Security News > 2020 > November > Colossal Intel Update Anchored by Critical Privilege-Escalation Bugs
A massive Intel security update this month addresses flaws across a myriad of products - most notably, critical bugs that can be exploited by unauthenticated cybercriminals in order to gain escalated privileges.
These critical flaws exist in products related to Wireless Bluetooth - including various Intel Wi-Fi modules and wireless network adapters - as well as in its remote out-of-band management tool, Active Management Technology.
One critical-severity vulnerability exists in Intel AMT and Intel Standard Manageability.
ISM has a similar function as AMT. The flaw which ranks 9.4 out of 10 on the CvSS vulnerability-severity scale, stems from an out-of-bounds write error in IPv6 subsystem for Intel AMT and Intel ISM. If exploited, the flaw could allow an unauthenticated user to gain escalated privileges.
Other high-severity flaws include an improper buffer restriction in Intel Thunderbolt DCH drivers for Windows; an improper access-control hole in Intel's Extreme Tuning Utility and an improper input-validation flaw in the Intel Data Center Manager Console.
News URL
https://threatpost.com/intel-update-critical-privilege-escalation-bugs/161087/