Login Sign Up

CVE-2022-29514

7.7 HIGH

📋 TL;DR

This vulnerability in Intel SUR software allows unauthenticated attackers on the same network to potentially escalate privileges. It affects systems running Intel SUR software before version 2.4.8902. The improper access control could let attackers gain higher privileges than intended.

💻 Affected Systems

Products:
  • Intel(R) SUR software
Versions: All versions before 2.4.8902
Operating Systems: Windows, Linux (where Intel SUR is installed)
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems with Intel SUR software installed. The vulnerability is in the software itself, not dependent on specific OS configurations.

📦 What is this software?

System Usage Report by Intel

View all CVEs affecting System Usage Report →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with administrative privileges, allowing installation of malware, data theft, or persistence mechanisms.

🟠

Likely Case

Local privilege escalation to gain higher system privileges than the attacker's current level.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing unauthenticated network access.

🌐 Internet-Facing: MEDIUM - While the exploit requires network access, internet-facing systems would be more exposed if the service is accessible.
🏢 Internal Only: HIGH - Internal systems with vulnerable Intel SUR software are at significant risk from internal attackers or compromised devices.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

The advisory states unauthenticated network access can potentially enable privilege escalation, suggesting relatively straightforward exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.4.8902 or later

Vendor Advisory: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html

Restart Required: Yes

Instructions:

1. Download Intel SUR version 2.4.8902 or later from Intel's website. 2. Run the installer. 3. Restart the system to complete the update.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to systems running Intel SUR software

Disable Intel SUR Service

windows

Temporarily disable the Intel SUR service if not required

sc stop "Intel SUR Service"
sc config "Intel SUR Service" start= disabled

🧯 If You Can't Patch

  • Implement strict network access controls to limit who can reach systems with Intel SUR software
  • Monitor for unusual network connections or privilege escalation attempts on affected systems

🔍 How to Verify

Check if Vulnerable:

Check Intel SUR software version. If below 2.4.8902, the system is vulnerable.

Check Version:

Check program version in Windows Add/Remove Programs or run the Intel SUR application to see version information.

Verify Fix Applied:

Verify Intel SUR software version is 2.4.8902 or higher after update.

📡 Detection & Monitoring

Log Indicators:

  • Unusual network connections to Intel SUR service ports
  • Privilege escalation events in system logs
  • Failed authentication attempts followed by successful privileged actions

Network Indicators:

  • Unexpected network traffic to Intel SUR service default ports
  • Network scans targeting systems with Intel SUR

SIEM Query:

source="*" ("Intel SUR" OR port=*Intel_SUR_port*) AND (privilege_escalation OR unauthorized_access)

📊 Metadata

CVE ID: CVE-2022-29514
CVSS v3 Score: 7.7 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
Published: February 16, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON