Many vulnerabilities were found in Intel products, causing cyber alerts. A cyber security advisory has been released by the Pakistan Telecommunication Authority (PTA) concerning the matter.
Including the Intel Server Products UEFI Firmware, Intel GPA Software, Intel GPA Framework Software, and Intel Server Board Onboard Video Driver Software, a variety of Intel devices and software are affected by these vulnerabilities. The users were alerted by the advisory to the possibility that locally authenticated attackers may use the vulnerabilities to launch a denial of service (DoS) attack or obtain elevated privileges.
The advisory claims that a number of technical issues, including faulty input validation, uncontrolled search paths, and erroneous default permissions, are the root cause of the vulnerabilities.
These vulnerabilities have a high risk of local privilege escalation and a substantial threat classification. Common vulnerabilities and exposures, or CVEs, have been attributed to the vulnerabilities; some of the entries include CVE-2023-24460, CVE-2024-21788, and CVE-2023-41961, among others.
To reduce the possible risks associated with these vulnerabilities, PTA has put forward a number of preventative steps. Among these, it has recommended to enterprises that, in order to minimize harm in the event of an account compromise, users operate with the minimum privileges necessary for their job functions.
It is recommended that comprehensive monitoring systems be put in place to identify any anomalous activity that would indicate the exploitation of these vulnerabilities. Multi-factor authentication (MFA) and stresses restricting physical and network access to affected Intel equipment to trusted workers are also advised to use by the advisor.
To find the vulnerabilities that could be taken advantage of, cyber alerts also advise repeatedly performing vulnerability assessments and security audits in Intel products. In addition, PTA highlighted the value of education for users, especially considering the risks associated with privilege escalation attacks.
Users are advised not to reuse passwords and to watch out for phishing efforts since they may serve as a conduit for these kinds of assaults.
PTA has recommended the installation of host intrusion detection systems (HIDS) to guard against unauthorized changes to important files and folders in response to the vulnerabilities. This would give early alerts in the event that someone tried to take advantage of you. Any events or suspicious actions should be reported to PTA via its CERT Portal and email, enabling the authority to take further action.
