On a large-scale patch day, Intel provides updates for security vulnerabilities. These can be used to extend rights.
Hardware manufacturer Intel has published several security warnings for the different firmware components of its devices. Probably the most serious of these relate to the bios of the so-called Infrastructure Processing Units (IPU), i.e. CPUs ultimately intended for use in data centers, but not only.
The total of 16 vulnerabilities in this area allow users to extend rights beyond the operating system. There is also the possibility of a denial of service. Most gaps are apparently due to typical memory errors from C and C++, such as buffer overflows or out-of-bounds writes. Also the control flow is not checked correctly. Physical access is required to exploit the vulnerabilities. All CPUs since the sixth generation of the Core family are affected, i.e. Skylake and Broadwell, server variants derived from them and a gap in Intel’s Atom C3000 .
Other vulnerabilities affect the chipset firmware and Intel AMT , although the vulnerabilities in the latter can also be exploited over the network to escalate privileges. However, this is limited to authenticated users. Another vulnerability in AMT allows reading information about the network. Intel points out that there are only updates to the Intel 100 series that were introduced with Skylake.
Intel closes further security gaps with firmware updates in the chipsets for its WLAN-Bluetooth combinations. The most serious vulnerability here allows attackers to escalate rights via the WLAN. So the attackers just have to be nearby. Several other vulnerabilities also allow a denial of service via the WLAN. The gaps in the WLAN firmware affect the 3100, 8000, 9000 series as well as Intel’s Wi-Fi 6 and 6E series (AX2xx) and the Killer WLAN chips.