Request a Demo
Rewterz
Rewterz Threat Advisory – Multiple Intel AMT Vulnerabilities
November 11, 2022
Rewterz
Rewterz Threat Advisory – Multiple Intel NUC BIOS and NUC Kit Wireless Adapter Vulnerabilities
November 11, 2022

Rewterz Threat Advisory – Multiple Intel XMM 7560 Modem Software Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2022-26045 CVSS:3.3
Intel XMM 7560 Modem software could allow a physical authenticated attacker to gain elevated privileges on the system, caused by improper buffer restrictions. An attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2022-28611 CVSS:6.8
Intel XMM 7560 Modem software could allow a physical attacker to gain elevated privileges on the system, caused by improper input validation. An attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2022-27874 CVSS:6.8
Intel XMM 7560 Modem software could allow a physical attacker to gain elevated privileges on the system, caused by improper authentication. An attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2022-26513 CVSS:8
Intel XMM 7560 Modem software could allow a remote attacker to gain elevated privileges on the system, caused by an out-of-bounds write. An attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2022-28126 CVSS:6
Intel XMM 7560 Modem software could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper input validation. An attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2022-26367 CVSS:6
Intel XMM 7560 Modem software could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper buffer restrictions. An attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2022-26369 CVSS:6.2
Intel XMM 7560 Modem software could allow a remote attacker from within the local network to gain elevated privileges on the system, caused by an out-of-bounds read. An attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2022-27639 CVSS:5.4
Intel XMM 7560 Modem software could allow a remote authenticated attacker from within the local network to gain elevated privileges on the system, caused by incomplete cleanup. An attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2022-26079 CVSS:6
Intel XMM 7560 Modem software could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper conditions check. An attacker could exploit this vulnerability to gain elevated privileges on the system.

Impact

  • Privilege Escalation

Indicators Of Compromise

CVE

  • CVE-2022-26045
  • CVE-2022-28611
  • CVE-2022-27874
  • CVE-2022-26513
  • CVE-2022-28126
  • CVE-2022-26367
  • CVE-2022-26369
  • CVE-2022-27639
  • CVE-2022-26079

Affected Vendors

Intel

Affected Products

  • Intel XMM 7560 Modem software

Remediation

Refer to INTEL Security Advisory for patch, upgrade or suggested workaround information. 
INTEL Security Advisory