SB2016041116 - Privilege escalation in Intel Ethernet diagnostics driver for Windows
Published: April 11, 2016 Updated: February 12, 2023
Security Bulletin ID
SB2016041116
Severity
High
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Buffer overflow (CVE-ID: CVE-2015-2291)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the 0x80862013, 0x8086200B, 0x8086200F, and 0x80862007 IOCTL calls in the Intel Ethernet diagnostics driver for Windows. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Note, the vulnerability is being actively exploited in the wild since December 2022 by Scattered Spider (aka Roasted 0ktapus or UNC3944).
Remediation
Install update from vendor's website.