Intel issued two security updates for software and hardware products to patch vulnerabilities that may allow escalation of privilege and information disclosure.

The software security flaw impacts Intel Easy Streaming Wizard before version 2.1.0731, a wizard tool designed to help Twitch and YouTube streamers set up the Open Broadcaster Software (OBS) streaming software easier using a step by step method.

No user interaction required

The vulnerability tracked as CVE-2019-11166 and reported by Karthikeyan Selvaraj comes with a medium severity score of 5.7, and it could be used by an authenticated attacker to escalate their privileges on the system via a local attack.

According to Intel's advisory, the flaw is caused by improper file permissions in the installer for Intel Easy Streaming Wizard and the attackers require high local privileges to run what is considered a high complexity attack. 

Even though this decreases the risks of such attacks being successfully carried out, skilled attackers may still be able to exploit the flaw especially given that doing this doesn't require user interaction.

Intel recommends users to update Intel Easy Streaming Wizard to 2.1.0731 or later using Windows 10 update packages available from Intel's support website.

Server-grade processor vulnerability

Intel also fixed a hardware security flaw present in all Intel Xeon E5, E7 and SP families since 2012 that come with support for Data Direct I/O (DDIO) and Remote Direct Memory Access (RDMA.

The vulnerability tracked as CVE-2019-11184 rated as low severity with a score of just 2.6 is caused by a race condition in which potentially allows authenticated attackers to enable partial information disclosure via adjacent access.

"Partial information potentially disclosed through exploitation of this vulnerability could be utilized to enhance unrelated attack methods," says Intel's advisory.

Intel advises users to follow a series of best practices to mitigate published exploits:

• Where DDIO & RDMA are enabled, limit direct access from untrusted networks
• The use of software modules resistant to timing attacks, using constant-time style code
• Security Best Practices For Side Channel Resistance
• Guidelines For Mitigating Timing Side Channels Against Cryptographic Implementations

Network-based CPU side-channel attack

This security flaw was dubbed NetCAT (Network Cache ATtack) by researchers from VU Amsterdam who discovered it and published a whitepaper titled "NetCAT, Practical Cache Attacks from the Network" on September 10, describing how it could be exploited by mounting a side-channel attack over the network to sniff sensitive details.

The researchers also published a video demonstration of the attack showing how keystrokes from an SSH session can be leaked remotely:

"In scenarios where a malicious actor has a direct network connection to the target system, NetCAT may enable a Prime+Probe style exploit that targets processors supporting Intel Data-Direct I/O Technology (Intel DDIO) and Remote Direct Memory Access (RDMA) to disclose system information," says Intel.

Related Articles:

Over 28,500 Exchange servers vulnerable to actively exploited bug

Zoom patches critical privilege elevation flaw in Windows apps

New 'Looney Tunables' Linux bug gives root on major distros

CISA: Critical Microsoft SharePoint bug now actively exploited

CISA urges software devs to weed out SQL injection vulnerabilities