Intel patch release fixes over 100 issues including multiple high and critical flaws
Take action: If you are using Intel products, software and management tools review the advisory in detail and plan for patching of the systems. There are 10 serious issues that can become exploited items in the next months.
Intel has released 31 security advisories that detail about 105 security issues. A notable vulnerability patched recently is a CPU defect named Reptar, tracked as CVE-2023-23583 (CVSS3 score 8.8). This defect presents a risk in virtualized environments where an attacker with access to one virtual machine could cause the host and other virtual machines to fail, with the potential for data exposure or increased system privileges.
Furthermore, Intel disclosed a severe vulnerability in its Data Center Manager (DCM) software, tracked as CVE-2023-31273 (CVSS3 score 10) could permit a hacker without authentication to gain elevated privileges through the network.
Alongside Reptar, Intel has highlighted nine other high-severity issues across various products, including oneAPI, Server Board and Server System BIOS firmware, QuickAssist Technology (QAT), NUC software, One Boot Flash Update (OFU) software, Connectivity Performance Suite software, In-Band Manageability software, and Unison software.
Intel's other advisories provide information on vulnerabilities of medium and low severity, completing the list of security concerns addressed in this update cycle.
|ColdFusion Vulnerability Actively Attacked|
|Ivanti reports another critical vulnerability in Endpoint Manager …|
|JumpCloud Security Incident - company Resets customer's API …|
|Critical Splunk Enterprise Vulnerability reported, PoC already available|
|Critical AMI Baseboard management vulnerabilities can brick servers|