Rewterz Threat Advisory – Multiple Intel Unison Vulnerabilities
November 16, 2023
Severity
Low
Analysis Summary
CVE-2023-25756 CVSS: 4.6
Multiple Intel Processors could allow a remote authenticated attacker to gain elevated privileges on the system, caused by an out-of-bounds read in the BIOS firmware. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2023-22329 CVSS: 2.6
Multiple Intel Processors are vulnerable to a denial of service, caused by improper input validation in the BIOS firmware. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
Impact
- Privilege Escalation
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2023-25756
- CVE-2023-22329
Affected Vendors
Intel
Affected Products
- Intel 8th Generation Intel Core Processors
- Intel 11th Generation Core Processor Family
- Intel 9th Generation Intel Core Processor Family
- Intel 10th Generation Intel Core Processor Family
- Intel 12th Gen Intel Core processor
- Intel 13th Generation Intel Core Processor Family
Remediation
Refer to INTEL Security Advisory for patch, upgrade or suggested workaround information.