InfoSecBulletin Cybersecurity for mankind
Intel released 41 security advisories this Patch Tuesday, which contain information about over 90 vulnerabilities in their products. The company has fixed most of the vulnerabilities with patches and provided some mitigations for others.
The most significant flaw is CVE-2024-22476. It is rated as ‘critical’ and has a severity score of 10. This flaw has been found in Neural Compressor, an AI product that optimizes models to make them smaller and faster for deep learning applications on CPUs or GPUs.
CVSS 10.0 Flaw
Critical flaw in Siemens OZW Web Servers Enable Unauthenticated RCE
Microsoft Patch Tuesday May 2025: 72 flaws, 5 Actively Exploited Zero-Day
OTP glitch disrupted NID services across the country
Google to pay Texas $1.4 billion for location tracking practices
YouTube geo-blocks at least 4 Bangladeshi TV channels in India
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
Intel says this critical vulnerability could allow an unauthenticated attacker to “enable escalation of privilege via remote access”.
Serious flaws were discovered in various server products’ UEFI firmware, including Arc & Iris Xe Graphics, PROSet/Wireless, Power Gadget, Trust Domain Extensions, Secure Device Manager, Dynamic Tuning Technology, Thunderbolt, Graphics Performance Analyzers, BIOS Guard, Platform Properties Assessment Module, and Ethernet Controller I225 Manageability products. These flaws can allow privilege escalation, DoS attacks, or information disclosure.
Medium-severity vulnerabilities in various products have been fixed. These products include Data Streaming Accelerator, Analytics Accelerator, Processor Diagnostic Tool, Graphics Performance Analyzers, Extreme Tuning Utility, Computing Improvement Program, Ethernet Controller Administrative Tools, Quartus Prime, Processor Identification Utility, Programmable Gate Array, Core Ultra processor, and Advisor.
Medium-severity issues have been found in various Intel products such as Inspector, Distribution for GDB, Data Center GPU Max Series, Performance Counter Monitor, VTune Profiler, Chipset Device Software, Driver & Support Assistant, and others.
Many of these flaws can be used to gain more privileges or carry out DoS attacks or information disclosure.
