Intel released new security updates with the fixes of two vulnerabilities that affected Intel Processor Diagnostic Tool and Solid State Drives (SSD) for Data Centers (DC) S4500/S4600 Series.
Vulnerability in Processor Diagnostic Tool categorized as “High” Severity and the other vulnerability that affected Solid State Drives (SSD) S4500/S4600 Series marked as “Medium” Severity.
Intel Processor Diagnostic Tool
A software-based privilege escalation vulnerability (CVE-2019-11133) that resides in the Processor Diagnostic Tool before version 220.127.116.11 lets the attacker perform a denial of service attack and steal the sensitive information due to Improper access control.
Jesse Michael from Eclypsium initially discovered this vulnerability reported Intel under responsible disclosed policy.
Intel® Processor Diagnostic Tool for 32-bit before version 18.104.22.168_32bit.
Intel® Processor Diagnostic Tool for 64-bit before version 22.214.171.124_64bit.
Intel recommends that users of Intel Processor Diagnostic Tool update to version 126.96.36.199 or later. Download Here.
Intel Solid State Drives (SSD)
Another security vulnerability ( CVE-2018-18095) that affected Intel Solid State Drives (SSD) S4500/S4600 Series firmware that used for Data Centers (DC) let unprivileged user escalate the privilege via physical access.
Intel® SSD DC S4500 Series firmware before SCV10150.
Intel® SSD DC S4600 Series firmware before SCV10150.
Intel releasing firmware updates to mitigate this vulnerability and recommends updating Intel® SSD DC S4500 Series and Intel® SSD DC S4600 Series firmware to SCV10150 or later.
This vulnerability was found internally by Intel updates are available for download Here