The Pakistan Telecommunication Authority (PTA) has issued a Cyber Security Advisory concerning multiple vulnerabilities detected in Intel products.
These vulnerabilities affect a range of Intel software and hardware, including Intel GPA Software, Intel GPA Framework Software, Intel Server Products UEFI Firmware, and Intel Server Board Onboard Video Driver Software. The advisory warns that the vulnerabilities could be exploited by locally authenticated attackers to gain elevated privileges or initiate a denial of service (DoS) attack.
According to the advisory, the vulnerabilities arise from various technical flaws such as incorrect default permissions, uncontrolled search paths, and improper input validation. The threat classification for these vulnerabilities is significant, with a high potential for local privilege escalation. The vulnerabilities have been assigned Common Vulnerabilities and Exposures (CVEs), which include several entries like CVE-2023-24460, CVE-2024-21788, and CVE-2023-41961, among others.
PTA has recommended several precautionary measures to mitigate the potential risks associated with these vulnerabilities. Among these, it has advised organizations to ensure that users operate with the least privileges required for their job functions to limit damage in case of an account compromise. Comprehensive monitoring systems should be implemented to detect unusual activities that could signal the exploitation of these vulnerabilities. Additionally, the advisory emphasizes limiting both physical and network access to affected Intel products to trusted personnel, while recommending the use of multi-factor authentication (MFA).
Further recommendations from the advisory include conducting regular security audits and vulnerability assessments to identify weaknesses that could be exploited. PTA also stressed the importance of user education, particularly in relation to the dangers of privilege escalation attacks. Users are urged to avoid reusing passwords and to be vigilant against phishing attempts, which can be a vector for such attacks.
In response to the vulnerabilities, PTA has advised the deployment of Host Intrusion Detection Systems (HIDS) to monitor critical files and directories for unauthorized changes. This would provide early warnings in case of an exploitation attempt. Any incidents or suspicious activities should be reported to PTA via its CERT Portal and email, enabling the authority to take further action.
Reference Link:- https://propakistani.pk/2024/09/25/pta-issues-cyber-alert-against-intel-products/