Intel Outside: Hacking every Intel employee and various internal websites
6 days ago
- #intel
- #vulnerability
- #cybersecurity
- Bypassed corporate login on an internal business card ordering website to download details of over 270k Intel employees.
- Exploited hardcoded credentials on an internal 'Product Hierarchy' website to gain admin access and download employee details.
- Found weak encryption on an internal 'Product Onboarding' website, allowing access to employee data and admin privileges.
- Bypassed login on Intel’s SEIMS Supplier Site to access confidential supplier information and employee details.
- Discovered multiple hardcoded credentials and weak encryption methods across Intel’s internal systems.
- Intel’s bug bounty program did not cover web infrastructure vulnerabilities, limiting rewards for critical findings.
- All reported vulnerabilities were fixed by Intel, though communication was minimal.