VYPR

Intel(R) CSME

by Intel

CVEs (7)

  • CVE-2019-0153CriMay 17, 2019
    risk 0.64cvss 9.8epss 0.02

    Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

  • CVE-2020-0542HigJun 15, 2020
    risk 0.51cvss 7.8epss 0.00

    Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.

  • CVE-2019-0090HigMay 17, 2019
    risk 0.46cvss 7.1epss 0.00

    Insufficient access control vulnerability in subsystem for Intel(R) CSME before versions 11.x, 12.0.35 Intel(R) TXE 3.x, 4.x, Intel(R) Server Platform Services 3.x, 4.x, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable…

  • CVE-2023-32633MedMar 14, 2024
    risk 0.44cvss 6.7epss 0.00

    Improper input validation in the Intel(R) CSME installer software before version 2328.5.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-28389MedMar 14, 2024
    risk 0.44cvss 6.7epss 0.00

    Incorrect default permissions in some Intel(R) CSME installer software before version 2328.5.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2020-0541MedJun 15, 2020
    risk 0.44cvss 6.7epss 0.00

    Out-of-bounds write in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2020-0539MedJun 15, 2020
    risk 0.36cvss 5.5epss 0.00

    Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access.