VYPR

CSME

by Intel

CVEs (55)

  • CVE-2018-3655HigSep 12, 2018
    risk 0.47cvss 7.3epss 0.00

    A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical…

  • CVE-2018-3657MedSep 12, 2018
    risk 0.44cvss 6.7epss 0.01

    Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.

  • CVE-2025-20067MedAug 12, 2025
    risk 0.39cvss 6.0epss 0.00

    Observable timing discrepancy in firmware for some Intel(R) CSME and Intel(R) SPS may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2023-40067MedAug 14, 2024
    risk 0.37cvss 5.7epss 0.00

    Unchecked return value in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • CVE-2023-34424MedAug 14, 2024
    risk 0.29cvss 4.4epss 0.00

    Improper input validation in firmware for some Intel(R) CSME may allow a privileged user to potentially enable denial of service via local access.

  • CVE-2024-21844MedAug 14, 2024
    risk 0.28cvss 4.3epss 0.00

    Integer overflow in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable denial of service via adjacent access.

  • CVE-2023-48361LowAug 14, 2024
    risk 0.15cvss 2.3epss 0.00

    Improper initialization in firmware for some Intel(R) CSME may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2020-24506Jun 9, 2021
    risk 0.00cvss epss 0.00

    Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2020-8703Jun 9, 2021
    risk 0.00cvss epss 0.00

    Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2020-24516Jun 9, 2021
    risk 0.00cvss epss 0.00

    Modification of assumed-immutable data in subsystem in Intel(R) CSME versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • CVE-2020-8755Nov 12, 2020
    risk 0.00cvss epss 0.00

    Race condition in subsystem for Intel(R) CSME versions before 12.0.70 and 14.0.45, Intel(R) SPS versions before E5_04.01.04.400 and E3_05.01.04.200 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • CVE-2020-8761Nov 12, 2020
    risk 0.00cvss epss 0.00

    Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30.10 may allow an unauthenticated user to potentially enable information disclosure via physical access.

  • CVE-2020-8751Nov 12, 2020
    risk 0.00cvss epss 0.00

    Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, Intel(R) TXE versions before 3.1.80 may allow an unauthenticated user to potentially enable information disclosure via physical access.

  • CVE-2020-8756Nov 12, 2020
    risk 0.00cvss epss 0.00

    Improper input validation in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2020-12303Nov 12, 2020
    risk 0.00cvss epss 0.00

    Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access.

  • CVE-2020-8705Nov 12, 2020
    risk 0.00cvss epss 0.01

    Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30, Intel(R) SPS versions before E5_04.01.04.400,…

  • CVE-2020-8744Nov 12, 2020
    risk 0.00cvss epss 0.00

    Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 4.0.30 Intel(R) SPS versions before E3_05.01.04.200 may allow a privileged user to potentially enable escalation of privilege via…

  • CVE-2020-8745Nov 12, 2020
    risk 0.00cvss epss 0.00

    Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of…

  • CVE-2020-0539Jun 15, 2020
    risk 0.00cvss epss 0.00

    Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access.

  • CVE-2020-0545Jun 15, 2020
    risk 0.00cvss epss 0.00

    Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0,…

Page 1 of 3