Maxim Goryachy

**Name of the Vulnerable Software and Affected Versions** Intel(R) Trace Hub (affected versions not specified) **Description** The issue is related to insufficient access control in the Intel(R) Trace Hub driver, which may allow an attacker to escalate privileges. For some Intel(R) Trace Hub instances, it is possible to activate test or debug logic at runtime, potentially enabling an unauthenticated user with physical access to escalate privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intel(R) processors (affected versions not specified) **Description** The issue is related to the activation of test or debug logic at runtime for some Intel(R) processors, which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. This is due to insufficient protection of service data in the BIOS/UEFI firmware. Exploitation of the issue may allow an attacker to gain elevated privileges and access sensitive information. The problem is also associated with a debugging functionality that has excessive privileges, potentially allowing attackers to read encrypted files. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Intel(R) Innovation Engine versions prior to 1.0.859 Description: The issue is related to insufficient control flow management in the firmware build and signing tool, which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. This is also associated with insecure privilege management, allowing an attacker to potentially elevate their privileges. Recommendations: For versions prior to 1.0.859, update to version 1.0.859 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Intel(R) TXE versions before 3.175 Intel(R) TXE versions before 4.0.25 Description: The issue is related to improper access control in the Intel(R) TXE subsystem, which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. This is due to insecure privilege management. Recommendations: For Intel(R) TXE versions before 3.175, update to version 3.175 or later. For Intel(R) TXE versions before 4.0.25, update to version 4.0.25 or later.

**Name of the Vulnerable Software and Affected Versions** Intel(R) CSME versions prior to 11.21.55 Intel(R) Server Platform Services versions prior to 4.0 Intel(R) Trusted Execution Engine Firmware versions prior to 3.1.55 **Description** The issue is related to insufficient input validation in the HECI subsystem, which may allow a privileged user to potentially enable escalation of privileges via local access. **Recommendations** For Intel(R) CSME versions prior to 11.21.55, update to version 11.21.55 or later. For Intel(R) Server Platform Services versions prior to 4.0, update to version 4.0 or later. For Intel(R) Trusted Execution Engine Firmware versions prior to 3.1.55, update to version 3.1.55 or later.

**Name of the Vulnerable Software and Affected Versions** Intel(R) CSME versions prior to 11.x Intel(R) TXE versions 3.x, 4.x Intel(R) Server Platform Services versions 3.x, 4.x Intel(R) SPS versions prior to SPS E3 05.00.04.027.0 **Description** The issue is related to insufficient access control in the Intel Converged Security and Management Engine, Intel Server Platform Services, and Intel Trusted Execution Engine. This could allow an unauthenticated user with physical access to potentially enable escalation of privilege. The vulnerability may also allow an attacker to extract the platform's root key, which is used as a root of trust for authenticating various platform components, including TPM and UEFI firmware. This could compromise cryptographic operations for hardware-enabled security technologies. **Recommendations** For Intel(R) CSME versions prior to 11.x: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For Intel(R) TXE versions 3.x, 4.x: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For Intel(R) Server Platform Services versions 3.x, 4.x: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For Intel(R) SPS versions prior to SPS E3 05.00.04.027.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ZTE ZXHN F670 versions prior to V1.1.10P3T18 **Description** The issue is related to improper authorization, allowing an attacker to brute force account credentials due to the lack of authorization delay in the appviahttp service. **Recommendations** For versions prior to V1.1.10P3T18, consider restricting access to the appviahttp service to minimize the risk of exploitation. As a temporary workaround, implement additional authentication measures or rate limiting to prevent brute force attacks on account credentials.

**Name of the Vulnerable Software and Affected Versions** ZTE ZXHN F670 versions prior to V1.1.10P3T18 **Description** The issue is related to a heap-based buffer overflow, which could potentially allow an attacker to execute arbitrary code. **Recommendations** For versions prior to V1.1.10P3T18, update to a version later than V1.1.10P3T18 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ZTE ZXHN F670 versions prior to V1.1.10P3T18 **Description** The issue allows an unauthenticated attacker to obtain the GPON SN information via the `appviahttp` service, potentially leading to information exposure. **Recommendations** For versions prior to V1.1.10P3T18, consider restricting access to the `appviahttp` service until a fix is available.

**Name of the Vulnerable Software and Affected Versions** ZTE ZXHN F670 versions prior to V1.1.10P3T18 **Description** The issue is related to a null pointer dereference, which may allow an attacker to cause a denial of service via the `appviahttp` service. **Recommendations** For versions prior to V1.1.10P3T18, update to a version newer than V1.1.10P3T18 to resolve the issue. As a temporary workaround, consider restricting access to the `appviahttp` service to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ZTE ZXHN F670 versions prior to V1.1.10P3T18 **Description** The issue is related to improper access control, which may allow an unauthorized user to perform unauthorized operations on the router. **Recommendations** For versions prior to V1.1.10P3T18, update to a version that addresses the improper access control issue to prevent unauthorized operations on the router.

**Name of the Vulnerable Software and Affected Versions** Intel CSME versions prior to 11.21.55 Intel Server Platform Services versions prior to 4.0 Intel Trusted Execution Engine Firmware versions prior to 3.1.55 **Description** A vulnerability in Intel CSME, Intel Server Platform Services, and Intel Trusted Execution Engine Firmware may allow an unauthenticated user to potentially modify or disclose information via physical access. The issue is caused by privilege management errors. **Recommendations** For Intel CSME versions prior to 11.21.55, update to version 11.21.55 or later. For Intel Server Platform Services versions prior to 4.0, update to version 4.0 or later. For Intel Trusted Execution Engine Firmware versions prior to 3.1.55, update to version 3.1.55 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.13.5 **Description** The issue involves the `Firmware` component and is related to insufficient access control. It allows attackers to modify the EFI flash-memory region using a crafted app that has root access. **Recommendations** For macOS versions prior to 10.13.5, update to version 10.13.5 or later to resolve the issue. As a temporary workaround, consider restricting root access to prevent exploitation.