October 10, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple SolarWinds Access Rights Manager Zero-Day Vulnerabilities
May 22, 2024
Remcos RAT – Active IOCs
May 22, 2024
Multiple SolarWinds Access Rights Manager Zero-Day Vulnerabilities
May 22, 2024
Remcos RAT – Active IOCs
May 22, 2024
Severity
Medium
Analysis Summary
CVE-2023-47169 CVSS:3.3
Intel Media SDK is vulnerable to a denial of service, caused by improper buffer restrictions. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-47282 CVSS:3.9
Intel Media SDK and oneVPL software could allow a local authenticated attacker to gain elevated privileges on the system, caused by an out-of-bounds write. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2023-45221 CVSS:4.8
Intel Media SDK could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper buffer restrictions. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2023-22656 CVSS:3.9
Intel Media SDK and oneVPL software could allow a local authenticated attacker to gain elevated privileges on the system, caused by an out-of-bounds read. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2023-48368 CVSS:5.9
Intel Media SDK is vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2022-37410 CVSS:7
Intel Thunderbolt driver software could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2023-27504 CVSS:7.2
Intel BIOS Guard and PPAM Firmware could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper conditions check. By sending a specially crafted, an attacker could exploit this vulnerability to escalate privileges.
CVE-2023-28383 CVSS:6.1
Intel BIOS Guard and PPAM Firmware could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper conditions check. By sending a specially crafted, an attacker could exploit this vulnerability to escalate privileges.
CVE-2023-28402 CVSS:7.2
Intel BIOS Guard and PPAM Firmware could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper input validation. By sending a specially crafted, an attacker could exploit this vulnerability to escalate privileges.
Impact
- Denial of Service
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2023-47169
- CVE-2023-47282
- CVE-2023-45221
- CVE-2023-22656
- CVE-2023-48368
- CVE-2022-37410
- CVE-2023-27504
- CVE-2023-28383
- CVE-2023-28402
Affected Vendors
Intel
Affected Products
- Intel Media SDK
- Intel oneVPL software
- Intel Thunderbolt driver software
- Intel BIOS Guard and PPAM Firmware
Remediation
Refer to Intel Security Advisory for patch, upgrade or suggested workaround information.