Rewterz Threat Advisory – CVE-2022-41103 – Microsoft Word Vulnerability

November 10, 2022

Rewterz Threat Advisory – Intel Quartus Prime Pro and Intel Quartus Prime Standard Vulnerabilities

November 11, 2022

Rewterz Threat Advisory – Multiple Intel Products Vulnerabilities

November 11, 2022

Severity

Medium

Analysis Summary

CVE-2022-26047 CVSS:4.3
Intel devices are vulnerable to a denial of service, caused by improper input validation. A remote attacker within the local network could exploit this vulnerability to cause a denial of service.

CVE-2022-26086 CVSS:6.7
Intel PresentMon could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path element. An attacker could exploit this vulnerability to gain elevated privileges.

CVE-2022-30297 CVSS:3.8
Intel Endpoint Management Assistant could allow a local authenticated attacker to gain elevated privileges on the system, caused by cross-site scripting. An attacker could exploit this vulnerability to gain elevated privileges.

CVE-2022-33973 CVSS:3.3
Intel WLAN Authentication and Privacy Infrastructure Security software for Windows 10/11 could allow a local authenticated attacker to obtain sensitive information, caused by improper access control. An attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system.

CVE-2022-36367 CVSS:4.4
Intel Support Android application could allow a local authenticated attacker to obtain sensitive information, caused by incorrect default permissions. An attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system.

CVE-2022-30691 CVSS:5.9
Intel Support Android application is vulnerable to a denial of service, caused by uncontrolled resource consumption. A local authenticated attacker could exploit this vulnerability to cause a denial of service.

CVE-2022-26341 CVSS:8.2
Intel Active Management Technology (AMT) SDK, Endpoint Management Assistant (EMA), and Manageability Commander could allow a remote authenticated attacker to gain elevated privileges on the system, caused by insufficiently protected credentials. An attacker could exploit this vulnerability to gain elevated privileges.

CVE-2022-26028 CVSS:6.7
Intel VTune Profiler software could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path. An attacker could exploit this vulnerability to gain elevated privileges.

CVE-2022-21198 CVSS:7.9
Intel processors could allow a local authenticated attacker to gain elevated privileges on the system, caused by a time-of-check time-of-use race condition in the BIOS firmware. An attacker could exploit this vulnerability to gain elevated privileges.

CVE-2021-33064 CVSS:6.7
Intel System Studio could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path in the software installer. An attacker could exploit this vulnerability to gain elevated privileges.

CVE-2021-26251 CVSS:5.3
Intel Distribution of OpenVINO Toolkit is vulnerable to a denial of service, caused by improper input validation. A remote authenticated attacker could exploit this vulnerability to cause a denial of service.

CVE-2022-30548 CVSS:6.7
Intel Glorp could allow a local authenticated attacker to gain elevated privileges on the system, caused by an uncontrolled search path element. An attacker could exploit this vulnerability to gain elevated privileges.

CVE-2022-27499 CVSS:2.5
Intel SGX SDK could allow a local authenticated attacker to obtain sensitive information, caused by the premature release of resource during expected lifetime. An attacker could exploit this vulnerability to obtain sensitive information.

CVE-2022-26006 CVSS:8.2
Intel could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper input validation in the BIOS firmware. An attacker could exploit this vulnerability to gain elevated privileges on the system.

Impact

Denial of Service
Privilege Escalation
Information Disclosure

Indicators Of Compromise

CVE

CVE-2022-26047
CVE-2022-26086
CVE-2022-30297
CVE-2022-33973
CVE-2022-36367
CVE-2022-30691
CVE-2022-26341
CVE-2022-26028
CVE-2022-21198
CVE-2021-33064
CVE-2021-26251
CVE-2022-30548
CVE-2022-27499
CVE-2022-26006

Affected Vendors

Intel

Affected Products

Intel PresentMon 1.6.9
Intel PresentMon 1.7.0
Intel Endpoint Management Assistant 1.7.8
Intel Endpoint Management Assistant 1.7.9
Intel WLAN Authentication and Privacy Infrastructure Security software for Windows 10/11 22.2149.0.0
Intel WLAN Authentication and Privacy Infrastructure Security software for Windows 10/11 22.2150.0.0
Intel Support Android application 21.7.39
Intel Support Android application 22.02.27
Intel Active Management Technology 16.0.4.0
Intel Endpoint Management Assistant 1.7.0
Intel Manageability Commander 2.3.1
Intel VTune Profiler 2022
Intel VTune Profiler 2022.1
Intel 10th Generation Intel Core Processor Family
Intel 12th Gen Intel Core processor
Intel Xeon E processor family
Intel System Studio
Intel Distribution of OpenVINO Toolkit 2021.4.0
Intel Distribution of OpenVINO Toolkit 2021.4.1
Intel Glorp 1.0.0
Intel Xeon E Processor

Remediation

Refer to INTEL Security Advisory for patch, upgrade or suggested workaround information.
CVE-2022-26047
CVE-2022-26086
CVE-2022-30297
CVE-2022-33973
CVE-2022-36367
CVE-2022-30691
CVE-2022-26341
CVE-2022-26028
CVE-2022-21198
CVE-2021-33064
CVE-2021-26251
CVE-2022-30548
CVE-2022-27499
CVE-2022-26006

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CVE-2025-24813 – Apache Tomcat Vulnerability

Siemens SINAMICS S200 Bootloader Vulnerability Allows Attackers to Compromise the Device

Mirai Botnet aka Katana – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us