VYPR

CSME

by Intel

CVEs (9)

  • CVE-2025-20067MedAug 12, 2025
    Intel
    CSME
    risk 0.39cvss 6.0epss 0.00

    Observable timing discrepancy in firmware for some Intel(R) CSME and Intel(R) SPS may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2023-40067MedAug 14, 2024
    Intel
    CSME
    risk 0.37cvss 5.7epss 0.00

    Unchecked return value in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • CVE-2023-34424MedAug 14, 2024
    Intel
    CSME
    risk 0.29cvss 4.4epss 0.00

    Improper input validation in firmware for some Intel(R) CSME may allow a privileged user to potentially enable denial of service via local access.

  • CVE-2024-21844MedAug 14, 2024
    Intel
    CSME
    risk 0.28cvss 4.3epss 0.00

    Integer overflow in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable denial of service via adjacent access.

  • CVE-2023-48361LowAug 14, 2024
    Intel
    CSME
    risk 0.15cvss 2.3epss 0.00

    Improper initialization in firmware for some Intel(R) CSME may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2018-12188Mar 14, 2019
    Intel
    CSME
    risk 0.00cvss epss 0.00

    Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access.

  • CVE-2018-12208Mar 14, 2019
    Intel
    CSME
    risk 0.00cvss epss 0.00

    Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute…

  • CVE-2018-3655Sep 12, 2018
    Intel
    Trusted Execution Engine Firmware
    risk 0.00cvss epss 0.00

    A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical…

  • CVE-2018-3659Sep 12, 2018
    Intel
    CSME
    risk 0.00cvss epss 0.01

    A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may allow an unauthenticated user to potentially disclose information via physical access.