Intel patched six security vulnerabilities during the January 2020 Patch Tuesday, including a high severity vulnerability in VTune and a bug affecting the Intel Processor Graphics drivers for Windows and Linux.

The security issues addressed today are detailed in the six security advisories published on Intel's Product Security Center.

According to Intel, these vulnerabilities could allow authenticated users to potentially trigger denial of service states and escalate privileges via local access, while others could lead to information disclosure.

"This month, consistent with our commitment to transparency, we are releasing 6 security advisories addressing 6 vulnerabilities," Intel's Director of Security Communications Jerry Bryant said.

"Three of these, including the one with the highest CVSS severity rating of 8.2, were internally found by Intel, and the others were reported through our Bug Bounty program."

Intel's January 2020 Patch Tuesday advisories

Below you can find all the advisories published by Intel during 2020's first Patch Tuesday, together with links to download pages where you can get the updates needed to patch the security flaws.

While Intel says that they are not aware of any of the security issues being exploited in the wild, users are advised to install the updates as soon as possible.

Out of the six vulnerabilities patched today two stand out. The first one tracked as CVE-2019-14613 is a high severity one impacting the Intel VTune Amplifier for Windows that may allow authenticated local attackers to potentially escalate privileges.

The other one is a medium severity information disclosure flaw tracked as CVE-2019-14615 that affects the Windows and Linux graphics drivers on a wide range of processors including the company's latest 10th Generation 'Ice Lake' Intel Core Processors.

Advisory Number Advisory CVE ID Severity rating Updates
INTEL-SA-00325 Intel VTUNE CVE-2019-14613 8.2 DOWNLOAD
INTEL-SA-00308 Intel RWC 3 for Windows CVE-2019-14601 6.7 DOWNLOAD
INTEL-SA-00300 Intel SNMP Subagent Stand-Alone for Windows CVE-2019-14600 6.5 DISCONTINUED
INTEL-SA-00314 Intel Processor Graphics CVE-2019-14615 6.3 DOWNLOAD
INTEL-SA-00306 Intel Chipset Device Software INF Utility CVE-2019-14596 5.9 DOWNLOAD
INTEL-SA-00332 Intel DAAL CVE-2019-14629 3.9 DOWNLOAD

"Intel has released security updates to address vulnerabilities in multiple products," the Cybersecurity and Infrastructure Security Agency (CISA) said today in a notification. "An authenticated attacker with local access could exploit some of these vulnerabilities to gain escalation of privileges."

The agency encourages both users and administrators to review the security advisories published today by Intel and apply the necessary updates to defend against potential exploitation attempts.

Each of the linked advisories comes with a detailed list of all affected products and recommendations for vulnerable products, as well as contact info for users and researchers who would want to report other vulnerabilities found in Intel branded tech or products.

Related Articles:

TellYouThePass ransomware revived in Linux, Windows Log4j attacks

Nearly 11 million SSH servers vulnerable to new Terrapin attacks

CISA warns of actively exploited bugs in Chrome and Excel parsing library

Microsoft disables MSIX protocol handler abused in malware attacks

Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers