Vulnerabilites related to intel - converged_security_management_engine_firmware
Vulnerability from fkie_nvd
Published
2019-12-18 22:15
Modified
2024-11-21 04:20
Severity ?
Summary
Logic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13.0.10 and 14.0.10 may allow a privileged user to potentially enable escalation of privilege and information disclosure via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BB1F8A4D-A2DF-44A8-BA4F-8868107C35A0", versionEndExcluding: "12.0.45", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "219FA251-B255-4CCC-9FAE-A36C542160E0", versionEndExcluding: "13.0.10", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6BBE6CE-6551-47F9-970D-9C85128EBCDC", versionEndExcluding: "14.0.10", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Logic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13.0.10 and 14.0.10 may allow a privileged user to potentially enable escalation of privilege and information disclosure via local access.", }, { lang: "es", value: "Un problema lógico en el subsistema para Intel® CSME versiones anteriores a 12.0.45, 13.0.10 y 14.0.10, puede permitir a un usuario privilegiado habilitar potencialmente una escalada de privilegios y una divulgación de información por medio de un acceso local.", }, ], id: "CVE-2019-11105", lastModified: "2024-11-21T04:20:32.803", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-18T22:15:12.783", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-15 14:15
Modified
2024-11-21 04:53
Severity ?
Summary
Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2CA2E306-9AEC-4767-9738-3EF0B833F896", versionEndExcluding: "11.8.77", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "299E26BE-7DB3-4D58-9C86-7634ACA11324", versionEndExcluding: "11.12.77", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E62CE07C-7068-4FE3-9268-0A551D397597", versionEndExcluding: "11.22.77", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:undefined", matchCriteriaId: "7A86A849-7161-4EA0-B1CF-4E74A55D2E67", versionEndExcluding: "12.0.64", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "51B0E191-66BD-49B1-B745-F63006AD2A6F", versionEndExcluding: "13.0.32", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "004EE62A-979B-4D9B-928D-B2558CE79B4E", versionEndExcluding: "14.0.33", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2ADFD0F7-45EE-4639-AB9D-CA36F7F18181", versionEndExcluding: "3.1.75", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6D84402A-0018-4632-984C-78F4D85609C3", versionEndExcluding: "4.0.25", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access.", }, { lang: "es", value: "Un salto de ruta en el subsistema para el software Intel® DAL para Intel® CSME versiones anteriores a 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 e Intel® TXE versiones anteriores 3.1.75, 4.0.25, puede permitir a un usuario poco privilegiado habilitar potencialmente una denegación de servicio por medio de un acceso local", }, ], id: "CVE-2020-0539", lastModified: "2024-11-21T04:53:41.967", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-15T14:15:10.970", references: [ { source: "secure@intel.com", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { source: "secure@intel.com", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-11 03:15
Modified
2024-11-21 06:59
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11BC4447-C51A-4FE3-9961-44C003DD5E87", versionEndExcluding: "11.12.94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:c232:-:*:*:*:*:*:*:*", matchCriteriaId: "4C3CC679-8CEE-41F9-8DD0-4B5B02D7BBF6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:c236:-:*:*:*:*:*:*:*", matchCriteriaId: "8D02651A-0F34-476D-B049-72C872464FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:c420:-:*:*:*:*:*:*:*", matchCriteriaId: "69ECA4C4-3A03-4C07-9461-63C84221CD80", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:c422:-:*:*:*:*:*:*:*", matchCriteriaId: "095F8957-9499-475C-8D68-A07A1140A4DE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:cm236:-:*:*:*:*:*:*:*", matchCriteriaId: "BAA5A85C-17B0-490F-853F-3451D2406F47", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:cm238:-:*:*:*:*:*:*:*", matchCriteriaId: "E1CA8160-27AD-4390-AF99-82CF31DDE94F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:x299:-:*:*:*:*:*:*:*", matchCriteriaId: "E20F674C-6522-42E4-85D9-B4C39A882D20", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "136B04D8-2CB6-47B0-9D6E-891DF57DA35B", versionEndExcluding: "11.8.94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:b150:-:*:*:*:*:*:*:*", matchCriteriaId: "E4A62BA8-3AE3-4339-97D3-4768A122C71C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:b250:-:*:*:*:*:*:*:*", matchCriteriaId: "6A2CDBC2-2B45-4E22-845A-EB8415D4C56D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8100:-:*:*:*:*:*:*:*", matchCriteriaId: "FD84789A-B7F4-493E-A3F6-D5287ACFEB98", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8100b:-:*:*:*:*:*:*:*", matchCriteriaId: "4A504EF6-8F7D-4839-B16D-FDCBD3B22287", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8100h:-:*:*:*:*:*:*:*", matchCriteriaId: "47B28199-5B9A-4AC4-9529-77A6FC591DC9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8100t:-:*:*:*:*:*:*:*", matchCriteriaId: "33B0B0C9-54ED-4D7E-B0F2-C87690056800", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8109u:-:*:*:*:*:*:*:*", matchCriteriaId: "E7DDCC11-A3DD-493E-AAFA-B50050FE3AC4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8130u:-:*:*:*:*:*:*:*", matchCriteriaId: "6287BCB7-8EFD-485E-B40E-AE6B9DB067DF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8140u:-:*:*:*:*:*:*:*", matchCriteriaId: "25227F52-7398-4E68-A973-B9177886BE0E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8145u:-:*:*:*:*:*:*:*", matchCriteriaId: "0D78093B-076C-48FB-A224-F94F5743ACF3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8145ue:-:*:*:*:*:*:*:*", matchCriteriaId: "B230FB82-C498-4118-97D3-3835CB713E87", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8300:-:*:*:*:*:*:*:*", matchCriteriaId: "F1DCD6D7-7FF2-419B-A41C-CF1FA830F289", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8300t:-:*:*:*:*:*:*:*", matchCriteriaId: "B8127E47-6082-4313-B310-1C6278471A21", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8350k:-:*:*:*:*:*:*:*", matchCriteriaId: "C14BA084-59CC-40E8-A62F-7AD1C9DD9283", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*", matchCriteriaId: "2AC12E92-33CB-4603-AC14-3351CE1D4E3A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*", matchCriteriaId: "6E62309E-1071-4569-8C9A-11748D629CAB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8250u:-:*:*:*:*:*:*:*", matchCriteriaId: "2DDA599F-09D5-4351-B7F5-351A2E04E091", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8257u:-:*:*:*:*:*:*:*", matchCriteriaId: "A205DBD9-A841-446A-8ED8-57989B806518", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8259u:-:*:*:*:*:*:*:*", matchCriteriaId: "D0D473E4-5EB1-434D-9D8F-C9365988EEAD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8260u:-:*:*:*:*:*:*:*", matchCriteriaId: "AFEF82DB-59F7-4530-B3CC-3D417CD519B3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*", matchCriteriaId: "6D3E166F-3D9F-4D0D-924A-147883598EA3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8269u:-:*:*:*:*:*:*:*", matchCriteriaId: "70D9D4EE-A6CA-4C9F-905F-27570858B5FE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8279u:-:*:*:*:*:*:*:*", matchCriteriaId: "73DA1253-1652-417A-BE27-586EF8ED59F8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8300h:-:*:*:*:*:*:*:*", matchCriteriaId: "8BD64BB5-CBC1-4862-BEE6-04FC53017976", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8305g:-:*:*:*:*:*:*:*", matchCriteriaId: "F4D55B9D-4BAB-4082-A33F-626E15229333", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*", matchCriteriaId: "71294A32-F3DD-45EA-A0FC-C3EA0351FA29", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8350u:-:*:*:*:*:*:*:*", matchCriteriaId: "4E920376-561D-4892-97A2-F4400223B3CA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*", matchCriteriaId: "C9054F35-AAB5-481E-B512-EDF4C3F2EA2F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8365ue:-:*:*:*:*:*:*:*", matchCriteriaId: "790A7B55-AD96-4B1C-A31A-C6778BFD5CC5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8400:-:*:*:*:*:*:*:*", matchCriteriaId: "9D350A92-3992-4464-84AB-960ABCA45698", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8400b:-:*:*:*:*:*:*:*", matchCriteriaId: "43DA2F8C-1C05-4447-A861-A33E81050F37", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8400h:-:*:*:*:*:*:*:*", matchCriteriaId: "4D9E3717-83D4-4C7B-9700-2ABDA6DDAD23", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8400t:-:*:*:*:*:*:*:*", matchCriteriaId: "AA341190-21EC-46FB-849D-F54AD3DFCF93", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8500:-:*:*:*:*:*:*:*", matchCriteriaId: "908629C1-FD27-4247-A33E-4F5E57DFF918", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8500b:-:*:*:*:*:*:*:*", matchCriteriaId: "7A98CDB0-BC13-4FB3-9DF2-56D9DCD9002F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8500t:-:*:*:*:*:*:*:*", matchCriteriaId: "C2AF0758-7F39-40C0-A174-4805AADACE14", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8600:-:*:*:*:*:*:*:*", matchCriteriaId: "D99484C0-1349-47EC-AFEB-5F7F281A514E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8600k:-:*:*:*:*:*:*:*", matchCriteriaId: "CF02D685-1E67-40E1-A858-000498D5D877", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8600t:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F74885-92EE-4F36-B4E1-5F1F8AD65F88", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7\\+8700:-:*:*:*:*:*:*:*", matchCriteriaId: "0EDCD661-394A-431F-84C2-0252ABD6F1B1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8086k:-:*:*:*:*:*:*:*", matchCriteriaId: "0304CBDA-AF3E-4F32-BF45-FD2199D1E025", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*", matchCriteriaId: "957F3AC9-D071-4932-B2C9-1643FB78BC7A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*", matchCriteriaId: "1395788D-E23B-433A-B111-745C55018C68", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8557u:-:*:*:*:*:*:*:*", matchCriteriaId: "05EA3461-021B-42CD-B4BD-4D2E8703DB93", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*", matchCriteriaId: "CB6774C8-431B-42AC-8955-02B529222372", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*", matchCriteriaId: "F41025AC-6EFE-4562-B1D1-BAB004875B06", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8569u:-:*:*:*:*:*:*:*", matchCriteriaId: "AC1ED81E-3D62-47FB-8FD4-B2732525C33C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*", matchCriteriaId: "AC82E058-25FE-4B6C-BA3C-AB043CFAB113", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*", matchCriteriaId: "34DD3CCB-91D5-48D6-80BC-CA643385BCE4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8665ue:-:*:*:*:*:*:*:*", matchCriteriaId: "41EB643A-7C3B-4017-A12C-FB48A4F6D9EF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8700:-:*:*:*:*:*:*:*", matchCriteriaId: "04076FFA-D74F-4501-9921-D8EBDF97CD20", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8700b:-:*:*:*:*:*:*:*", matchCriteriaId: "A4440FC7-F90C-44E0-B7FB-C88BC95EAB77", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8700k:-:*:*:*:*:*:*:*", matchCriteriaId: "B8846D3C-39C6-48BE-9643-ACC479416257", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8700t:-:*:*:*:*:*:*:*", matchCriteriaId: "07279DDB-B07D-4224-AA1C-24B4F3D63BB8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*", matchCriteriaId: "D4DDEFAF-EEC8-441D-82EF-ECF20B9496A4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*", matchCriteriaId: "F423BBE6-327A-40DC-8BCE-BF43600A68D5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*", matchCriteriaId: "08718840-D468-4E86-8FFF-A2B1841E6BF6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*", matchCriteriaId: "C9B77426-B579-43C6-9340-F291138ECD7A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*", matchCriteriaId: "DD0CF1E4-487A-4C61-AF4E-733D7ECBCFCC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8850h:-:*:*:*:*:*:*:*", matchCriteriaId: "DE776B91-9E25-48F5-A4F0-EB36B704AEBB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i9-8950hk:-:*:*:*:*:*:*:*", matchCriteriaId: "469D79CD-B627-4ACF-ABC7-0EAE5D41A005", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_m3-8100y:-:*:*:*:*:*:*:*", matchCriteriaId: "E5AFFC8B-3AC1-49B4-9A73-18A3EC928591", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h110:-:*:*:*:*:*:*:*", matchCriteriaId: "09271283-1681-4EB4-8BD3-DE01674D4D19", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h170:-:*:*:*:*:*:*:*", matchCriteriaId: "1B23A6C6-89CF-42CA-A3D0-E17EB8104BBE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h270:-:*:*:*:*:*:*:*", matchCriteriaId: "2715B64C-204D-4243-944E-434FDA366AA9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm170:-:*:*:*:*:*:*:*", matchCriteriaId: "B6CEAEB8-C0DD-4886-8EBB-D244A87338C7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm175:-:*:*:*:*:*:*:*", matchCriteriaId: "CDA12EE0-6877-431B-8CC9-9C7576444E64", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q150:-:*:*:*:*:*:*:*", matchCriteriaId: "73A05885-8AFD-4FFA-BE18-9CE24A1427B8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q170:-:*:*:*:*:*:*:*", matchCriteriaId: "B7BB0694-7F15-4784-97AA-9E9783B3702C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q250:-:*:*:*:*:*:*:*", matchCriteriaId: "C6E4C9D1-C1E8-43E1-88B8-76637A991EB1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q270:-:*:*:*:*:*:*:*", matchCriteriaId: "64E68EB4-7634-42AB-8DCD-8C87C86F78E1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:qm170:-:*:*:*:*:*:*:*", matchCriteriaId: "49495821-5D75-49F0-B2BB-2F73441731D1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:qm175:-:*:*:*:*:*:*:*", matchCriteriaId: "634DFA37-FE38-423B-92FA-01AAB0B389E3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:x299:-:*:*:*:*:*:*:*", matchCriteriaId: "E20F674C-6522-42E4-85D9-B4C39A882D20", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:z170:-:*:*:*:*:*:*:*", matchCriteriaId: "C6E0469E-FFC6-46BF-BB03-34326D1DBE19", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:z270:-:*:*:*:*:*:*:*", matchCriteriaId: "955612CC-223F-47C0-9D75-D71A39E61A3D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34D35636-BCC5-4C47-88E3-B8681CD79440", versionEndExcluding: "12.0.93", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:b360:-:*:*:*:*:*:*:*", matchCriteriaId: "0829C549-51C2-4029-9623-51D0C5470FBB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:b365:-:*:*:*:*:*:*:*", matchCriteriaId: "6CC7A911-2CFA-44B3-9B5D-824C02A92D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:c242:-:*:*:*:*:*:*:*", matchCriteriaId: "A7FDE41F-FF2A-42F0-AF4D-F57A28E377F4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:c246:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB420EA-D647-4272-8A96-2A09E70FAEAE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_4205u:-:*:*:*:*:*:*:*", matchCriteriaId: "6910BDD0-4968-45AE-AD19-3A1206F5D068", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_4305u:-:*:*:*:*:*:*:*", matchCriteriaId: "14C91CFB-C318-4F06-9A01-DCCEE2E901B4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_4305ue:-:*:*:*:*:*:*:*", matchCriteriaId: "F5C0F89F-0C58-44B8-A02C-50A97B086659", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:cm246:-:*:*:*:*:*:*:*", matchCriteriaId: "246F7FE9-0B21-4947-B6C2-6CA2DB1D7817", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8100:-:*:*:*:*:*:*:*", matchCriteriaId: "FD84789A-B7F4-493E-A3F6-D5287ACFEB98", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8100b:-:*:*:*:*:*:*:*", matchCriteriaId: "4A504EF6-8F7D-4839-B16D-FDCBD3B22287", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8100h:-:*:*:*:*:*:*:*", matchCriteriaId: "47B28199-5B9A-4AC4-9529-77A6FC591DC9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8100t:-:*:*:*:*:*:*:*", matchCriteriaId: "33B0B0C9-54ED-4D7E-B0F2-C87690056800", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8109u:-:*:*:*:*:*:*:*", matchCriteriaId: "E7DDCC11-A3DD-493E-AAFA-B50050FE3AC4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8130u:-:*:*:*:*:*:*:*", matchCriteriaId: "6287BCB7-8EFD-485E-B40E-AE6B9DB067DF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8140u:-:*:*:*:*:*:*:*", matchCriteriaId: "25227F52-7398-4E68-A973-B9177886BE0E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8145u:-:*:*:*:*:*:*:*", matchCriteriaId: "0D78093B-076C-48FB-A224-F94F5743ACF3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8145ue:-:*:*:*:*:*:*:*", matchCriteriaId: "B230FB82-C498-4118-97D3-3835CB713E87", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8300:-:*:*:*:*:*:*:*", matchCriteriaId: "F1DCD6D7-7FF2-419B-A41C-CF1FA830F289", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8300t:-:*:*:*:*:*:*:*", matchCriteriaId: "B8127E47-6082-4313-B310-1C6278471A21", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8350k:-:*:*:*:*:*:*:*", matchCriteriaId: "C14BA084-59CC-40E8-A62F-7AD1C9DD9283", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*", matchCriteriaId: "2AC12E92-33CB-4603-AC14-3351CE1D4E3A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*", matchCriteriaId: "6E62309E-1071-4569-8C9A-11748D629CAB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8250u:-:*:*:*:*:*:*:*", matchCriteriaId: "2DDA599F-09D5-4351-B7F5-351A2E04E091", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8257u:-:*:*:*:*:*:*:*", matchCriteriaId: "A205DBD9-A841-446A-8ED8-57989B806518", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8259u:-:*:*:*:*:*:*:*", matchCriteriaId: "D0D473E4-5EB1-434D-9D8F-C9365988EEAD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8260u:-:*:*:*:*:*:*:*", matchCriteriaId: "AFEF82DB-59F7-4530-B3CC-3D417CD519B3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*", matchCriteriaId: "6D3E166F-3D9F-4D0D-924A-147883598EA3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8269u:-:*:*:*:*:*:*:*", matchCriteriaId: "70D9D4EE-A6CA-4C9F-905F-27570858B5FE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8279u:-:*:*:*:*:*:*:*", matchCriteriaId: "73DA1253-1652-417A-BE27-586EF8ED59F8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8300h:-:*:*:*:*:*:*:*", matchCriteriaId: "8BD64BB5-CBC1-4862-BEE6-04FC53017976", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8305g:-:*:*:*:*:*:*:*", matchCriteriaId: "F4D55B9D-4BAB-4082-A33F-626E15229333", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*", matchCriteriaId: "71294A32-F3DD-45EA-A0FC-C3EA0351FA29", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8350u:-:*:*:*:*:*:*:*", matchCriteriaId: "4E920376-561D-4892-97A2-F4400223B3CA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*", matchCriteriaId: "C9054F35-AAB5-481E-B512-EDF4C3F2EA2F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8365ue:-:*:*:*:*:*:*:*", matchCriteriaId: "790A7B55-AD96-4B1C-A31A-C6778BFD5CC5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8400:-:*:*:*:*:*:*:*", matchCriteriaId: "9D350A92-3992-4464-84AB-960ABCA45698", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8400b:-:*:*:*:*:*:*:*", matchCriteriaId: "43DA2F8C-1C05-4447-A861-A33E81050F37", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8400h:-:*:*:*:*:*:*:*", matchCriteriaId: "4D9E3717-83D4-4C7B-9700-2ABDA6DDAD23", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8400t:-:*:*:*:*:*:*:*", matchCriteriaId: "AA341190-21EC-46FB-849D-F54AD3DFCF93", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8500:-:*:*:*:*:*:*:*", matchCriteriaId: "908629C1-FD27-4247-A33E-4F5E57DFF918", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8500b:-:*:*:*:*:*:*:*", matchCriteriaId: "7A98CDB0-BC13-4FB3-9DF2-56D9DCD9002F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8500t:-:*:*:*:*:*:*:*", matchCriteriaId: "C2AF0758-7F39-40C0-A174-4805AADACE14", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8600:-:*:*:*:*:*:*:*", matchCriteriaId: "D99484C0-1349-47EC-AFEB-5F7F281A514E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8600k:-:*:*:*:*:*:*:*", matchCriteriaId: "CF02D685-1E67-40E1-A858-000498D5D877", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8600t:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F74885-92EE-4F36-B4E1-5F1F8AD65F88", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7\\+8700:-:*:*:*:*:*:*:*", matchCriteriaId: "0EDCD661-394A-431F-84C2-0252ABD6F1B1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8086k:-:*:*:*:*:*:*:*", matchCriteriaId: "0304CBDA-AF3E-4F32-BF45-FD2199D1E025", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*", matchCriteriaId: "957F3AC9-D071-4932-B2C9-1643FB78BC7A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*", matchCriteriaId: "1395788D-E23B-433A-B111-745C55018C68", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8557u:-:*:*:*:*:*:*:*", matchCriteriaId: "05EA3461-021B-42CD-B4BD-4D2E8703DB93", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*", matchCriteriaId: "CB6774C8-431B-42AC-8955-02B529222372", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*", matchCriteriaId: "F41025AC-6EFE-4562-B1D1-BAB004875B06", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8569u:-:*:*:*:*:*:*:*", matchCriteriaId: "AC1ED81E-3D62-47FB-8FD4-B2732525C33C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*", matchCriteriaId: "AC82E058-25FE-4B6C-BA3C-AB043CFAB113", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*", matchCriteriaId: "34DD3CCB-91D5-48D6-80BC-CA643385BCE4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8665ue:-:*:*:*:*:*:*:*", matchCriteriaId: "41EB643A-7C3B-4017-A12C-FB48A4F6D9EF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8700:-:*:*:*:*:*:*:*", matchCriteriaId: "04076FFA-D74F-4501-9921-D8EBDF97CD20", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8700b:-:*:*:*:*:*:*:*", matchCriteriaId: "A4440FC7-F90C-44E0-B7FB-C88BC95EAB77", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8700k:-:*:*:*:*:*:*:*", matchCriteriaId: "B8846D3C-39C6-48BE-9643-ACC479416257", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8700t:-:*:*:*:*:*:*:*", matchCriteriaId: "07279DDB-B07D-4224-AA1C-24B4F3D63BB8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*", matchCriteriaId: "D4DDEFAF-EEC8-441D-82EF-ECF20B9496A4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*", matchCriteriaId: "F423BBE6-327A-40DC-8BCE-BF43600A68D5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*", matchCriteriaId: "08718840-D468-4E86-8FFF-A2B1841E6BF6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*", matchCriteriaId: "C9B77426-B579-43C6-9340-F291138ECD7A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*", matchCriteriaId: "DD0CF1E4-487A-4C61-AF4E-733D7ECBCFCC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8850h:-:*:*:*:*:*:*:*", matchCriteriaId: "DE776B91-9E25-48F5-A4F0-EB36B704AEBB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i9-8950hk:-:*:*:*:*:*:*:*", matchCriteriaId: "469D79CD-B627-4ACF-ABC7-0EAE5D41A005", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_m3-8100y:-:*:*:*:*:*:*:*", matchCriteriaId: "E5AFFC8B-3AC1-49B4-9A73-18A3EC928591", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h310:-:*:*:*:*:*:*:*", matchCriteriaId: "8DD64A3C-6925-4715-9D55-F1FC8AA0BB95", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h370:-:*:*:*:*:*:*:*", matchCriteriaId: "D7D83701-E7FF-41D3-ACC6-C78519E34FBD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm370:-:*:*:*:*:*:*:*", matchCriteriaId: "1893AF0C-A12E-4DDE-88D6-44A4318176D2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_gold_5405u:-:*:*:*:*:*:*:*", matchCriteriaId: "0D376C32-99BE-4DF4-A63D-2156D10EEA73", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q370:-:*:*:*:*:*:*:*", matchCriteriaId: "5CD6D64A-BC68-458E-810B-9EEDFD35817A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:qm370:-:*:*:*:*:*:*:*", matchCriteriaId: "205568C6-2BBB-4B1B-A609-5448F8B7E22E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:z370:-:*:*:*:*:*:*:*", matchCriteriaId: "DD09C370-3A22-4AFD-89D7-C35B152C4DE6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:z390:-:*:*:*:*:*:*:*", matchCriteriaId: "9379A170-4752-49F2-941D-75D88D385966", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "55DE4BD2-14AA-44EB-A031-644934344F67", versionEndExcluding: "14.1.70", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "180F0BC8-3FBB-4ADE-8679-169E4C308D00", versionEndExcluding: "14.5.50", versionStartIncluding: "14.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:b460:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB47F1D-AE3D-4F0E-AEFE-879140B47DD5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h410:-:*:*:*:*:*:*:*", matchCriteriaId: "BE191F8B-AC43-431E-87F7-46E2EF211D27", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h420e:-:*:*:*:*:*:*:*", matchCriteriaId: "C530D5AA-7480-45A7-BF06-45BF95B96B22", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h470:-:*:*:*:*:*:*:*", matchCriteriaId: "3D7E83B0-4902-40CF-9B24-3358846186E8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm470:-:*:*:*:*:*:*:*", matchCriteriaId: "A9AC90E6-DF0B-4370-825E-41E4986D30CE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q470:-:*:*:*:*:*:*:*", matchCriteriaId: "61E425A8-F0F9-4C38-B199-0A410F0D0270", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q470e:-:*:*:*:*:*:*:*", matchCriteriaId: "1F945B90-257C-4DCB-9CB3-F34C6F6529D3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:qm480:-:*:*:*:*:*:*:*", matchCriteriaId: "3D4ACE9D-B829-44BD-8124-30BD62E8F8B4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:w480:-:*:*:*:*:*:*:*", matchCriteriaId: "D5AE97F1-0236-4305-BC0B-253160262125", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:w480e:-:*:*:*:*:*:*:*", matchCriteriaId: "8621ECA8-A467-471E-A871-72EDD10BB2FF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:wm490:-:*:*:*:*:*:*:*", matchCriteriaId: "6AC3826E-7DA9-4A86-836F-7F3B32AEB3D2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:z490:-:*:*:*:*:*:*:*", matchCriteriaId: "D16ACC77-CE53-4897-BEF8-50CFE7AD56FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "59579717-55D1-402C-870F-3BED480A32CA", versionEndExcluding: "15.0.45", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:atom_x6200fe:-:*:*:*:*:*:*:*", matchCriteriaId: "89231773-9D9B-434A-A6A3-8527C4F6FEBB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6211e:-:*:*:*:*:*:*:*", matchCriteriaId: "A85EA674-2537-4323-AEDA-FA356489E7DE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6212re:-:*:*:*:*:*:*:*", matchCriteriaId: "F85599DD-3F80-4EB0-9753-D24EDD8D76CC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6214re:-:*:*:*:*:*:*:*", matchCriteriaId: "2D98929C-9560-40CF-8231-718B5BFF19EA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6413e:-:*:*:*:*:*:*:*", matchCriteriaId: "1B3348F4-8E2B-42BE-9F3A-48DFF5CE0047", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6414re:-:*:*:*:*:*:*:*", matchCriteriaId: "F1D7A0BC-7798-466E-B341-D371988FE6CA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6416re:-:*:*:*:*:*:*:*", matchCriteriaId: "8A8C0489-E31A-455A-AA64-3765074530F4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6425e:-:*:*:*:*:*:*:*", matchCriteriaId: "7F068F4F-8CCD-4218-871C-BEABEB0DAB55", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6425re:-:*:*:*:*:*:*:*", matchCriteriaId: "7313975C-41A5-4657-8758-1C16F947BE4C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6427fe:-:*:*:*:*:*:*:*", matchCriteriaId: "2FBE4406-9979-4723-833C-176F051E6389", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:b560:-:*:*:*:*:*:*:*", matchCriteriaId: "9FE930AA-59F7-43A7-9FF3-363CE72A6728", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:c252:-:*:*:*:*:*:*:*", matchCriteriaId: "F6E46116-6B73-4A65-A2AB-E238678B7E48", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:c256:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F281EE-3F33-406A-8FA0-43B3AB6BC35B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j1750:-:*:*:*:*:*:*:*", matchCriteriaId: "A2F55513-48F4-44EC-9293-2CA744FCE07B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j1800:-:*:*:*:*:*:*:*", matchCriteriaId: "51D52347-FA7F-4592-99E4-4C01D2833F35", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j1850:-:*:*:*:*:*:*:*", matchCriteriaId: "82EC9A22-4893-4770-A501-31D492DC7EC3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j1900:-:*:*:*:*:*:*:*", matchCriteriaId: "744EC990-7849-4BC1-BC75-1D64693645A4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3060:-:*:*:*:*:*:*:*", matchCriteriaId: "B949F28E-5C73-4222-973E-DC39325E9268", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3160:-:*:*:*:*:*:*:*", matchCriteriaId: "132E32FD-4A52-43AF-9C0A-75F299B4C93F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3355:-:*:*:*:*:*:*:*", matchCriteriaId: "7087FCA7-6D5C-45A5-B380-533915BC608A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3355e:-:*:*:*:*:*:*:*", matchCriteriaId: "85683891-11D4-47B1-834B-5E0380351E78", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3455:-:*:*:*:*:*:*:*", matchCriteriaId: "DBF2D89D-AC2D-4EAB-ADF3-66C25FE54E19", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3455e:-:*:*:*:*:*:*:*", matchCriteriaId: "03D778C7-F242-4A6A-9B62-A7C578D985FC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j4005:-:*:*:*:*:*:*:*", matchCriteriaId: "652EC574-B9B6-4747-AE72-39D1379A596B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j4025:-:*:*:*:*:*:*:*", matchCriteriaId: "522A9A57-B8D8-4C61-92E3-BE894A765C12", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j4105:-:*:*:*:*:*:*:*", matchCriteriaId: "A588BEB3-90B5-482E-B6C4-DC6529B0B4C4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j4125:-:*:*:*:*:*:*:*", matchCriteriaId: "826BAF04-E174-483D-8700-7FA1EAC4D555", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j6412:-:*:*:*:*:*:*:*", matchCriteriaId: "3D3162DD-BF40-4A58-8FC4-63B4455C0E51", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j6413:-:*:*:*:*:*:*:*", matchCriteriaId: "F7A8BF58-1D33-484A-951C-808443912BE8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2805:-:*:*:*:*:*:*:*", matchCriteriaId: "04CEC115-871B-4222-A3F8-6B1EE15E9A2C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2806:-:*:*:*:*:*:*:*", matchCriteriaId: "3FD0BD9D-F741-457D-9495-8BCC3707D098", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2807:-:*:*:*:*:*:*:*", matchCriteriaId: "B2935CEA-13CE-4F4C-84B1-0318FB6FE39A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2808:-:*:*:*:*:*:*:*", matchCriteriaId: "C3BB7241-F796-44A7-8171-B555A45FF852", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2810:-:*:*:*:*:*:*:*", matchCriteriaId: "5F967E7C-E56D-46B2-AEB8-1931FA324029", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2815:-:*:*:*:*:*:*:*", matchCriteriaId: "5D902C7F-DCE8-41ED-8E80-26DA251FBF36", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2820:-:*:*:*:*:*:*:*", matchCriteriaId: "71C505E0-3548-49BD-9B53-2A588FF29144", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2830:-:*:*:*:*:*:*:*", matchCriteriaId: "5E735023-A75C-48E3-AD6B-BB29CF95B17F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2840:-:*:*:*:*:*:*:*", matchCriteriaId: "3826FEBA-0B2E-403D-9A6A-0DA02FEF9A2B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2910:-:*:*:*:*:*:*:*", matchCriteriaId: "4080CDEF-3938-44D5-9737-6A9D72DB54B7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2920:-:*:*:*:*:*:*:*", matchCriteriaId: "A77976A7-6C2D-4E0B-A28B-06A23EEA0D68", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2930:-:*:*:*:*:*:*:*", matchCriteriaId: "A5600350-04CC-4481-AC47-9F98BEB9D258", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2940:-:*:*:*:*:*:*:*", matchCriteriaId: "A5A64D0A-D1C2-41B3-B51B-563263438CA8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3000:-:*:*:*:*:*:*:*", matchCriteriaId: "B57F4250-80C8-4612-97F6-2702D3F7DF25", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3010:-:*:*:*:*:*:*:*", matchCriteriaId: "7AA180B4-0EB8-4884-A600-BFAEB64A0A58", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3050:-:*:*:*:*:*:*:*", matchCriteriaId: "27D79952-8946-488A-8BD8-6129D97A8E34", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3060:-:*:*:*:*:*:*:*", matchCriteriaId: "6B17905A-95E2-4E60-8A0F-AA8ABAF9D523", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3150:-:*:*:*:*:*:*:*", matchCriteriaId: "752081F5-AE8D-4004-B564-863840AC52E1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3160:-:*:*:*:*:*:*:*", matchCriteriaId: "5375A75A-85AA-4119-9F6C-1AD9D2550F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3350:-:*:*:*:*:*:*:*", matchCriteriaId: "F5884F21-BAB5-4A45-8C72-C90D07BAECA8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3350e:-:*:*:*:*:*:*:*", matchCriteriaId: "EC2A2AC5-FA56-49F0-BA00-E96B10FEF889", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3450:-:*:*:*:*:*:*:*", matchCriteriaId: "B8FF7ADD-9E27-4A23-9714-5B76132C20BC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4000:-:*:*:*:*:*:*:*", matchCriteriaId: "C8771AB4-2F51-494D-8C86-3524BB4219C7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4020:-:*:*:*:*:*:*:*", matchCriteriaId: "6D7E822D-994F-410D-B13C-939449FFC293", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4100:-:*:*:*:*:*:*:*", matchCriteriaId: "AB5576F2-4914-427C-9518-ED7D16630CC5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4120:-:*:*:*:*:*:*:*", matchCriteriaId: "3ABB7C52-863F-4291-A05B-422EE9615FAE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4500:-:*:*:*:*:*:*:*", matchCriteriaId: "B54D15DF-53EA-4611-932A-EDB8279F582A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4505:-:*:*:*:*:*:*:*", matchCriteriaId: "BE7B5E21-2796-4578-998F-B03E26277DE7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n5100:-:*:*:*:*:*:*:*", matchCriteriaId: "96D6F5D3-3559-47AD-8201-C9D34417DC09", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n5105:-:*:*:*:*:*:*:*", matchCriteriaId: "AA455AC5-8434-4B59-BE89-E82CDACD2AEC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n6210:-:*:*:*:*:*:*:*", matchCriteriaId: "5D31CA93-6F45-4BCE-B504-35F6494B864C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n6211:-:*:*:*:*:*:*:*", matchCriteriaId: "406E9139-BCFF-406B-A856-57896D27B752", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h510:-:*:*:*:*:*:*:*", matchCriteriaId: "D67C6D6B-12F3-43A6-BB8D-DFE0B6483294", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h570:-:*:*:*:*:*:*:*", matchCriteriaId: "96F1DD9B-C078-41C5-88E0-DB7705E17742", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm570:-:*:*:*:*:*:*:*", matchCriteriaId: "9D9BD5A1-AD1F-4770-87EE-7F1804BA87A1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm570e:-:*:*:*:*:*:*:*", matchCriteriaId: "242BA56E-E8D0-4851-AA71-FECB9E102F87", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_j2850:-:*:*:*:*:*:*:*", matchCriteriaId: "1C43D202-D661-4042-9F68-0FA7EE73CFEE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_j2900:-:*:*:*:*:*:*:*", matchCriteriaId: "29ECACD3-E10C-4773-B847-8C1C097C45FA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_j3710:-:*:*:*:*:*:*:*", matchCriteriaId: "56C4EF86-84BF-48F4-88DE-8142A270D4A3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_j4205:-:*:*:*:*:*:*:*", matchCriteriaId: "B6585755-C56C-4910-A7D5-B2153396AC7A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_j6426:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F281-BA94-4239-8238-AA5EC804AE11", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n3510:-:*:*:*:*:*:*:*", matchCriteriaId: "A635B99E-A03F-488A-A01B-B390691EA03B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n3520:-:*:*:*:*:*:*:*", matchCriteriaId: "22EAE772-AFAC-4272-8129-B416B171490C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n3530:-:*:*:*:*:*:*:*", matchCriteriaId: "EDB3841D-3872-42BD-B0FB-E3E61813CA63", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n3540:-:*:*:*:*:*:*:*", matchCriteriaId: "C5DC1B8F-3F6C-49D8-BF5F-54146DE3E83C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n3700:-:*:*:*:*:*:*:*", matchCriteriaId: "A1A836B1-451E-4CEF-8A14-89FFB9289DD3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n3710:-:*:*:*:*:*:*:*", matchCriteriaId: "8BC51285-B40A-4BEA-9CFF-F3BC01B5BA80", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n4200:-:*:*:*:*:*:*:*", matchCriteriaId: "9A944A8C-462E-4FF9-8AD6-1687297DD0DE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n4200e:-:*:*:*:*:*:*:*", matchCriteriaId: "5378FE6C-251A-4BCD-B151-EA42B594DC37", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n6415:-:*:*:*:*:*:*:*", matchCriteriaId: "638FA431-71EA-4668-AFF2-989A4994ED12", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q570:-:*:*:*:*:*:*:*", matchCriteriaId: "44BCD8EB-D71A-4BD6-8D2D-AF2430F840C3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:qm580:-:*:*:*:*:*:*:*", matchCriteriaId: "61AB83BE-01F0-412B-98E9-B766884BF249", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:qm580e:-:*:*:*:*:*:*:*", matchCriteriaId: "8CDD634A-B6BA-452C-A6E0-18ADEFF81529", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:rm590e:-:*:*:*:*:*:*:*", matchCriteriaId: "E1C4E46E-5828-4EE6-9A95-8F4FE56AC156", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:w580:-:*:*:*:*:*:*:*", matchCriteriaId: "EE366EB3-BE96-4A01-9BD5-792B59163938", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:wm590:-:*:*:*:*:*:*:*", matchCriteriaId: "4158B9A6-ACBE-4A62-AA2C-9790F73C4C3C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:z590:-:*:*:*:*:*:*:*", matchCriteriaId: "89563A0F-CE7A-41C5-A8C7-9FC2D40F000A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E7317CB4-D0A7-4508-83AD-6C30CF407E96", versionEndExcluding: "16.1.27", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:b660:-:*:*:*:*:*:*:*", matchCriteriaId: "2576527C-0218-491F-871E-07A60A5E1C25", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h610:-:*:*:*:*:*:*:*", matchCriteriaId: "A68DECC9-072F-43C0-90EF-02E8BBC9AE4C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h610e:-:*:*:*:*:*:*:*", matchCriteriaId: "9B973879-DE48-4461-B543-98625EABCCE4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h670:-:*:*:*:*:*:*:*", matchCriteriaId: "BCF3A230-7824-4417-B5C4-E2D30ECBE3AE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm670:-:*:*:*:*:*:*:*", matchCriteriaId: "70675897-E01D-4217-82AE-EC15AE58390E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q670:-:*:*:*:*:*:*:*", matchCriteriaId: "B3DBB4E3-B863-4333-AC01-DB21416FCB94", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q670e:-:*:*:*:*:*:*:*", matchCriteriaId: "5B479403-BA34-426F-8DB6-61303C57F268", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r680e:-:*:*:*:*:*:*:*", matchCriteriaId: "F20D230F-E14A-4986-8746-168CC9C61AD0", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:w680:-:*:*:*:*:*:*:*", matchCriteriaId: "EF31448A-E935-4FFF-AF76-2B06EF71E229", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:wm690:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B7B7CD-63B7-4F80-A0A1-7C69F0868D1B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:z690:-:*:*:*:*:*:*:*", matchCriteriaId: "2D1C667A-A904-4707-BE7E-FF7530E0D716", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8309D34C-DC54-480B-81CF-180D99D7C74F", versionEndExcluding: "13.50.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:celeron_n2805:-:*:*:*:*:*:*:*", matchCriteriaId: "04CEC115-871B-4222-A3F8-6B1EE15E9A2C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2806:-:*:*:*:*:*:*:*", matchCriteriaId: "3FD0BD9D-F741-457D-9495-8BCC3707D098", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2807:-:*:*:*:*:*:*:*", matchCriteriaId: "B2935CEA-13CE-4F4C-84B1-0318FB6FE39A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2808:-:*:*:*:*:*:*:*", matchCriteriaId: "C3BB7241-F796-44A7-8171-B555A45FF852", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2810:-:*:*:*:*:*:*:*", matchCriteriaId: "5F967E7C-E56D-46B2-AEB8-1931FA324029", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2815:-:*:*:*:*:*:*:*", matchCriteriaId: "5D902C7F-DCE8-41ED-8E80-26DA251FBF36", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2820:-:*:*:*:*:*:*:*", matchCriteriaId: "71C505E0-3548-49BD-9B53-2A588FF29144", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2830:-:*:*:*:*:*:*:*", matchCriteriaId: "5E735023-A75C-48E3-AD6B-BB29CF95B17F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2840:-:*:*:*:*:*:*:*", matchCriteriaId: "3826FEBA-0B2E-403D-9A6A-0DA02FEF9A2B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2910:-:*:*:*:*:*:*:*", matchCriteriaId: "4080CDEF-3938-44D5-9737-6A9D72DB54B7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2920:-:*:*:*:*:*:*:*", matchCriteriaId: "A77976A7-6C2D-4E0B-A28B-06A23EEA0D68", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2930:-:*:*:*:*:*:*:*", matchCriteriaId: "A5600350-04CC-4481-AC47-9F98BEB9D258", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2940:-:*:*:*:*:*:*:*", matchCriteriaId: "A5A64D0A-D1C2-41B3-B51B-563263438CA8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3000:-:*:*:*:*:*:*:*", matchCriteriaId: "B57F4250-80C8-4612-97F6-2702D3F7DF25", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3010:-:*:*:*:*:*:*:*", matchCriteriaId: "7AA180B4-0EB8-4884-A600-BFAEB64A0A58", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3050:-:*:*:*:*:*:*:*", matchCriteriaId: "27D79952-8946-488A-8BD8-6129D97A8E34", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3060:-:*:*:*:*:*:*:*", matchCriteriaId: "6B17905A-95E2-4E60-8A0F-AA8ABAF9D523", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3150:-:*:*:*:*:*:*:*", matchCriteriaId: "752081F5-AE8D-4004-B564-863840AC52E1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3160:-:*:*:*:*:*:*:*", matchCriteriaId: "5375A75A-85AA-4119-9F6C-1AD9D2550F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3350:-:*:*:*:*:*:*:*", matchCriteriaId: "F5884F21-BAB5-4A45-8C72-C90D07BAECA8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3350e:-:*:*:*:*:*:*:*", matchCriteriaId: "EC2A2AC5-FA56-49F0-BA00-E96B10FEF889", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3450:-:*:*:*:*:*:*:*", matchCriteriaId: "B8FF7ADD-9E27-4A23-9714-5B76132C20BC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4000:-:*:*:*:*:*:*:*", matchCriteriaId: "C8771AB4-2F51-494D-8C86-3524BB4219C7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4020:-:*:*:*:*:*:*:*", matchCriteriaId: "6D7E822D-994F-410D-B13C-939449FFC293", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4100:-:*:*:*:*:*:*:*", matchCriteriaId: "AB5576F2-4914-427C-9518-ED7D16630CC5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4120:-:*:*:*:*:*:*:*", matchCriteriaId: "3ABB7C52-863F-4291-A05B-422EE9615FAE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4500:-:*:*:*:*:*:*:*", matchCriteriaId: "B54D15DF-53EA-4611-932A-EDB8279F582A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4505:-:*:*:*:*:*:*:*", matchCriteriaId: "BE7B5E21-2796-4578-998F-B03E26277DE7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n5100:-:*:*:*:*:*:*:*", matchCriteriaId: "96D6F5D3-3559-47AD-8201-C9D34417DC09", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n5105:-:*:*:*:*:*:*:*", matchCriteriaId: "AA455AC5-8434-4B59-BE89-E82CDACD2AEC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n6210:-:*:*:*:*:*:*:*", matchCriteriaId: "5D31CA93-6F45-4BCE-B504-35F6494B864C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n6211:-:*:*:*:*:*:*:*", matchCriteriaId: "406E9139-BCFF-406B-A856-57896D27B752", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D6704A4-E314-42A1-AF47-CF6CF3359A9E", versionEndExcluding: "13.30.35", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i3-l13g4:-:*:*:*:*:*:*:*", matchCriteriaId: "39FD6F9C-FEEA-4D52-8745-6477B50AFB0C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-l16g7:-:*:*:*:*:*:*:*", matchCriteriaId: "9A4FD69F-FF53-43F4-97C8-40867DB67958", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F770E30C-F4F6-4BF8-A040-09F5E6971633", versionEndExcluding: "13.0.65", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*", matchCriteriaId: "6DAA00D4-A8AA-44AA-9609-0A40BD4FB2E0", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*", matchCriteriaId: "EF64D95C-653A-4864-A572-CD0A64B6CDF3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*", matchCriteriaId: "30B2F570-1DD9-49C7-BB72-0EA0E9A417C4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10100:-:*:*:*:*:*:*:*", matchCriteriaId: "1DA9CBE9-CF87-495B-8D80-5DDDCD2044B6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10100e:-:*:*:*:*:*:*:*", matchCriteriaId: "7F751905-287E-47EA-93B8-2BA576052AAC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10100f:-:*:*:*:*:*:*:*", matchCriteriaId: "614B1B4E-E1D7-417F-86D1-92F75D597E36", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10100t:-:*:*:*:*:*:*:*", matchCriteriaId: "4BD11E86-B786-43C8-9B67-8F680CC30451", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10100te:-:*:*:*:*:*:*:*", matchCriteriaId: "3D740D69-83B6-4DBF-8617-9B1E96DFF4FE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10100y:-:*:*:*:*:*:*:*", matchCriteriaId: "A9963C9F-2D15-479A-A6C1-0C9863904B7E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10105:-:*:*:*:*:*:*:*", matchCriteriaId: "8BB09ACB-EFFF-4C2F-BEB5-AE1EEDC1EC2E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10105f:-:*:*:*:*:*:*:*", matchCriteriaId: "A8B15567-BFEA-43BE-9817-98A1F5548541", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10105t:-:*:*:*:*:*:*:*", matchCriteriaId: "984C7C7A-2F8E-4918-8526-64A080943E0E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10110u:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF0AFB-E9DC-4EA5-BFFF-48F896C655E0", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10110y:-:*:*:*:*:*:*:*", matchCriteriaId: "43454510-4BE7-4CD1-960D-AE1B36EFBEA5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10300:-:*:*:*:*:*:*:*", matchCriteriaId: "C7AFC285-2248-45E7-9009-1402628F17E4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10300t:-:*:*:*:*:*:*:*", matchCriteriaId: "078DAE1F-8581-44FB-83EA-575685928C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10305:-:*:*:*:*:*:*:*", matchCriteriaId: "887BEC29-AD0D-4BEB-B50B-F961629BBF23", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10305t:-:*:*:*:*:*:*:*", matchCriteriaId: "93859A03-DE41-4E7B-8646-93925ACBFC42", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10320:-:*:*:*:*:*:*:*", matchCriteriaId: "8FD8BD84-B6F9-48D5-8903-2C56C12EFFEE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-10325:-:*:*:*:*:*:*:*", matchCriteriaId: "9877F278-641B-4F83-B420-AB4E1018EA9E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10200h:-:*:*:*:*:*:*:*", matchCriteriaId: "DB69A6F1-9B4D-4CDA-8388-E7FCBB2163DB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*", matchCriteriaId: "71615EAF-4DF4-4B9E-BF34-6ED0371A53D7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*", matchCriteriaId: "376B6DD7-1284-4BD9-88A4-5C34303CC5D1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10300h:-:*:*:*:*:*:*:*", matchCriteriaId: "403E8A3A-28C2-4329-BF31-1A530E317959", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*", matchCriteriaId: "F5F6F725-217C-48FF-86DD-E91A24156121", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*", matchCriteriaId: "365696BF-CE3D-4CE6-92A8-413DDE43774E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10310u:-:*:*:*:*:*:*:*", matchCriteriaId: "D6F3DE58-EC72-429F-A223-F2027D2828AB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*", matchCriteriaId: "C8515D29-3823-4F9B-9578-8BB52336A2A7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*", matchCriteriaId: "BE048AEB-094D-4102-9DBF-488FEB53FF89", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*", matchCriteriaId: "3907FA31-6F1A-45BA-ACF3-1C8EE05D9BA0", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*", matchCriteriaId: "D48D9F5F-95BD-4F6B-8A37-D1CAA7D2DB25", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-1038ng7:-:*:*:*:*:*:*:*", matchCriteriaId: "2E6B9500-2C37-48D5-A0BA-A159D04AC6CD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10400:-:*:*:*:*:*:*:*", matchCriteriaId: "4BF497A0-30BC-42A4-A000-C0D564D4872A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10400f:-:*:*:*:*:*:*:*", matchCriteriaId: "B3025301-52D3-43D7-B6AB-F3F0A5C882DC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10400h:-:*:*:*:*:*:*:*", matchCriteriaId: "7B2A62F5-A8DF-4565-B89F-9C58B1FB8D94", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10400t:-:*:*:*:*:*:*:*", matchCriteriaId: "9466A6CC-8D69-4EB5-94E2-611297120462", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10500:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D116C4-698B-45BC-8622-87E142B37922", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10500e:-:*:*:*:*:*:*:*", matchCriteriaId: "9AFE4FE7-AA7E-425E-AF51-2FCB3E4E6C11", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10500h:-:*:*:*:*:*:*:*", matchCriteriaId: "4DCA6E61-F1C9-4629-9068-545B19CF95E1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10500t:-:*:*:*:*:*:*:*", matchCriteriaId: "36836EB0-99DD-4217-9182-1E9FC5656C42", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10500te:-:*:*:*:*:*:*:*", matchCriteriaId: "CD507601-CD6D-4F11-A4A7-790FB740B401", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10505:-:*:*:*:*:*:*:*", matchCriteriaId: "A8C26205-C602-46F6-B611-424709325D6C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10600:-:*:*:*:*:*:*:*", matchCriteriaId: "464587A0-9EAA-4DF5-AFEB-15F2FA9CD407", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10600k:-:*:*:*:*:*:*:*", matchCriteriaId: "1940F59A-67FD-45F9-9C78-51A50687628F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10600kf:-:*:*:*:*:*:*:*", matchCriteriaId: "4B722E2A-1262-44FD-8F7C-F9A9A5C78744", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-10600t:-:*:*:*:*:*:*:*", matchCriteriaId: "4DEFF6A7-0DE2-4BEE-80DC-BBAB259647AB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*", matchCriteriaId: "494A828B-F2BF-40CA-AAFB-7D2AF2BAF3AA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*", matchCriteriaId: "FD97F84B-ED73-4FFD-8634-10631FEE03EA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*", matchCriteriaId: "B6CDC1BE-6A64-425C-AF2C-7DFB28FB604A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-10610u:-:*:*:*:*:*:*:*", matchCriteriaId: "D974FFFD-BBCC-444C-9EF1-AE478EEDB6E2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*", matchCriteriaId: "2243674B-E505-4FED-B063-953A1569EA30", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-1068ng7:-:*:*:*:*:*:*:*", matchCriteriaId: "BA08C262-414E-401A-8F91-131626FA82A5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-10700:-:*:*:*:*:*:*:*", matchCriteriaId: "E1978F85-5BA5-468E-B797-7FA7EB4F489D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-10700e:-:*:*:*:*:*:*:*", matchCriteriaId: "B8D3D0CA-C981-4091-99F9-203DA8F156F2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-10700f:-:*:*:*:*:*:*:*", matchCriteriaId: "7EB23D0C-D2BC-4E7F-94AF-CAF171A64307", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-10700k:-:*:*:*:*:*:*:*", matchCriteriaId: "6CC9312B-40A7-4D4A-A61C-3BA865C29F63", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-10700kf:-:*:*:*:*:*:*:*", matchCriteriaId: "7EBECBE5-2BF0-4175-81CC-C6D054C819B2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-10700t:-:*:*:*:*:*:*:*", matchCriteriaId: "BB33CC4F-9D51-4A11-B063-6E78F0D71555", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-10700te:-:*:*:*:*:*:*:*", matchCriteriaId: "B7092B8E-DD3F-440D-B2AA-F0E5FC4A9725", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*", matchCriteriaId: "DA491401-C484-4F77-ABF8-D389C94BF7B7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-10750h:-:*:*:*:*:*:*:*", matchCriteriaId: "66F8B600-B618-48E1-81EE-14A8A843F09F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-10810u:-:*:*:*:*:*:*:*", matchCriteriaId: "42ADD367-82C8-4761-AEBA-A0200C5D1CEE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-10850h:-:*:*:*:*:*:*:*", matchCriteriaId: "4AF75C0E-BA48-4C56-8398-109D06B5A5D3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-10870h:-:*:*:*:*:*:*:*", matchCriteriaId: "25329A6F-9D49-4EA7-B9FB-8C2FA5343475", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-10875h:-:*:*:*:*:*:*:*", matchCriteriaId: "22921B65-513F-4ACE-80A2-4A31199BB5EF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i9-10850k:-:*:*:*:*:*:*:*", matchCriteriaId: "39F9F143-0AB4-4302-82B8-B4EA790EB08D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i9-10885h:-:*:*:*:*:*:*:*", matchCriteriaId: "FE73B0A0-E275-449D-8ADD-86AE188DE82A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i9-10900:-:*:*:*:*:*:*:*", matchCriteriaId: "CE06C64A-1610-4340-98CF-AC91258AB215", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i9-10900e:-:*:*:*:*:*:*:*", matchCriteriaId: "C27F79F3-EA0A-429C-8DA9-BC276A94AFB7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i9-10900f:-:*:*:*:*:*:*:*", matchCriteriaId: "B07609EB-E10B-4253-938E-81566036D81B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i9-10900k:-:*:*:*:*:*:*:*", matchCriteriaId: "C9B7AEF3-7A62-43B2-8F0C-70E5A2CDB29A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i9-10900kf:-:*:*:*:*:*:*:*", matchCriteriaId: "2CC44D69-AAAB-4524-9D12-F1A606D57831", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i9-10900t:-:*:*:*:*:*:*:*", matchCriteriaId: "D23D2887-1246-4EA4-B8B6-57BC7FB869E6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i9-10900te:-:*:*:*:*:*:*:*", matchCriteriaId: "BEFC46D5-B23D-4513-9669-4DC53662F87B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i9-10980hk:-:*:*:*:*:*:*:*", matchCriteriaId: "3D264277-00CB-4FCC-ADAA-38536609D0F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1ABE0238-FB80-410F-A9A6-97BA6F3AF6A2", versionEndExcluding: "11.22.94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_bronze_3104:-:*:*:*:*:*:*:*", matchCriteriaId: "5DB488DD-D97C-4E21-A055-E6CECBBBC34E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_bronze_3106:-:*:*:*:*:*:*:*", matchCriteriaId: "9DC12C97-9966-40E2-8B23-B4453EC9EA6A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_bronze_3204:-:*:*:*:*:*:*:*", matchCriteriaId: "E687CADE-6E49-4284-BD41-6CA2FDD846FC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_bronze_3206r:-:*:*:*:*:*:*:*", matchCriteriaId: "0A7540F0-7EB8-4F64-AA31-9AF3D79BEC46", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5115:-:*:*:*:*:*:*:*", matchCriteriaId: "DE862F15-69CC-488E-ABE8-1E23A5A1089F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5118:-:*:*:*:*:*:*:*", matchCriteriaId: "9087D09E-ADCB-478A-87FD-B7113FD29EFB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5119t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43E11E-5350-4DDB-A743-F84D4D2286D4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5120:-:*:*:*:*:*:*:*", matchCriteriaId: "5D64D1ED-A386-4475-99AB-7727DE67E1A2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5120t:-:*:*:*:*:*:*:*", matchCriteriaId: "6EFB4646-A5BA-4662-A47F-62407AFEDFF2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5122:-:*:*:*:*:*:*:*", matchCriteriaId: "29A923F6-E352-4752-B7D3-007FE1CAFE06", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5215:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA109ED-BC4D-4F70-81B2-3CE0E2B3D9DA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5215l:-:*:*:*:*:*:*:*", matchCriteriaId: "070C20AB-66F2-4EE2-8134-5E40DBB9B9E6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5217:-:*:*:*:*:*:*:*", matchCriteriaId: "9CA49CF7-C6BE-4337-A0A8-A603D8955EE9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5218:-:*:*:*:*:*:*:*", matchCriteriaId: "9C8F7F6B-847A-479D-B6B1-BBA331D06DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5218b:-:*:*:*:*:*:*:*", matchCriteriaId: "4C375A9D-C7CE-49A6-B08D-9CAB22E16D32", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5218n:-:*:*:*:*:*:*:*", matchCriteriaId: "AF8D06DC-6B8A-4B7B-BB3E-778D432CFEF1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5218r:-:*:*:*:*:*:*:*", matchCriteriaId: "E06531E6-126A-4FBB-BEBB-F9023C4738F1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5218t:-:*:*:*:*:*:*:*", matchCriteriaId: "93B8CDF0-1489-4E4C-B004-A22E06FC10D7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5220:-:*:*:*:*:*:*:*", matchCriteriaId: "A6ACF161-472E-4088-85C2-5940C9C88D45", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5220r:-:*:*:*:*:*:*:*", matchCriteriaId: "2E0B94F6-EC15-4C12-8BA5-CC6602A7A725", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5220s:-:*:*:*:*:*:*:*", matchCriteriaId: "067C65E5-5392-4DAF-A6BD-640D78C19CE1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5220t:-:*:*:*:*:*:*:*", matchCriteriaId: "A1647DAC-CED6-4DAF-8F82-A42D6D691DF0", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_5222:-:*:*:*:*:*:*:*", matchCriteriaId: "D93CC498-F558-4C2F-9E14-7897060CA9FE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6126:-:*:*:*:*:*:*:*", matchCriteriaId: "D609DB7E-AE80-48E0-B7B6-E622B6208ABF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6126f:-:*:*:*:*:*:*:*", matchCriteriaId: "A09C3656-AE49-4F26-BD28-B725E8C40304", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6126t:-:*:*:*:*:*:*:*", matchCriteriaId: "90F0D1EF-2FE1-498A-AE38-BF755A680E88", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6128:-:*:*:*:*:*:*:*", matchCriteriaId: "22243DEF-F01B-4774-AEC1-40D776E1167E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6130:-:*:*:*:*:*:*:*", matchCriteriaId: "25934425-944F-4B9A-8A16-F1DCBF3D5032", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6130f:-:*:*:*:*:*:*:*", matchCriteriaId: "6A5BC76B-A4FC-4702-A544-889E62F8509E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6130t:-:*:*:*:*:*:*:*", matchCriteriaId: "7F4E44C3-D29F-4057-AE12-BA19FFFF69E1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6132:-:*:*:*:*:*:*:*", matchCriteriaId: "383DCE68-3882-4274-AA4A-5E030530E4BA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6134:-:*:*:*:*:*:*:*", matchCriteriaId: "04EC7421-963C-43F7-9450-2E204BAFF1F1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6136:-:*:*:*:*:*:*:*", matchCriteriaId: "5E3AF74E-C719-4E55-959D-681174FFFB90", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6138:-:*:*:*:*:*:*:*", matchCriteriaId: "E290F38C-7A86-469D-9E6A-F0EC69DBE23A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6138f:-:*:*:*:*:*:*:*", matchCriteriaId: "6EF77397-85D0-4EC2-9887-2D0D9D253450", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6138p:-:*:*:*:*:*:*:*", matchCriteriaId: "9E9761E8-7978-4141-94B5-EEFE7C00BC9A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6138t:-:*:*:*:*:*:*:*", matchCriteriaId: "A003F1FD-33A0-40B8-B2DC-75B5DB62B2C8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6140:-:*:*:*:*:*:*:*", matchCriteriaId: "E921DEBA-3063-4639-9823-2FDDD8DEA793", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6142:-:*:*:*:*:*:*:*", matchCriteriaId: "CF44A7C9-834B-49DF-B1B6-B1575473179B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6142f:-:*:*:*:*:*:*:*", matchCriteriaId: "5983B72F-9194-47CB-B444-2ECC6360B686", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6144:-:*:*:*:*:*:*:*", matchCriteriaId: "09C7CDA3-7C4D-4884-BF36-A8EB2C80C6B4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6146:-:*:*:*:*:*:*:*", matchCriteriaId: "5E0E40BC-5745-4AB0-B991-61A0C63DB284", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6148:-:*:*:*:*:*:*:*", matchCriteriaId: "6E207648-E57F-4C43-8FDD-049BF9214664", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6148f:-:*:*:*:*:*:*:*", matchCriteriaId: "39EB131A-87DE-45FB-9025-B02EC28C4304", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6150:-:*:*:*:*:*:*:*", matchCriteriaId: "5AF30717-CBEF-42F9-AE0D-4F6A1877EA55", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6152:-:*:*:*:*:*:*:*", matchCriteriaId: "D99D0351-303B-4ABF-A7FD-734176095307", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6154:-:*:*:*:*:*:*:*", matchCriteriaId: "5B080431-626C-4A7B-AB37-47EE6811A5A0", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6208u:-:*:*:*:*:*:*:*", matchCriteriaId: "76D48CFC-1322-4C53-8B53-88E7ACC724BE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6209u:-:*:*:*:*:*:*:*", matchCriteriaId: "5F6456D0-32AE-44A9-9F63-AD64B5E49182", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6210u:-:*:*:*:*:*:*:*", matchCriteriaId: "38EA99F9-22C2-47ED-9DDD-928E19C4C51E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6212u:-:*:*:*:*:*:*:*", matchCriteriaId: "9F8867B2-F297-4D30-AD43-77B0F67FAE3E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6222v:-:*:*:*:*:*:*:*", matchCriteriaId: "178345A5-9A38-4C8F-B3BB-430276FA4998", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6226:-:*:*:*:*:*:*:*", matchCriteriaId: "831A7D63-4638-480C-94CB-ED06613BA75C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6226r:-:*:*:*:*:*:*:*", matchCriteriaId: "178D9E36-79EC-4672-8E46-0FD6597CA1CC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6230:-:*:*:*:*:*:*:*", matchCriteriaId: "EED0D492-ADAB-41ED-A283-024D3CED441F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6230n:-:*:*:*:*:*:*:*", matchCriteriaId: "2BBB5A97-EA4F-454C-819C-DE1CE7018E7A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6230r:-:*:*:*:*:*:*:*", matchCriteriaId: "D9733E69-E7CF-444C-B72C-AC8E5DEF2449", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6230t:-:*:*:*:*:*:*:*", matchCriteriaId: "0FD24563-9157-4DE1-95ED-D4E3E879219E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6234:-:*:*:*:*:*:*:*", matchCriteriaId: "F83F8602-6679-4B3C-BBDD-3BDB2B317F70", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6238:-:*:*:*:*:*:*:*", matchCriteriaId: "3CD3E45C-1943-42BA-9F6D-EA64D67BF954", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6238l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF7B4C84-1258-4F2F-B8A3-55353B3D13BA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6238r:-:*:*:*:*:*:*:*", matchCriteriaId: "9B27F755-4C38-4469-8A9D-C9266BDA53ED", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6238t:-:*:*:*:*:*:*:*", matchCriteriaId: "0E21977E-7085-46C5-8E89-F952C2EBCE04", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6240:-:*:*:*:*:*:*:*", matchCriteriaId: "DB72D13B-5880-4CB2-8E80-CB6A39B5A302", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6240l:-:*:*:*:*:*:*:*", matchCriteriaId: "02BCB7D2-4B68-4FF8-BFC9-06C39A708C62", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6240r:-:*:*:*:*:*:*:*", matchCriteriaId: "AAF31FBF-20FB-4B8A-ADE1-E29BB8B8A702", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6240y:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF7298E-BC07-4C42-8F9C-C3B0CDFC86C2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6242:-:*:*:*:*:*:*:*", matchCriteriaId: "0C8292CC-DACB-489A-BCB2-73DC2C6F944C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6242r:-:*:*:*:*:*:*:*", matchCriteriaId: "2D83AEDF-2671-4278-8088-BA517192AB3E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6244:-:*:*:*:*:*:*:*", matchCriteriaId: "BF72F37A-2F28-40E6-A84B-0E1DF63B1812", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6246:-:*:*:*:*:*:*:*", matchCriteriaId: "E8C1742C-96CC-4BCA-928E-D6B53ED2DB0E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6246r:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAE9CE6-DA95-40B0-AE65-656FA4603D1A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6248:-:*:*:*:*:*:*:*", matchCriteriaId: "CAD0B5C3-633D-4F2A-8D56-8FA83F1B581C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6248r:-:*:*:*:*:*:*:*", matchCriteriaId: "5241B3E0-F968-4B16-8BF8-191C6F7B224A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6250:-:*:*:*:*:*:*:*", matchCriteriaId: "5EFB52DD-5B7D-45BA-B249-A134D1B9EBD3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6250l:-:*:*:*:*:*:*:*", matchCriteriaId: "B82FC910-F3AB-42BF-9740-EC09F0AC179D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6252:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAE2B11-B0F5-415F-BD6B-E285EF9C9095", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6252n:-:*:*:*:*:*:*:*", matchCriteriaId: "3BA58EFB-7672-4902-ABC1-65217AA617AD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6254:-:*:*:*:*:*:*:*", matchCriteriaId: "96E2764D-7D6A-4CE0-A628-FFE966A6462F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6256:-:*:*:*:*:*:*:*", matchCriteriaId: "1D66D18C-17F2-4259-B1D8-7C63797A024C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6258r:-:*:*:*:*:*:*:*", matchCriteriaId: "25C8DFB5-9D8B-4370-849A-DC061910E54F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_gold_6262v:-:*:*:*:*:*:*:*", matchCriteriaId: "0B704835-1250-44E1-923C-5DE2F4DD25D0", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8153:-:*:*:*:*:*:*:*", matchCriteriaId: "9236F094-B913-43F2-B703-CE33B9CEBA0F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8156:-:*:*:*:*:*:*:*", matchCriteriaId: "E45FA170-5BBD-45FC-ABDF-FF0FAE58A50E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8158:-:*:*:*:*:*:*:*", matchCriteriaId: "345FF353-FE25-41F4-97EC-FF32BE2796EA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8160:-:*:*:*:*:*:*:*", matchCriteriaId: "68A9AD79-9B4B-4EE8-810B-359901C3540C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8160f:-:*:*:*:*:*:*:*", matchCriteriaId: "BFD4F26B-8589-4BB0-8FC1-9F51E3B477F7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8160t:-:*:*:*:*:*:*:*", matchCriteriaId: "19BF77DA-E159-4336-A552-B22BE437670D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8164:-:*:*:*:*:*:*:*", matchCriteriaId: "E86CCC45-270E-4760-A7E9-D39C74C00FCF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8168:-:*:*:*:*:*:*:*", matchCriteriaId: "C105930C-D2BB-4FA1-B5D1-882D90D867C3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8170:-:*:*:*:*:*:*:*", matchCriteriaId: "45227E88-ACFF-43A5-AF45-C6542A6EF681", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8176:-:*:*:*:*:*:*:*", matchCriteriaId: "5FA2030D-CEAF-46BF-9669-19EAD541BDB6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8176f:-:*:*:*:*:*:*:*", matchCriteriaId: "1612AE8A-3165-47A3-AEA8-65F4156C48BA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8180:-:*:*:*:*:*:*:*", matchCriteriaId: "C5168E40-DF2F-4E39-8B5E-9659EBBB99A3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:*", matchCriteriaId: "94A6DA7A-7C97-40E1-B31A-B92BB658C429", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:*", matchCriteriaId: "54AF128B-9984-4C91-B7F6-968DE376C3BE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:*", matchCriteriaId: "28B167F1-63FA-4C86-84AB-836ABF84E6E3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8260l:-:*:*:*:*:*:*:*", matchCriteriaId: "955420F9-3A3F-40E0-9940-DD43C5C78D62", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8260y:-:*:*:*:*:*:*:*", matchCriteriaId: "BC4A437C-6C00-4729-91CC-D27EB3542633", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8268:-:*:*:*:*:*:*:*", matchCriteriaId: "74ED727D-B1A9-4F4B-92C7-3F00F3A80013", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8270:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C24951-B3FA-48E6-AFAC-6CA0D2348230", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:*", matchCriteriaId: "185E8FBC-9EE9-472E-867B-0B0DEEECA13E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:*", matchCriteriaId: "AB3C00A0-C28A-46EB-853D-DAE3819399D9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8280:-:*:*:*:*:*:*:*", matchCriteriaId: "0951DB50-AC8E-4C17-A2A9-DD4A198C4DD2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CAB607-87B2-49F4-9FAB-662D5EA3D11C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_9221:-:*:*:*:*:*:*:*", matchCriteriaId: "DBC93757-5FD7-403D-B5ED-CC8793002352", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_9222:-:*:*:*:*:*:*:*", matchCriteriaId: "0A7019D4-58E0-4B73-93B8-D3B0E86BF2D4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_9242:-:*:*:*:*:*:*:*", matchCriteriaId: "6DF8D8C4-29EA-4D09-87AB-A570403BA0E6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_platinum_9282:-:*:*:*:*:*:*:*", matchCriteriaId: "89421EC5-52E5-441F-AD3B-5C5E964F836D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4108:-:*:*:*:*:*:*:*", matchCriteriaId: "2117880B-FDD4-4A90-B29B-6D840D26645D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4109t:-:*:*:*:*:*:*:*", matchCriteriaId: "E8EED1D9-75CC-41E9-9C0C-C648E0717024", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "BDB43A67-9DD7-49E6-BA77-220120C90700", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "0D3413CB-86D3-4684-B651-DBACC0660E76", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4114:-:*:*:*:*:*:*:*", matchCriteriaId: "FB677676-E793-4158-BF53-3F5ECCECE203", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4114t:-:*:*:*:*:*:*:*", matchCriteriaId: "F32E6092-1AF6-499F-B176-F575E766E8F3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4116:-:*:*:*:*:*:*:*", matchCriteriaId: "E524AFD4-2D9F-4A4B-82F4-13BCDE99041E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4116t:-:*:*:*:*:*:*:*", matchCriteriaId: "39F309BC-6F31-490C-982B-14F9319276F2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4208:-:*:*:*:*:*:*:*", matchCriteriaId: "FA909754-B60A-4B30-AF42-4C8734E155AF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4209t:-:*:*:*:*:*:*:*", matchCriteriaId: "EBEFB056-0872-434B-9630-28A1AAEAD470", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4210:-:*:*:*:*:*:*:*", matchCriteriaId: "21A62CB9-FB01-45CB-9E10-E72D87C0E1F1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4210r:-:*:*:*:*:*:*:*", matchCriteriaId: "CD8EBFCC-AD76-4285-93BD-D14219C6EA5D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4210t:-:*:*:*:*:*:*:*", matchCriteriaId: "7FF7E334-6DC7-44B5-A102-649A68300C80", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:*", matchCriteriaId: "E1B4F7FE-61A3-417A-BAA9-E686A76F3A94", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4214r:-:*:*:*:*:*:*:*", matchCriteriaId: "9DE4C87E-CB23-4804-9BBD-2533C5E1D6D4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4214y:-:*:*:*:*:*:*:*", matchCriteriaId: "7305838B-84CA-4BB8-A350-B2D2844F1041", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4215:-:*:*:*:*:*:*:*", matchCriteriaId: "D356D196-8AB0-4387-A644-C5E68174A60C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4215r:-:*:*:*:*:*:*:*", matchCriteriaId: "89587A92-6234-40C3-83DB-F72319FFBC79", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_silver_4216:-:*:*:*:*:*:*:*", matchCriteriaId: "4F50C03E-CBEB-4738-BDF4-DC296CE9DFA7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w-3175x:-:*:*:*:*:*:*:*", matchCriteriaId: "E50CC669-9555-45E9-A43B-05A21FB040E1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w-3223:-:*:*:*:*:*:*:*", matchCriteriaId: "ADA1FA19-A836-4D6A-8C2D-718ECE6866D2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w-3225:-:*:*:*:*:*:*:*", matchCriteriaId: "3ECEBDB0-2E0A-416B-9737-82C1FC65A06C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w-3235:-:*:*:*:*:*:*:*", matchCriteriaId: "C39B6A99-7060-4011-8FA3-E5ABE5C02813", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w-3245:-:*:*:*:*:*:*:*", matchCriteriaId: "DF9E723E-1095-424E-A90D-380CA0D2795E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w-3245m:-:*:*:*:*:*:*:*", matchCriteriaId: "35380FB9-90FF-405F-8E2E-01C1DD209540", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w-3265:-:*:*:*:*:*:*:*", matchCriteriaId: "2215D655-0EA9-4530-AB68-7B1C7360D692", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w-3265m:-:*:*:*:*:*:*:*", matchCriteriaId: "020B6FED-EAE2-478C-8FF4-CB75F24E9A9D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w-3275:-:*:*:*:*:*:*:*", matchCriteriaId: "AE519C62-F5BB-461C-91EF-2979CD506C63", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w-3275m:-:*:*:*:*:*:*:*", matchCriteriaId: "F693457C-3529-4E62-A672-1B862F235D0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC397B31-665E-4269-8EBB-D6587EA96DCF", versionEndExcluding: "4.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:celeron_j4005:-:*:*:*:*:*:*:*", matchCriteriaId: "652EC574-B9B6-4747-AE72-39D1379A596B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j4025:-:*:*:*:*:*:*:*", matchCriteriaId: "522A9A57-B8D8-4C61-92E3-BE894A765C12", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j4105:-:*:*:*:*:*:*:*", matchCriteriaId: "A588BEB3-90B5-482E-B6C4-DC6529B0B4C4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j4125:-:*:*:*:*:*:*:*", matchCriteriaId: "826BAF04-E174-483D-8700-7FA1EAC4D555", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4000:-:*:*:*:*:*:*:*", matchCriteriaId: "C8771AB4-2F51-494D-8C86-3524BB4219C7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4020:-:*:*:*:*:*:*:*", matchCriteriaId: "6D7E822D-994F-410D-B13C-939449FFC293", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4100:-:*:*:*:*:*:*:*", matchCriteriaId: "AB5576F2-4914-427C-9518-ED7D16630CC5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4120:-:*:*:*:*:*:*:*", matchCriteriaId: "3ABB7C52-863F-4291-A05B-422EE9615FAE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4500:-:*:*:*:*:*:*:*", matchCriteriaId: "B54D15DF-53EA-4611-932A-EDB8279F582A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4505:-:*:*:*:*:*:*:*", matchCriteriaId: "BE7B5E21-2796-4578-998F-B03E26277DE7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n5095:-:*:*:*:*:*:*:*", matchCriteriaId: "77D279BF-5561-4B83-B05C-77597339ECB4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n5100:-:*:*:*:*:*:*:*", matchCriteriaId: "96D6F5D3-3559-47AD-8201-C9D34417DC09", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n5105:-:*:*:*:*:*:*:*", matchCriteriaId: "AA455AC5-8434-4B59-BE89-E82CDACD2AEC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_j4205:-:*:*:*:*:*:*:*", matchCriteriaId: "B6585755-C56C-4910-A7D5-B2153396AC7A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n4200:-:*:*:*:*:*:*:*", matchCriteriaId: "9A944A8C-462E-4FF9-8AD6-1687297DD0DE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n4200e:-:*:*:*:*:*:*:*", matchCriteriaId: "5378FE6C-251A-4BCD-B151-EA42B594DC37", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_silver_j5005:-:*:*:*:*:*:*:*", matchCriteriaId: "EC903FA4-2C4E-4EBB-8BFA-579844B87354", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_silver_j5040:-:*:*:*:*:*:*:*", matchCriteriaId: "667F2E6C-C2FD-4E4B-9CC4-2EF33A74F61B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC1B37EB-660D-431E-B852-AE4392186C4B", versionEndExcluding: "3.1.94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*", matchCriteriaId: "454AC633-5F1C-47BB-8FA7-91A5C29A1DD5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*", matchCriteriaId: "A2394E8C-58D9-480B-87A7-A41CD7697FC6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*", matchCriteriaId: "1B9AC02B-D3AE-4FAF-836E-55515186A462", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3060:-:*:*:*:*:*:*:*", matchCriteriaId: "B949F28E-5C73-4222-973E-DC39325E9268", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3160:-:*:*:*:*:*:*:*", matchCriteriaId: "132E32FD-4A52-43AF-9C0A-75F299B4C93F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3355:-:*:*:*:*:*:*:*", matchCriteriaId: "7087FCA7-6D5C-45A5-B380-533915BC608A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3355e:-:*:*:*:*:*:*:*", matchCriteriaId: "85683891-11D4-47B1-834B-5E0380351E78", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3455:-:*:*:*:*:*:*:*", matchCriteriaId: "DBF2D89D-AC2D-4EAB-ADF3-66C25FE54E19", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3455e:-:*:*:*:*:*:*:*", matchCriteriaId: "03D778C7-F242-4A6A-9B62-A7C578D985FC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3000:-:*:*:*:*:*:*:*", matchCriteriaId: "B57F4250-80C8-4612-97F6-2702D3F7DF25", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3010:-:*:*:*:*:*:*:*", matchCriteriaId: "7AA180B4-0EB8-4884-A600-BFAEB64A0A58", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3050:-:*:*:*:*:*:*:*", matchCriteriaId: "27D79952-8946-488A-8BD8-6129D97A8E34", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3060:-:*:*:*:*:*:*:*", matchCriteriaId: "6B17905A-95E2-4E60-8A0F-AA8ABAF9D523", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3150:-:*:*:*:*:*:*:*", matchCriteriaId: "752081F5-AE8D-4004-B564-863840AC52E1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3160:-:*:*:*:*:*:*:*", matchCriteriaId: "5375A75A-85AA-4119-9F6C-1AD9D2550F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3350:-:*:*:*:*:*:*:*", matchCriteriaId: "F5884F21-BAB5-4A45-8C72-C90D07BAECA8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3350e:-:*:*:*:*:*:*:*", matchCriteriaId: "EC2A2AC5-FA56-49F0-BA00-E96B10FEF889", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3450:-:*:*:*:*:*:*:*", matchCriteriaId: "B8FF7ADD-9E27-4A23-9714-5B76132C20BC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3520:-:*:*:*:*:*:*:*", matchCriteriaId: "F784ABD5-3B08-4D87-9AAD-B68C1B5CC667", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3700:-:*:*:*:*:*:*:*", matchCriteriaId: "CBEDA58C-BD03-4D92-9136-4BB668619D28", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_j4205:-:*:*:*:*:*:*:*", matchCriteriaId: "B6585755-C56C-4910-A7D5-B2153396AC7A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n4200:-:*:*:*:*:*:*:*", matchCriteriaId: "9A944A8C-462E-4FF9-8AD6-1687297DD0DE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n4200e:-:*:*:*:*:*:*:*", matchCriteriaId: "5378FE6C-251A-4BCD-B151-EA42B594DC37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, { lang: "es", value: "Un control de acceso inadecuado en el instalador del software Intel(R) CSME anterior a la versión 2239.3.7.0 puede permitir que un usuario autenticado habilite potencialmente una escalada de privilegios mediante acceso local.", }, ], id: "CVE-2022-29871", lastModified: "2024-11-21T06:59:51.653", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "secure@intel.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-08-11T03:15:12.350", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", }, { source: "secure@intel.com", url: "https://security.netapp.com/advisory/ntap-20230824-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20230824-0002/", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "secure@intel.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-863", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-14 20:29
Modified
2024-11-21 03:44
Severity ?
Summary
Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89FAC2D9-E921-4F45-B786-0902B310C2A3", versionEndExcluding: "11.8.60", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB85F0E9-95F9-452C-AAAF-0C8CCCE76C59", versionEndExcluding: "11.11.60", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A44D8E6-445C-475D-BB1A-75C03AEE940B", versionEndExcluding: "11.22.60", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91671FB7-F021-4781-9CBD-E7B66727B747", versionEndExcluding: "12.0.20", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3029FF22-3BD0-41A7-BBF9-E6183DF2BD31", versionEndExcluding: "3.1.60", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "916A348F-144A-4A81-B93F-D3422A662D09", versionEndExcluding: "4.0.10", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access.", }, { lang: "es", value: "Desbordamiento de búfer en un componente del sistema operativo de Intel CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20; o Intel TXE, en versiones anteriores a la 3.1.60 o 4.0.10, podría permitir que un usuario privilegiado pueda ejecutar código arbitrario mediante acceso físico.", }, ], id: "CVE-2018-12199", lastModified: "2024-11-21T03:44:44.273", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.3, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-14T20:29:00.600", references: [ { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-14 20:29
Modified
2024-11-21 03:44
Severity ?
Summary
Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89FAC2D9-E921-4F45-B786-0902B310C2A3", versionEndExcluding: "11.8.60", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB85F0E9-95F9-452C-AAAF-0C8CCCE76C59", versionEndExcluding: "11.11.60", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A44D8E6-445C-475D-BB1A-75C03AEE940B", versionEndExcluding: "11.22.60", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91671FB7-F021-4781-9CBD-E7B66727B747", versionEndExcluding: "12.0.20", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:server_platform_services_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "667510F9-E5BA-48EB-8525-F11B2148634B", versionEndExcluding: "4.00.04.383", versionStartIncluding: "4.00.04.367", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:server_platform_services_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A04EBC6A-F5B0-428B-9094-C9BE3D2F2E42", versionEndExcluding: "4.01.02.174", versionStartIncluding: "4.01.00.152.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3029FF22-3BD0-41A7-BBF9-E6183DF2BD31", versionEndExcluding: "3.1.60", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "916A348F-144A-4A81-B93F-D3422A662D09", versionEndExcluding: "4.0.10", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.", }, { lang: "es", value: "La comprobación de límites en el subsistema del kernel en Intel CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20; o Intel(R) Server Platform Services, en versiones anteriores a la 4.00.04.383 o SPS 4.01.02.174; o Intel(R) TXE, en versiones anteriores a la 3.1.60 o 4.0.10, podría permitir que un usuario no autenticado pueda ejecutar código arbitrario mediante acceso físico.", }, ], id: "CVE-2018-12191", lastModified: "2024-11-21T03:44:43.640", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-14T20:29:00.460", references: [ { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-18 22:15
Modified
2024-11-21 04:20
Severity ?
Summary
Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BB1F8A4D-A2DF-44A8-BA4F-8868107C35A0", versionEndExcluding: "12.0.45", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "219FA251-B255-4CCC-9FAE-A36C542160E0", versionEndExcluding: "13.0.10", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6BBE6CE-6551-47F9-970D-9C85128EBCDC", versionEndExcluding: "14.0.10", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, { lang: "es", value: "Una comprobación de entrada insuficiente en el software de actualización de firmware para Intel® CSME versiones anteriores a 12.0.45,13.0.10 y 14.0.10, puede permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso local.", }, ], id: "CVE-2019-11103", lastModified: "2024-11-21T04:20:32.547", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-18T22:15:12.643", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-15 14:15
Modified
2024-11-21 04:53
Severity ?
Summary
Out-of-bounds write in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:undefined", matchCriteriaId: "7A86A849-7161-4EA0-B1CF-4E74A55D2E67", versionEndExcluding: "12.0.64", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "51B0E191-66BD-49B1-B745-F63006AD2A6F", versionEndExcluding: "13.0.32", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "004EE62A-979B-4D9B-928D-B2558CE79B4E", versionEndExcluding: "14.0.33", versionStartIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:14.5.11:*:*:*:*:*:*:*", matchCriteriaId: "9FB809FC-A7A5-4513-AD89-BB32DCAEF8FF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Out-of-bounds write in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow a privileged user to potentially enable escalation of privilege via local access.", }, { lang: "es", value: "Una escritura fuera de límites en el subsistema para Intel® CSME versiones anteriores a 12.0.64, 13.0.32, 14.0.33 y 14.5.12, puede permitir a un usuario privilegiado habilitar una escalada de privilegios por medio de un acceso local", }, ], id: "CVE-2020-0541", lastModified: "2024-11-21T04:53:42.197", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-15T14:15:11.080", references: [ { source: "secure@intel.com", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { source: "secure@intel.com", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-09-12 19:29
Modified
2024-11-21 04:05
Severity ?
Summary
Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "503E551C-FC5F-4ABC-8DEA-E360701F0B33", versionEndExcluding: "22.01.06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*", matchCriteriaId: "506DEE00-30D2-4E29-9645-757EB8778C0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33F546AF-8F80-4E0A-9B92-86E3A1F931C0", versionEndExcluding: "21.01.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*", matchCriteriaId: "A40D0CDB-7BE6-491F-B730-3B4E10CA159A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5B6E6B-16A0-4236-AABE-82385B53EC78", versionEndExcluding: "21.01.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*", matchCriteriaId: "FDF9D4C3-1892-48FA-95B4-835B636A4005", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc547e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D476D093-4A97-499C-B40D-7A301BC9AA2E", versionEndExcluding: "r1.30.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pc547e:-:*:*:*:*:*:*:*", matchCriteriaId: "F6A757F1-E478-4A3D-8D5F-C996E176A11A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pc547g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "30F129DB-51AC-4F40-A0D1-AB5CF90D9C2D", versionEndExcluding: "r1.23.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*", matchCriteriaId: "9EB339B5-602F-4AB5-9998-465FDC6ABD6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc627d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "790D244A-AC3D-4BBC-9139-A90048FD375A", versionEndExcluding: "19.02.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc627d:-:*:*:*:*:*:*:*", matchCriteriaId: "509AD120-3465-4C00-AAB3-B6F6ED708B51", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc647d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C046182-BB33-41D0-B041-1566B8041917", versionEndExcluding: "19.01.14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc647d:-:*:*:*:*:*:*:*", matchCriteriaId: "D0EF28FB-BAB3-4710-9D25-25F67ACADC60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc677d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8DE74300-E061-452E-AD1D-6DD7C2C62729", versionEndExcluding: "19.02.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc677d:-:*:*:*:*:*:*:*", matchCriteriaId: "057D9947-CE4A-4B4C-B721-4B29FB71350C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc827d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE4A7C13-6F81-4629-9C28-9202028634AE", versionEndExcluding: "19.02.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc827d:-:*:*:*:*:*:*:*", matchCriteriaId: "E6D87239-40C1-4038-B734-D77AC4DDD571", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc847d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93485235-481B-4BAF-BB7A-81BB5AA1BC53", versionEndExcluding: "19.01.14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc847d:-:*:*:*:*:*:*:*", matchCriteriaId: "D8F37D88-E086-4060-8420-BD0F8D8FF580", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD949046-46E5-48C9-883B-92F04926E8BC", versionEndExcluding: "23.01.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*", matchCriteriaId: "187C6D51-5B86-484D-AE0F-26D1C9465580", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C23AFAB4-B286-4FD6-ABC3-86B2881E271C", versionEndExcluding: "12.0.5", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D5FAD938-027A-406F-9E7C-1BFD992839F4", versionEndExcluding: "12.0.5", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:manageability_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63591E72-6038-4417-BA10-54180507AF0F", versionEndExcluding: "11.0", versionStartIncluding: "9.0.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.", }, { lang: "es", value: "Múltiples desbordamientos de búfer en Intel AMT en el firmware Intel CSME en versiones anteriores a la 12.0.5 podrían permitir que un usuario privilegiado ejecute código arbitrario con privilegios de ejecución AMT mediante acceso local.", }, ], id: "CVE-2018-3657", lastModified: "2024-11-21T04:05:50.857", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-09-12T19:29:02.840", references: [ { source: "secure@intel.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106996", }, { source: "secure@intel.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106996", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-17 16:29
Modified
2024-11-21 04:16
Severity ?
Summary
Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | converged_security_management_engine_firmware | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5AC5359-A860-4A50-AA82-D811EBFE4AE4", versionEndExcluding: "12.0.35", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.", }, { lang: "es", value: "El desbordamiento de búfer en el subsistema en Intel (R) CSME versión 12.0.0 hasta 12.0.34, puede permitir que un usuario no identificado habilite potencialmente la escalada de privilegios por medio del acceso a la red.", }, ], id: "CVE-2019-0153", lastModified: "2024-11-21T04:16:21.310", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-17T16:29:02.093", references: [ { source: "secure@intel.com", url: "https://support.f5.com/csp/article/K71265658", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.f5.com/csp/article/K71265658", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-18 22:15
Modified
2024-11-21 04:20
Severity ?
Summary
Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CDF9B1B-4031-40EF-8516-60ABD2BBF1C0", versionEndExcluding: "11.8.70", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2BEC9F8B-3830-4657-874A-521BB9D312F2", versionEndExcluding: "11.11.70", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "58765D34-F8CD-48A2-BA46-F234C2A30B57", versionEndExcluding: "11.22.70", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BB1F8A4D-A2DF-44A8-BA4F-8868107C35A0", versionEndExcluding: "12.0.45", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "219FA251-B255-4CCC-9FAE-A36C542160E0", versionEndExcluding: "13.0.10", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6BBE6CE-6551-47F9-970D-9C85128EBCDC", versionEndExcluding: "14.0.10", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD17A8EA-F595-4E4E-B694-FE07544E7945", versionEndExcluding: "3.1.70", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3BCB9B3C-C83A-4563-80F6-3AA50C16A118", versionEndExcluding: "4.0.20", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access.", }, { lang: "es", value: "Una comprobación de entrada insuficiente en el subsistema para Intel® CSME versiones anteriores a 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 y 14.0.10; Intel® TXE versiones anteriores a 3.1.70 y 4.0.20, puede permitir a un usuario privilegiado habilitar una escalada de privilegios, una divulgación de información o una denegación de servicio por medio de un acceso local.", }, ], id: "CVE-2019-11087", lastModified: "2024-11-21T04:20:30.787", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-18T22:15:12.113", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-13 19:15
Modified
2024-11-21 04:27
Severity ?
Summary
Improper Authentication in subsystem in Intel(R) CSME versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:-:*:*:*", matchCriteriaId: "59894D4C-BA84-4776-93C6-D0525DAE24F9", versionEndExcluding: "12.0.48", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:iot:*:*:*", matchCriteriaId: "F9D6467C-197D-4877-892F-620E97F58F65", versionEndExcluding: "12.0.56", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:-:*:*:*", matchCriteriaId: "A4DB8A03-B194-4B17-8945-8C6E7DEC37BB", versionEndExcluding: "13.0.20", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:-:*:*:*", matchCriteriaId: "1F74B4CF-4F79-46A4-9A62-B3A12C690CAB", versionEndExcluding: "14.0.10", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*", matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Authentication in subsystem in Intel(R) CSME versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.", }, { lang: "es", value: "Se presenta una Autenticación Inapropiada en subsystem en Intel® CSME versiones 12.0 hasta 12.0.48 (solo IOT: versión 12.0.56), versiones 13.0 hasta 13.0.20, versiones 14.0 hasta 14.0.10, pueden habilitar a un usuario privilegiado para permitir potencialmente una escalada de privilegios, denegación de servicio o divulgación de información por medio de un acceso local.", }, ], id: "CVE-2019-14598", lastModified: "2024-11-21T04:27:00.133", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-13T19:15:13.130", references: [ { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200221-0005/", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00307.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200221-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00307.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-18 22:15
Modified
2024-11-21 04:20
Severity ?
Summary
Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CDF9B1B-4031-40EF-8516-60ABD2BBF1C0", versionEndExcluding: "11.8.70", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2BEC9F8B-3830-4657-874A-521BB9D312F2", versionEndExcluding: "11.11.70", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "58765D34-F8CD-48A2-BA46-F234C2A30B57", versionEndExcluding: "11.22.70", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BB1F8A4D-A2DF-44A8-BA4F-8868107C35A0", versionEndExcluding: "12.0.45", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "219FA251-B255-4CCC-9FAE-A36C542160E0", versionEndExcluding: "13.0.10", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6BBE6CE-6551-47F9-970D-9C85128EBCDC", versionEndExcluding: "14.0.10", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD17A8EA-F595-4E4E-B694-FE07544E7945", versionEndExcluding: "3.1.70", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3BCB9B3C-C83A-4563-80F6-3AA50C16A118", versionEndExcluding: "4.0.20", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.", }, { lang: "es", value: "Una comprobación de entrada insuficiente en el subsistema para Intel® CSME versiones anteriores a 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 y 14.0.10; Intel® TXE versiones anteriores a 3.1.70 y 4.0.20, puede permitir a un usuario privilegiado habilitar una divulgación de información por medio de un acceso local.", }, ], id: "CVE-2019-11101", lastModified: "2024-11-21T04:20:32.310", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-18T22:15:12.487", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-09-12 19:29
Modified
2024-11-21 04:05
Severity ?
Summary
A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3DC5E648-8DD3-4313-BE9D-2CE595F40D91", versionEndIncluding: "11.8.50", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2A4E3031-2AB8-4CA2-9D85-55FE1F8BF7CC", versionEndIncluding: "11.11.50", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7781499E-1729-4890-901E-0A2B7EACF949", versionEndIncluding: "11.21.51", versionStartIncluding: "11.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:server_platform_services_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C9BE1C00-6AAB-4402-98B8-8D68DFF1358E", versionEndExcluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8337C6A0-41B7-417D-BD0C-B65ACD99C5FF", versionEndIncluding: "3.1.50", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.", }, { lang: "es", value: "Una vulnerabilidad en un subsistema en Intel CSME en versiones anteriores a la 11.21.55, Intel Server Platform Services en versiones anteriores a la 4.0 y el firmware Intel Trusted Execution Engine en versiones anteriores a la 3.1.55 podría permitir que un usuario no autenticado modifique o divulgue información mediante acceso físico.", }, ], id: "CVE-2018-3655", lastModified: "2024-11-21T04:05:50.727", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N", version: "3.0", }, exploitabilityScore: 0.9, impactScore: 5.8, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-09-12T19:29:02.683", references: [ { source: "secure@intel.com", url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, { source: "secure@intel.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-14 20:29
Modified
2024-11-21 03:44
Severity ?
