A collection of vital vulnerabilities throughout a number of inside Intel web sites allowed for the whole exfiltration of the corporate’s world worker database and entry to confidential provider data.
The issues, stemming from fundamental safety oversights, uncovered the private particulars of over 270,000 Intel staff and employees.
The investigation from Eaton Works revealed that not less than 4 separate inside internet purposes contained extreme safety holes, together with client-side authentication bypasses, hardcoded credentials, and an absence of server-side validation.
These vulnerabilities offered 4 distinct pathways for an unauthorized consumer to obtain the complete worker database.
Some of the vital breaches concerned a web site for Intel India staff to order enterprise playing cards. The analysis found it was potential to bypass the company Microsoft Azure login immediate by making a easy modification to the positioning’s JavaScript.
As soon as previous the login, the researcher discovered an unauthenticated API that will situation a sound entry token. This token may then be used to question a “employee” API.
By eradicating the search filter from the API request, the system returned a virtually 1 GB JSON file containing the names, job roles, managers, telephone numbers, and mailbox addresses for Intel’s complete world workforce.
Hierarchy Homeowners
This sample of lax safety was repeated throughout different inside techniques. A “Product Hierarchy” administration web site contained hardcoded credentials for its backend providers.
The password, whereas encrypted, used a notoriously weak AES key—’1234567890123456’—making it trivial to decrypt. This offered a second technique to entry the identical worker database, Eaton Works mentioned.
Encryption
One other “Product Onboarding” web site, presumed for use for managing entries on Intel’s public ARK product database, contained a trove of hardcoded secrets and techniques, together with a number of API keys and even a GitHub private entry token.
The fourth main vulnerability was present in Intel’s Provider EHS IP Administration System (SEIMS), a portal for managing mental property with suppliers. The researcher bypassed the login by modifying the code that checked for a sound token.
From there, they gained administrative entry by manipulating API responses, permitting them to view confidential provider knowledge, together with particulars of non-disclosure agreements (NDAs).
Shockingly, the system’s backend APIs accepted a fabricated authorization token with the worth “Not Autorized”—a typo that highlighted an entire breakdown in server-side safety checks.
The researcher responsibly disclosed all findings to Intel starting on October 14, 2024. The corporate’s bug bounty program coverage excludes internet infrastructure from financial rewards, directing such experiences to a safety e mail inbox.
Whereas the researcher acquired solely an automatic reply and no direct communication, they confirmed that Intel remediated all of the reported vulnerabilities earlier than the usual 90-day disclosure interval ended.
E-mail response
Whereas no extremely delicate knowledge like social safety numbers or salaries had been uncovered, the breach of worker PII and confidential companion knowledge on such a large scale represents a major safety lapse for the know-how large.
Safely detonate suspicious information to uncover threats, enrich your investigations, and lower incident response time. Begin with an ANYRUN sandbox trial →
