PTA Issues Cyber Alert Against Intel Products

The Pakistan Telecommunication Authority (PTA) has issued a Cyber Security Advisory concerning multiple vulnerabilities detected in Intel products.

These vulnerabilities affect a range of Intel software and hardware, including Intel GPA Software, Intel GPA Framework Software, Intel Server Products UEFI Firmware, and Intel Server Board Onboard Video Driver Software. The advisory warns that the vulnerabilities could be exploited by locally authenticated attackers to gain elevated privileges or initiate a denial of service (DoS) attack.

According to the advisory, the vulnerabilities arise from various technical flaws such as incorrect default permissions, uncontrolled search paths, and improper input validation. The threat classification for these vulnerabilities is significant, with a high potential for local privilege escalation. The vulnerabilities have been assigned Common Vulnerabilities and Exposures (CVEs), which include several entries like CVE-2023-24460, CVE-2024-21788, and CVE-2023-41961, among others.

PTA has recommended several precautionary measures to mitigate the potential risks associated with these vulnerabilities. Among these, it has advised organizations to ensure that users operate with the least privileges required for their job functions to limit damage in case of an account compromise. Comprehensive monitoring systems should be implemented to detect unusual activities that could signal the exploitation of these vulnerabilities. Additionally, the advisory emphasizes limiting both physical and network access to affected Intel products to trusted personnel, while recommending the use of multi-factor authentication (MFA).

Further recommendations from the advisory include conducting regular security audits and vulnerability assessments to identify weaknesses that could be exploited. PTA also stressed the importance of user education, particularly in relation to the dangers of privilege escalation attacks. Users are urged to avoid reusing passwords and to be vigilant against phishing attempts, which can be a vector for such attacks.

In response to the vulnerabilities, PTA has advised the deployment of Host Intrusion Detection Systems (HIDS) to monitor critical files and directories for unauthorized changes. This would provide early warnings in case of an exploitation attempt. Any incidents or suspicious activities should be reported to PTA via its CERT Portal and email, enabling the authority to take further action.

Follow ProPakistani on Google News & scroll through your favourite content faster!

Support independent journalism

If you want to join us in our mission to share independent, global journalism to the world, we’d love to have you on our side. If you can, please support us on a monthly basis. It takes less than a minute to set up, and you can rest assured that you’re making a big impact every single month in support of open, independent journalism. Thank you.


  • Has PTA ever done anything useful. It should restore internet in full and take complete rest. This will be useful for the people as well as PTA.

  • Why should a telecom authority (REGULATOR) is concerned about hardware and it’s allied software? Even they are concerned what action can they take?


  • Get Alerts

    Follow ProPakistani to get latest news and updates.


    ProPakistani Community

    Join the groups below to get latest news and updates.



    >