CVE-2011-5174

EPSS 0.05%
Published 15.09.2012 17:55:05
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

Buffer overflow in Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) in Intel Q67 Express, C202, C204, C206 Chipsets, and Mobile Intel QM67, and QS67 Chipset before 2nd_gen_i5_i7_SINIT_51.BIN Express; Intel Q57, 3450 Chipsets and Mobile Intel QM57 and QS57 Express Chipset before i5_i7_DUAL_SINIT_51.BIN and i7_QUAD_SINIT_51.BIN; Mobile Intel GM45, GS45, and PM45 Express Chipset before GM45_GS45_PM45_SINIT_51.BIN; Intel Q35 Express Chipsets before Q35_SINIT_51.BIN; and Intel 5520, 5500, X58, and 7500 Chipsets before SINIT ACM 1.1 allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors.

Affected products Warnungen 0 Metrics 2 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Intel ≫ Sinit Authenticated Code Module Version <= 2nd_gen_i5_i7_sinit_1.9.bin

Intel ≫ C202 Chipset Version-

Intel ≫ C204 Chipset Version-

Intel ≫ C206 Chipset Version-

Intel ≫ Mobile Intel Qm67 Chipset Version-

Intel ≫ Mobile Intel Qs67 Chipset Version_express-

Intel ≫ Q67 Express Chipset Version-

Intel ≫ Sinit Authenticated Code Module Version <= i5_i7_dual_sinit_18.bin

Intel ≫ 3450 Chipset Version-

Intel ≫ Mobile Intel Qm57 Chipset Version-

Intel ≫ Mobile Intel Qs57 Express Chipset Version-

Intel ≫ Q57 Chipset Version-

Intel ≫ Sinit Authenticated Code Module Version <= i7_quad_sinit_20.bin

Intel ≫ 3450 Chipset Version-

Intel ≫ Mobile Intel Qm57 Chipset Version-

Intel ≫ Mobile Intel Qs57 Chipset Version-

Intel ≫ Q57 Chipset Version-

Intel ≫ Sinit Authenticated Code Module Version <= gm45_gs45_pm45_sinit_21.bin

Intel ≫ Mobile Intel Gm45 Chipset Version-

Intel ≫ Mobile Intel Gs45 Chipset Version-

Intel ≫ Mobile Intel Pm45 Express Chipset Version-

Intel ≫ Sinit Authenticated Code Module Version <= q35_sinit_18.bin

Intel ≫ Q35 Express Chipset Version-

Intel ≫ Sinit Authenticated Code Module Version <= 1.0

Intel ≫ 5500 Chipset Version-

Intel ≫ 5520 Chipset Version-

Intel ≫ 7500 Chipset Version-

Intel ≫ X58 Chipset Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.129

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://osvdb.org/77554

http://secunia.com/advisories/47096

Vendor Advisory

http://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00030&languageid=en-fr

http://theinvisiblethings.blogspot.com/2011/12/exploring-new-lands-on-intel-cpus-sinit.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/71625

https://nvd.nist.gov/vuln/detail/CVE-2011-5174

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-5174

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-5174

EUVD