IPAS Security Advisories for February 2021

Hello and welcome to our first security advisory release in 2021. This month we are releasing 19 advisories addressing 57 CVEs. 55 of these issues are the result of our ongoing investments in security research. 40 of these, including the vulnerability with the highest CVSS score of 8.8, were found internally and another 15 reported through our Bug Bounty program.

Here’s a quick break down of severities and how they were found:

Severity Internally Found Externally Reported Total
Critical 0 0 0
High 6 3 (3 Bug Bounty) 9
Medium 19 13 (12 Bug Bounty) 32
Low 15 1 16

 

The bulk of advisories this month are software driver updates for graphics components and firmware/software updates for ethernet components. While you may be able to retrieve these updates direct from Intel, we recommend that you check with your system manufacturer for updates specific to your system. Find links to system manufacturer support sites HERE.

For the complete list of today’s advisories and more information about the Intel Bug Bounty program, please visit our security center.

Cheers,

Jerry Bryant
Sr. Director of Communications
Intel Product Assurance and Security

Published on Categories IDF
Jerry Bryant

About Jerry Bryant

Jerry Bryant is a Senior Director of Security Communications at Intel Corp. where he leads communications strategy, vulnerability issues management, field, and customer readiness within the Intel Product Assurance and Security Group (IPAS). Jerry has over 20 years experience in product security incident response within fortune 50 companies and specializes in vulnerability handling, incident/crisis management, threat intelligence sharing, industry, and government engagement. He believes strongly in sharing lessons learned and helping to advance the knowledge and readiness of defenders across the industry. Jerry is a co-author of the Product Security Incident Response Team (PSIRT) Services Framework, a cross industry collaboration through the Forum for Incident Response and Security Teams (FIRST.org).