Intel has stomped out high-severity glitches in its Next Unit Computing (NUC) mini PC firmware and in its Modular Server Compute Module.
Overall, Intel addressed nine glitches throughout six products in its April safety update – two of those being high-severity, and the rest being medium-severity. If exploited, the flaws might allow attackers to escalate privileges or launch denial-of-service (DoS) assaults.
One of the high-severity flaws emerges from a compute module utilized in Intel’s modular server system, which is a blade system for Intel motherboards and processors first launched in 2008. The vulnerability stems from an improper conditions check, which might permit an unauthenticated consumer to potentially allow escalation of privilege.
Along with this flaw, two medium-severity flaws were additionally discovered in the same compute module: A buffer overflow vulnerability that would enable an unauthenticated attacker to launch a DoS attack; and an insufficient control flow glitch (CVE-2020-0577) that permits an unauthenticated user to doubtlessly escalate privileges via adjoining access.
All versions of the compute module are affected, but Intel stated that it’s not releasing security updates to mitigate the glitches – instead, it will discontinue the compute module entirely.