TR-21-0150 (Intel Güvenlik Zafiyeti)

Genel Bilgi

Intel'e ait Intel (R) Graphics Driver, Intel (R) HD Graphics Control Panel ve Intel(R) Server Boards'un bazı versiyonlarında Yetki Yükseltme zafiyeti tespit edilmiştir.

Etki

Mevcut güvenlik açıklıkları nedeniyle kimlik doğrulaması yapan lokal kullanıcıların Yetki Yükseltmesi gerçekleştirmeleri ihtimal dâhilindedir. Güncellemelerle ilgili CVE zafiyet kodları listelenmiştir:

CVE-2020-12385, CVE-2020-0518, CVE-2020-0521, CVE-2020-0544, CVE-2020-12339, CVE-2020-12362, CVE-2020-12366, CVE-2020-12367, CVE-2020-12368, CVE-2020-12369, CVE-2020-12373, CVE-2020-12375, CVE-2020-12377, CVE-2020-12380 ve CVE-2020-12384

Çözüm

Ulusal Siber Olaylara Müdahale Merkezi (USOM) kullanıcı ve sistem yöneticilerine ilgili dokümanları gözden geçirmelerini ve gerekli güncellemeleri yapılmasını tavsiye etmektedir.

Kaynaklar

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-0518

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-0521

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-0544

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12339

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12362

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12366

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12367

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12368

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12369

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12373

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12385

2021-02-19