Rewterz

Rewterz Threat Advisory –Multiple Microsoft Security Vulnerabilities

August 11, 2021
Rewterz

Rewterz Threat Advisory –Multiple Mozilla Firefox Security Vulnerabilities

August 11, 2021

Rewterz Threat Advisory –Multiple Intel Ethernet Linux Driver Security Vulnerabilities

Severity

High

Analysis Summary

CVE-2021-0084

Improper input validation in the Intel(R) Ethernet Controllers may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2021-0002

Improper conditions check in some Intel(R) Ethernet Controllers may allow an authenticated user to potentially enable information disclosure or denial of service via local access.

CVE-2021-0003

Improper conditions check in some Intel(R) Ethernet Controllers may allow an authenticated user to potentially enable information disclosure via local access.

Impact

  • Privilege Escalation
  • Information Disclosure
  • Unauthorized Access

Affected Vendors

Intel

Affected Products

  • Intel Ethernet Controllers X722 and 800 series before Linux RMDA driver version 1.3.19
  • Intel Ethernet Controllers 800 series Linux driver before version 1.4.11

Remediation

For the complete list of affected products and mitigation techniques refer to the vendor website at

https://www.intel.com/content/www/us/en/support/products/36773/ethernet-products.html

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.