A potential security vulnerability in the Intel® Processor Diagnostic Tool may allow escalation of privilege, denial of service, or information disclosure. Intel is releasing software updates to mitigate this potential vulnerability.
Description: Improper access control in the Intel(R) Processor Diagnostic Tool before version 22.214.171.124 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.
CVSS Base Score: 8.2 High
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Intel® Processor Diagnostic Tool for 32-bit before version 126.96.36.199_32bit.
Intel® Processor Diagnostic Tool for 64-bit before version 188.8.131.52_64bit.
Intel recommends that users of Intel® Processor Diagnostic Tool update to version 184.108.40.206 or later.
Updates are available for download at this location:
Intel would like to thank Jesse Michael from Eclypsium for reporting this issue.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.