Intel

Converged Security Management Engine Firmware

36 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2022-38102

  • EPSS 0.01%
  • Published 11.08.2023 03:15:14
  • Last modified 21.11.2024 07:15:47

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.

4.4

CVE-2020-0545

  • EPSS 0.12%
  • Published 15.06.2020 14:15:11
  • Last modified 21.11.2024 04:53:42

Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, S...

7.8

CVE-2020-0542

  • EPSS 0.07%
  • Published 15.06.2020 14:15:11
  • Last modified 21.11.2024 04:53:42

Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local acc...

6.7

CVE-2020-0541

  • EPSS 0.08%
  • Published 15.06.2020 14:15:11
  • Last modified 21.11.2024 04:53:42

Out-of-bounds write in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow a privileged user to potentially enable escalation of privilege via local access.

5.5

CVE-2020-0539

  • EPSS 0.05%
  • Published 15.06.2020 14:15:10
  • Last modified 21.11.2024 04:53:41

Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial...

7.5

CVE-2020-0536

  • EPSS 0.73%
  • Published 15.06.2020 14:15:10
  • Last modified 21.11.2024 04:53:41

Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and Intel(R) TXE versions before 3.1.75 and 4.0.25 may allow an unauthenticated user to potentially enable informat...

7.5

CVE-2020-0534

  • EPSS 0.92%
  • Published 15.06.2020 14:15:10
  • Last modified 21.11.2024 04:53:41

Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an unauthenticated user to potentially enable denial of service via network access.

6.7

CVE-2020-0533

  • EPSS 0.04%
  • Published 15.06.2020 14:15:10
  • Last modified 21.11.2024 04:53:41

Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.

6.7

CVE-2019-14598

  • EPSS 0.26%
  • Published 13.02.2020 19:15:13
  • Last modified 21.11.2024 04:27:00

Improper Authentication in subsystem in Intel(R) CSME versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10 may allow a privileged user to potentially enable escalation of privilege, denial of...

7.8

CVE-2019-11147

  • EPSS 0.28%
  • Published 18.12.2019 22:15:13
  • Last modified 21.11.2024 04:20:37

Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-0008...