilege or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-23569 Description:...

Intel® i915 Graphics Drivers for Linux Advisory

Summary: A potential security vulnerability in some Intel® i915 Graphics drivers for linux may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-28410 Description: Improper restriction of operations...

Intel® oneAPI Toolkit and Component Software Installers Advisory

Summary: A potential security vulnerability in some Intel® oneAPI Toolkit and component software installers may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-22355 Description: Uncontrolled search....