漏洞分享 - Intel 產品存在多個漏洞

                                                                                                                                                                        

Intel 產品存在多個漏洞

一、摘要

         Intel 產品發現多個漏洞，遠端攻擊者可利用這些漏洞，於目標系統觸發阻斷服務狀況、權限提升及洩露敏感資料。

二、存在風險

        Intel 產品發現多個漏洞，遠端攻擊者可利用這些漏洞，於目標系統觸發阻斷服務狀況、權限提升及洩露敏感資料，其影響系統或版本如下：

• 受影響之系統：
• Intel Agilex® 7 FPGAs and SoC FPGAs Firmware versions after 21.4
• Intel® Agilex™ 7 FPGA and SoC FPGA product families
• Intel Atom® Processor X Series
• Intel® Atom® Processors C Series
• Intel® BIOS Guard firmware
•  Intel® BIOS PPAM firmware
• Intel® Celeron® Processor Family
• Intel® Core™ Processor N series
• Intel® Core™ Ultra processors
• Intel® Data Center GPU Max Series 1100 and 1550 products
• Intel® Ethernet Controller I225 Manageability firmware before NVM version 1.87
• Intel® Ethernet Adapters before version 29.0.1
• Intel® TDX module software before version TDX_1.5.05.46.698
• Intel® PROSet/Wireless Wi-Fi software before version 23.20
• Intel® Pentium® Gold Processor Family
• Intel® Processor N-series
• Intel® Server D50DNP Family
• Intel® Server M50FCP Family
• Intel® Server Board S2600BP Family
• Intel® Stratix® 10 FPGA and SoC FPGA product families
• Intel® Stratix® 10 FPGAs and SoC FPGAs Firmware versions after 21.2
• Intel® Xeon® W workstation processors
• Intel® Xeon® D Processor
• 4th Generation Intel® Xeon® Scalable processors
• 4th Generation Intel® Xeon® Platinum processors
• 4th Generation Intel® Xeon® Gold Processors
• 4th Generation Intel® Xeon® Silver Processor
• 4th Generation Intel® Xeon® Bronze Processor
• 4th Gen Intel Xeon Scalable Processors with Intel® vRAN
• 5th Generation Intel® Xeon® Scalable processors
• 12th Generation Intel® Core™ Processor Family
• 13th Generation Intel® Core™ Processor Family

三、建議改善措施：

           企業及使用者如有上述漏洞版本應盡速更新。

    情資報告連結：

• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01007.html
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01045.html
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00756.html
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00814.html
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01036.html
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01039.html
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01041.html
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01050.html
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01051.html
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01052.html
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01084.html