Intel releases patches for code execution vulnerabilities

by chebbi abir

Intel released a slew of patches last week, fixing a range of vulnerabilities that could allow attackers to execute their own code on affected devices.

The chip maker released several security advisories to address the risks. One group of patched vulnerabilities affect its Converged Security and Management Engine (CSME), Server Platform Services, Trusted Execution Engine and Active Management Technology (AMT).

These are technologies that run at a very low level in the hardware stack, often underneath anti-malware software that might otherwise pick up suspicious activity. The bugs allow users to potentially escalate privileges, disclose information or cause a denial of service, Intel said.

There are 12 vulnerabilities in this group, including five marked with high severity.

Of these, only CVE-2018-12187 can be executed remotely via a network. This is a high-severity denial of service bug relying on insufficient input validation in Intel’s Active Management Technology.

Two of the other high-severity bugs rely on local access, which is tied to read/write/execute capabilities. In practice, this means that the attacker has to be logged into the machine, or that the user must be persuaded to interact with a malicious file.

These bugs are CVE-2018-12190, which lets an attacker potentially execute arbitrary code via insufficient input validation in CSME. CVE-2018-12200 could allow privilege escalation via insufficient access control in the Intel Capability Licensing Service.

The other two high-severity bugs require physical access to the device. CVE-2018-12208 could allow an unauthenticated user to potentially execute arbitrary code via CSME, while CVE-2018-12185 carries a similar danger, via AMT.

You can read more about the meanings of the attack vectors used in CVE vulnerability listings.

Another set of patches addressed vulnerabilities in its Windows 10 graphics drivers, which could execute a range of activities, including denial of service, extracting information, and causing execution problems such as out-of-bound memory reads and integer overflows. Several allow code execution on affected machines.

This group of patches addressed 19 security flaws, two of which were marked as high severity. The severest security bugs stem from memory corruption and insufficient input validation in Intel’s kernel mode driver. Each of them potentially enable a privileged user to execute arbitrary code.

One flaw was particularly interesting: CVE-2018-12223 enables an unprivileged user to escape from a virtual machine guest to the host machine via local access. This was marked with medium severity.

Intel recommends that users of Intel Graphics Driver for Windows update to versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 or later.

Other advisories issued by Intel last week covered security flaws in its firmware, including the high-severity flaw CVE-2018-12204, which allows for arbitrary code execution in its Platform Sample/Silicon Reference firmware Intel Server Board, Intel Server System and Intel Compute Module via local access.

Lenovo issued updates to implement many of these Intel fixes in its own products two days after Intel released its own patches.

To read the original article:

https://nakedsecurity.sophos.com/2019/03/18/intel-patches-a-gaggle-of-flaws-allowing-for-code-execution/

Top

Interdit de copier  ce contenu