- 310/2024
- High
Intel has released security updates to address several vulnerabilities in multiple Intel products.
The addressed vulnerabilities could allow the attacker to perform denial-of-service attacks, gain elevated privileges, or obtain sensitive information and gain access to the affected systems.
Sample of the addressed vulnerabilities:
1. Intel® Xeon® Processor with Intel® SGX Privilege Escalation (CVE-2024-23918):
- CVSS: 8.8
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Consequences: Gain Privileges
2. Intel® PROSet/Wireless Wi-Fi Software and Intel® Wireless Bluetooth® Denial of Service Vulnerability (CVE-2024-24984):
- CVSS: 6.5
- Attack Vector: Adjacent Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Consequences: Denial of Service
Sample of the affected products:
- Intel® Neural Compressor software.
- Intel® one API Base Toolkit (Base Kit)/ DPC++/C++ Compiler.
- Intel® DSA software.
- Intel® Quartus® Prime Pro Edition software.
- Intel® SDP Tool for Windows software.
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.