Julien Lenoir

**Name of the Vulnerable Software and Affected Versions** Intel(R) PROSet/Wireless WiFi versions (affected versions not specified) Intel vPro(R) CSME WiFi versions (affected versions not specified) Killer(TM) WiFi versions (affected versions not specified) **Description** The issue is related to improper input validation in some Intel WiFi products, which may allow an unauthenticated user to potentially enable denial of service via local access. This could be exploited by a remote attacker to cause a denial of service. **Recommendations** For Intel(R) PROSet/Wireless WiFi, consider disabling the vulnerable input validation function until a patch is available. For Intel vPro(R) CSME WiFi, restrict access to the WiFi module to minimize the risk of exploitation. For Killer(TM) WiFi, avoid using the product until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intel(R) PROSet/Wireless WiFi software versions prior to 22.140 **Description** The issue is related to an out-of-bounds write in the Intel(R) PROSet/Wireless WiFi software, which may allow an unauthenticated user to potentially enable denial of service via adjacent access. This can be exploited to cause a denial of service. **Recommendations** For versions prior to 22.140, update to version 22.140 or later to resolve the issue. As a temporary workaround, consider restricting access to adjacent networks to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Intel(R) RealSense(TM) ID Solution F450 versions prior to 2.6.0.74 **Description** The issue is related to insecure default variable initialization, which may allow an unauthenticated user to enable information disclosure via physical access. This is due to errors in initialization. Exploitation of the issue may allow an attacker to disclose protected information. **Recommendations** For versions prior to 2.6.0.74, update to version 2.6.0.74 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Das U-Boot versions prior to 2021.04-rc2 Description: The boot loader in Das U-Boot mishandles use of unit addresses in a FIT. Recommendations: For versions prior to 2021.04-rc2, update to version 2021.04-rc2 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Das U-Boot versions prior to 2021.04-rc2 Description: The issue concerns the boot loader in Das U-Boot, which mishandles a modified FIT. Recommendations: For versions prior to 2021.04-rc2, update to version 2021.04-rc2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Belden Hirschmann Tofino Xenon Security Appliance versions prior to 03.2.00 **Description** An issue has been discovered that allows an attacker to bypass function code filtering by sending malformed or crafted ModBus packets to a protected asset. This is due to improper handling of the `mbap.length` field of ModBus packets in the ModBus DPI filter. **Recommendations** For versions prior to 03.2.00, update to version 03.2.00 or later to resolve the issue. As a temporary workaround, consider restricting access to the ModBus DPI filter until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Belden Hirschmann Tofino Xenon Security Appliance versions prior to 03.2.00 **Description** The issue is related to design flaws in OPC classic and custom netfilter modules, allowing an attacker to remotely activate rules on the firewall and connect to any TCP port of a protected asset, thus bypassing the firewall. The attack methodology involves a crafted OPC dynamic port shift. This is due to errors in security settings of the OPC Classic protocol implementation. **Recommendations** For versions prior to 03.2.00, update to version 03.2.00 or later to resolve the issue. As a temporary workaround, consider restricting access to the OPC classic protocol and custom netfilter modules to minimize the risk of exploitation.