TTCSIRT-233.101019: TT-CSIRT ADVISORY – INTEL SECURITY UPDATES
Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine. TTCSIRT encourages users and administrators to review the following advisories from Intel and apply the necessary remediation actions:
- CVE-2019-14569 – Potential security vulnerabilities in system firmware for Intel® NUC may allow escalation of privilege, denial of service and/or information disclosure.
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00296.html - CVE-2019-11167 – A potential security vulnerability in Intel® Smart Connect Technology for Intel® NUC may allow escalation of privilege.
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00286.html - CVE-2019-11120 – A potential security vulnerability in Intel Active System Console for Intel® Server Boards and Systems may allow an escalation of privilege.
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00261.html