2022年11月8日(現地時間)、Intelから複数のセキュリティアドバイザリが公開されました。影響を受ける製品やバージョンについての詳細は、Intelのアドバイザリを参照いただき、影響範囲の確認と対策をご検討ください。
INTEL-SA-00558: Intel System Studio Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00558.html
Intel System Studioに権限昇格の脆弱性
INTEL-SA-00610: 2022.3 IPU - Intel Chipset Firmware Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html
Intel Converged Security and Manageability Engine(CSME)、Intel Active Management Technology(AMT)、Intel Server Platform Services(SPS)の一部のChipset Firmwareに権限昇格およびサービス運用妨害(DoS)の脆弱性
INTEL-SA-00642: Intel Distribution of OpenVINO Toolkit Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00642.html
Intel Distribution of OpenVINO Toolkitにサービス運用妨害(DoS)の脆弱性
INTEL-SA-00659: Intel Quartus Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html
Intel Quartus Prime ProおよびStandard editionに権限昇格および情報漏えいの脆弱性
INTEL-SA-00673: Intel Glorp Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00673.html
Intel Glorp softwareに権限昇格の脆弱性
INTEL-SA-00676: Intel VTune Profiler Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00676.html
Intel VTune Profilerに権限昇格の脆弱性
INTEL-SA-00680: Intel AMT SDK, Intel EMA and Intel MC Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00680.html
Intel Active Management Technology(AMT)SDK、Intel Endpoint Management Assistant(EMA)、Intel Manageability Commander(MC)に権限昇格の脆弱性
INTEL-SA-00683: Intel XMM 7560 Modem Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00683.html
一部のIntel XMM 7560 Modem softwareに権限昇格などの脆弱性
INTEL-SA-00687: Intel PROSet/Wireless WiFi Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00687.html
一部のIntel PROSet/Wireless WiFi softwareにサービス運用妨害(DoS)の脆弱性
INTEL-SA-00688: 2022.3 IPU – BIOS Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html
一部のIntel ProcessorのBIOS firmwareに権限昇格の脆弱性
INTEL-SA-00689: Intel NUC HDMI Firmware Update Tool Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00689.html
NUC7i3DN、NUC7i5DN、NUC7i7DN向けのIntel NUC HDMI Firmware Update Toolに権限昇格の脆弱性
INTEL-SA-00691: Intel SGX SDK Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00691.html
Intel Software Guard Extensions(SGX)Software Development Kit(SDK)に情報漏えいの脆弱性
INTEL-SA-00695: Hyperscan Library Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00695.html
Hyperscan libraryに権限昇格の脆弱性
INTEL-SA-00699: Intel PROSet/Wireless WiFi, Intel vPro CSME WiFi and Killer WiFi Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00699.html
一部のIntel PROSet/Wireless WiFi、Intel vPro CSME WiFi、Killer WiFiにサービス運用妨害(DoS)の脆弱性
INTEL-SA-00708: Intel Server Boards and Server Systems Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00708.html
一部のIntel Server Boards、Intel Server Systemsに権限昇格および情報漏えいの脆弱性
INTEL-SA-00710: Intel SDP Tool Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00710.html
Intel Server Debug and Provisioning(SDP)Toolに情報漏えいの脆弱性
INTEL-SA-00711: PresentMon Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00711.html
PresentMonに権限昇格の脆弱性
INTEL-SA-00713: Intel DCM Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00713.html
Intel Data Center Manager(DCM)に権限昇格の脆弱性
INTEL-SA-00715: Intel Advanced Link Analyzer Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00715.html
Intel Advanced Link Analyzer Pro editionおよびStandard editionに権限昇格の脆弱性
INTEL-SA-00716: Intel EMA Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00716.html
Intel Endpoint Management Assistant(EMA)に権限昇格の脆弱性
INTEL-SA-00720: Intel WAPI Security Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00720.html
Windows10、Windows11向けIntel WLAN Authentication and Privacy Infrastructure(WAPI) Securityに情報漏えいの脆弱性
INTEL-SA-00740: Intel Support Android App Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html
Intel Support Android applicationに権限昇格および情報漏えいの脆弱性
INTEL-SA-00747: Intel NUC Kit Wireless Adapter Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00747.html
Intel NUC Kit Wireless Adapter driver installerに権限昇格の脆弱性
INTEL-SA-00752: Intel NUC Firmware Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00752.html
一部のIntel NUC BIOS firmwareに権限昇格およびサービス運用妨害(DoS)の脆弱性
Intel Corporation
Intel Product Security Center Advisories
https://www.intel.com/content/www/us/en/security-center/default.html
CyberNewsFlashは、注意喚起とは異なり、発行時点では注意喚起の基準に満たない脆弱性の情報やセキュリティアップデート予告なども含まれます。今回の件を含め、提供いただける情報がありましたら、JPCERT/CCまでご連絡ください。
一般社団法人JPCERTコーディネーションセンター(JPCERT/CC)
早期警戒グループ
Email:ew-info@jpcert.or.jp