July 2, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
APT37 Aka ScarCruft or RedEyes – Active IOCs
May 17, 2024
Multiple Intel Products Vulnerabilities
May 17, 2024
APT37 Aka ScarCruft or RedEyes – Active IOCs
May 17, 2024
Multiple Intel Products Vulnerabilities
May 17, 2024
Severity
High
Analysis Summary
CVE-2023-47165 CVSS:6
Intel Data Center GPU Max Series are vulnerable to a denial of service, caused by improper conditions check. A local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-21864 CVSS:7.8
Intel Arc & Iris Xe Graphics Software could allow a remote attacker to gain elevated privileges on the system, caused by improper neutralization. An authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2024-21809 CVSS:6.7
Intel Quartus Prime Software could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper conditions check. An authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2024-22476 CVSS:10
Intel Neural Compressor Software could allow a remote attacker to gain elevated privileges on the system, caused by improper input validation. An attacker could exploit this vulnerability to gain elevated privileges.
CVE-2024-21843 CVSS:6.7
Intel Computing Improvement Program Software could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path. An authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2024-22390 CVSS:4.4
Intel FPGA Firmware is vulnerable to a denial of service, caused by improper input validation in firmware. A local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-21862 CVSS:6.7
Intel Quartus Prime Software could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path. An authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2024-21837 CVSS:6.7
Intel Quartus Prime Software could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path. An authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2024-21792 CVSS:4.7
Intel Neural Compressor Software could allow a local authenticated attacker to obtain sensitive information, caused by a time-of-check time-of-use race condition. An attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-45320 CVSS:6.7
Intel VTune Profiler Software could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path. An authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2024-21841 CVSS:6.7
Intel Distribution for GDB Software could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path. An authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2024-22095 CVSS:7.2
Intel Server Products UEFI Firmware could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper input validation in PlatformVariableInitDxe driver. An authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2024-21835 CVSS:6.7
Intel XTU Software could allow a local authenticated attacker to gain elevated privileges on the system, caused by insecure inherited permissions. An authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2023-22662 CVSS:5.8
Intel Server Products UEFI Firmware is vulnerable to a denial of service, caused by improper input validation of EpsdSrMgmtConfig. A local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-23980 CVSS:7.5
Intel Server Products UEFI Firmware could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper buffer restrictions in PlatformPfrDxe driver. An authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2024-23487 CVSS:7.5
Intel Server Products UEFI Firmware could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper input validation in UserAuthenticationSmm driver. An authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2024-22382 CVSS:7.5
Intel Server Products UEFI Firmware could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper input validation in PprRequestLog module. An authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2024-24981 CVSS:7.5
Intel Server Products UEFI Firmware could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper input validation in PfrSmiUpdateFw driver. An authenticated attacker could exploit this vulnerability to gain elevated privileges.
Impact
- Denial of Service
- Privilege Escalation
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2023-47165
- CVE-2024-21864
- CVE-2024-21809
- CVE-2024-22476
- CVE-2024-21843
- CVE-2024-22390
- CVE-2024-21862
- CVE-2024-21837
- CVE-2024-21792
- CVE-2023-45320
- CVE-2024-21841
- CVE-2024-22095
- CVE-2024-21835
- CVE-2023-22662
- CVE-2024-23980
- CVE-2024-23487
- CVE-2024-22382
- CVE-2024-24981
Affected Vendors
Intel
Affected Products
- Intel Agilex 7 FPGA and SoC FPGA product families
- Intel Stratix 10 FPGA and SoC FPGA product families
- Intel Data Center GPU Max Series 1100
- Intel Data Center GPU Max Series 1550
- Intel Quartus Prime Lite Edition Design Software 23.0
- Intel Neural Compressor Software 2.4.1
- Intel Computing Improvement Program Software 2.4
- Intel VTune Profiler
- Intel Distribution for GDB Software
- Intel Server D50DNP Family
- Intel XTU Software 7.14.0
- Intel Server M50FCP Family
- Intel Server Board S2600BP Family
Remediation
Refer to Intel Security Advisory for patch, upgrade or suggested workaround information.