Summary
Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89FAC2D9-E921-4F45-B786-0902B310C2A3", versionEndExcluding: "11.8.60", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB85F0E9-95F9-452C-AAAF-0C8CCCE76C59", versionEndExcluding: "11.11.60", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A44D8E6-445C-475D-BB1A-75C03AEE940B", versionEndExcluding: "11.22.60", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91671FB7-F021-4781-9CBD-E7B66727B747", versionEndExcluding: "12.0.20", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:server_platform_services_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7202A001-9A4F-4E3D-8B61-9DB27638A7AD", versionEndExcluding: "5.00.04.012", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3029FF22-3BD0-41A7-BBF9-E6183DF2BD31", versionEndExcluding: "3.1.60", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "916A348F-144A-4A81-B93F-D3422A662D09", versionEndExcluding: "4.0.10", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access.", }, { lang: "es", value: "Desbordamiento de búfer en el subsistema HECI de Intel(R) CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20; o Intel (R) TXE, en versiones anteriores a la 3.1.60 o 4.0.10; o Intel(R) Server Platform Services en versiones anteriores a la 5.00.04.012 podría permitir que un usuario no autenticado pueda ejecutar código arbitrario mediante acceso físico.", }, ], id: "CVE-2018-12208", lastModified: "2024-11-21T03:44:46.920", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.9, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-14T20:29:00.850", references: [ { source: "secure@intel.com", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "secure@intel.com", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-15 14:15
Modified
2024-11-21 04:53
Severity ?
Summary
Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an unauthenticated user to potentially enable denial of service via network access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:undefined", matchCriteriaId: "7A86A849-7161-4EA0-B1CF-4E74A55D2E67", versionEndExcluding: "12.0.64", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "51B0E191-66BD-49B1-B745-F63006AD2A6F", versionEndExcluding: "13.0.32", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "004EE62A-979B-4D9B-928D-B2558CE79B4E", versionEndExcluding: "14.0.33", versionStartIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:14.5.11:*:*:*:*:*:*:*", matchCriteriaId: "9FB809FC-A7A5-4513-AD89-BB32DCAEF8FF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an unauthenticated user to potentially enable denial of service via network access.", }, { lang: "es", value: "Una comprobación de entrada inapropiada en el subsistema DAL para Intel® CSME versiones anteriores a 12.0.64, 13.0.32, 14.0.33 y 14.5.12, puede permitir a un usuario no autenticado habilitar potencialmente una denegación de servicio por medio de un acceso de red", }, ], id: "CVE-2020-0534", lastModified: "2024-11-21T04:53:41.380", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-15T14:15:10.643", references: [ { source: "secure@intel.com", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { source: "secure@intel.com", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-18 22:15
Modified
2024-11-21 04:20
Severity ?
Summary
Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL-SA-00125 Detection Tool version 1.0.45.0 or before may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:intel-sa-00125_detection_tool:*:*:*:*:*:*:*:*", matchCriteriaId: "71BA4A86-56CA-4FFA-BDB7-7B646A411C6B", versionEndIncluding: "1.0.45.0", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:sa-00086_detection_tool:*:*:*:*:*:*:*:*", matchCriteriaId: "654F9980-064B-49D8-B2EB-CD753034D6D5", versionEndIncluding: "1.2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CDF9B1B-4031-40EF-8516-60ABD2BBF1C0", versionEndExcluding: "11.8.70", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2BEC9F8B-3830-4657-874A-521BB9D312F2", versionEndExcluding: "11.11.70", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "58765D34-F8CD-48A2-BA46-F234C2A30B57", versionEndExcluding: "11.22.70", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BB1F8A4D-A2DF-44A8-BA4F-8868107C35A0", versionEndExcluding: "12.0.45", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5368827D-6DB4-427A-BD04-D1CDEF65265B", versionEndExcluding: "13.0.0", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6BBE6CE-6551-47F9-970D-9C85128EBCDC", versionEndExcluding: "14.0.10", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD17A8EA-F595-4E4E-B694-FE07544E7945", versionEndExcluding: "3.1.70", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3BCB9B3C-C83A-4563-80F6-3AA50C16A118", versionEndExcluding: "4.0.20", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL-SA-00125 Detection Tool version 1.0.45.0 or before may allow an authenticated user to potentially enable escalation of privilege via local access.", }, { lang: "es", value: "Un control de acceso insuficiente en el controlador de abstracción de hardware para el software MEInfo para Intel(R) CSME versiones anteriores a 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; software TXEInfo para Intel(R) TXE versiones anteriores a 3.1.70 y 4.0.20; INTEL-SA-00086 Detection Tool versión 1.2.7.0 o anterior; INTEL-SA-00125 Detection Tool versión 1.0.45.0 o anterior, puede permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso local.", }, ], id: "CVE-2019-11147", lastModified: "2024-11-21T04:20:37.420", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-18T22:15:13.457", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-15 14:15
Modified
2024-11-21 04:53
Severity ?
Summary
Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0, SPS_E3_04.01.04.109.0, SPS_E3_04.08.04.070.0 may allow a privileged user to potentially enable denial of service via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2CA2E306-9AEC-4767-9738-3EF0B833F896", versionEndExcluding: "11.8.77", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "299E26BE-7DB3-4D58-9C86-7634ACA11324", versionEndExcluding: "11.12.77", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E62CE07C-7068-4FE3-9268-0A551D397597", versionEndExcluding: "11.22.77", versionStartIncluding: "11.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:server_platform_services:*:*:*:*:*:*:*:*", matchCriteriaId: "2C055725-BF29-4702-8C8C-733329AFAC28", versionEndExcluding: "sps_e3_04.01.04.109.0", versionStartIncluding: "sps_e3_04.00.00.000.0", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:server_platform_services:*:*:*:*:*:*:*:*", matchCriteriaId: "2EC1103F-2B88-40E8-A8F9-5CD361F3F552", versionEndExcluding: "sps_e3_04.08.04.070.0", versionStartIncluding: "sps_e3_04.08.00.000.0", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:server_platform_services:*:*:*:*:*:*:*:*", matchCriteriaId: "D75D3E33-AD66-4357-A17F-90BA37833D6C", versionEndExcluding: "sps_e5_04.01.04.380.0", versionStartIncluding: "sps_e5_04.00.00.000.0", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:server_platform_services:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF0EC03-EF67-4E17-86DF-B835C5E3A778", versionEndExcluding: "sps_soc-a_04.00.04.211.0", versionStartIncluding: "sps_soc-a_04.00.00.000.0", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:server_platform_services:*:*:*:*:*:*:*:*", matchCriteriaId: "050BAFF0-7672-48B9-A59F-0940BAB2DA1A", versionEndExcluding: "sps_soc-x_04.00.04.128.0", versionStartIncluding: "sps_soc-x_04.00.00.000.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:trusted_execution_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "19F4B1CA-2021-42DA-9573-F89C780EF37A", versionEndExcluding: "3.1.75", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "DDB76164-AB77-4D87-87BA-63472E1CAFA8", versionEndExcluding: "4.0.25", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0, SPS_E3_04.01.04.109.0, SPS_E3_04.08.04.070.0 may allow a privileged user to potentially enable denial of service via local access.", }, { lang: "es", value: "Un Desbordamiento de enteros en el subsistema para Intel® CSME versiones anteriores a 11.8.77, 11.12.77, 11.22.77 e Intel® TXE versiones anteriores a 3.1.75, 4.0.25 e Intel® Server Platform Services (SPS) versiones anteriores a SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0, SPS_E3_04.01.04.109.0, SPS_E3_04.08.04.070.0, puede permitir a un usuario privilegiado habilitar potencialmente una denegación de servicio por medio de un acceso local", }, ], id: "CVE-2020-0545", lastModified: "2024-11-21T04:53:42.817", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-15T14:15:11.267", references: [ { source: "secure@intel.com", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf", }, { source: "secure@intel.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10321", }, { source: "secure@intel.com", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { source: "secure@intel.com", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10321", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-09-12 19:29
Modified
2024-11-21 04:05
Severity ?
Summary
A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | converged_security_management_engine_firmware | * | |
| intel | server_platform_services_firmware | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F57BC123-252D-44BB-AAF0-E90E1B348ED1", versionEndExcluding: "12.0.6", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:server_platform_services_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9C326802-35F4-4B91-8BE3-93A3F5C0BC5A", versionEndExcluding: "4.00.04", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.", }, { lang: "es", value: "Una vulnerabilidad en el firmware Power Management Controller en sistemas que emplean un CSME (Intel® Converged Security and Management Engine) específico en versiones anteriores a la 11.8.55, 11.11.55, 11.21.55 y la 12.0.6 o firmware Intel® Server Platform Services en versiones anteriores a la 4.x.04 podría permitir que un atacante con privilegios administrativos descubra ciertos secretos de la plataforma mediante acceso local o que pueda ejecutar código arbitrario.", }, ], id: "CVE-2018-3643", lastModified: "2024-11-21T04:05:49.770", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.5, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-09-12T19:29:02.557", references: [ { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20180924-0002/", }, { source: "secure@intel.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00131.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20180924-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00131.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-09-12 19:29
Modified
2024-11-21 04:05
Severity ?
Summary
Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C23AFAB4-B286-4FD6-ABC3-86B2881E271C", versionEndExcluding: "12.0.5", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D5FAD938-027A-406F-9E7C-1BFD992839F4", versionEndExcluding: "12.0.5", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:manageability_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63591E72-6038-4417-BA10-54180507AF0F", versionEndExcluding: "11.0", versionStartIncluding: "9.0.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "503E551C-FC5F-4ABC-8DEA-E360701F0B33", versionEndExcluding: "22.01.06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*", matchCriteriaId: "506DEE00-30D2-4E29-9645-757EB8778C0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33F546AF-8F80-4E0A-9B92-86E3A1F931C0", versionEndExcluding: "21.01.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*", matchCriteriaId: "A40D0CDB-7BE6-491F-B730-3B4E10CA159A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5B6E6B-16A0-4236-AABE-82385B53EC78", versionEndExcluding: "21.01.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*", matchCriteriaId: "FDF9D4C3-1892-48FA-95B4-835B636A4005", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc547e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D476D093-4A97-499C-B40D-7A301BC9AA2E", versionEndExcluding: "r1.30.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pc547e:-:*:*:*:*:*:*:*", matchCriteriaId: "F6A757F1-E478-4A3D-8D5F-C996E176A11A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pc547g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "30F129DB-51AC-4F40-A0D1-AB5CF90D9C2D", versionEndExcluding: "r1.23.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*", matchCriteriaId: "9EB339B5-602F-4AB5-9998-465FDC6ABD6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc627d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "790D244A-AC3D-4BBC-9139-A90048FD375A", versionEndExcluding: "19.02.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc627d:-:*:*:*:*:*:*:*", matchCriteriaId: "509AD120-3465-4C00-AAB3-B6F6ED708B51", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc647d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C046182-BB33-41D0-B041-1566B8041917", versionEndExcluding: "19.01.14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc647d:-:*:*:*:*:*:*:*", matchCriteriaId: "D0EF28FB-BAB3-4710-9D25-25F67ACADC60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc677d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8DE74300-E061-452E-AD1D-6DD7C2C62729", versionEndExcluding: "19.02.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc677d:-:*:*:*:*:*:*:*", matchCriteriaId: "057D9947-CE4A-4B4C-B721-4B29FB71350C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc827d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE4A7C13-6F81-4629-9C28-9202028634AE", versionEndExcluding: "19.02.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc827d:-:*:*:*:*:*:*:*", matchCriteriaId: "E6D87239-40C1-4038-B734-D77AC4DDD571", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc847d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93485235-481B-4BAF-BB7A-81BB5AA1BC53", versionEndExcluding: "19.01.14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc847d:-:*:*:*:*:*:*:*", matchCriteriaId: "D8F37D88-E086-4060-8420-BD0F8D8FF580", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD949046-46E5-48C9-883B-92F04926E8BC", versionEndExcluding: "23.01.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*", matchCriteriaId: "187C6D51-5B86-484D-AE0F-26D1C9465580", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.", }, { lang: "es", value: "Vulnerabilidad de canal lateral estilo Bleichenbacher en la implementación TLS en Intel Active Management Technology en versiones anteriores a la 12.0.5 podría permitir que un usuario sin autenticar obtenga la clave de sesión TLS por red.", }, ], id: "CVE-2018-3616", lastModified: "2024-11-21T04:05:46.667", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-09-12T19:29:02.403", references: [ { source: "secure@intel.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106996", }, { source: "secure@intel.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106996", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-09-12 19:29
Modified
2024-11-21 04:05
Severity ?
Summary
A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may allow an unauthenticated user to potentially disclose information via physical access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | converged_security_management_engine_firmware | * | |
| intel | trusted_execution_engine_firmware | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA360B3E-90A5-4F3A-A89B-A41BDFEBD4ED", versionEndExcluding: "12.0.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D002CA65-494F-432A-A653-F6F502F6D6C6", versionEndExcluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may allow an unauthenticated user to potentially disclose information via physical access.", }, { lang: "es", value: "Una vulnerabilidad en el módulo Intel PTT en el firmware Intel CSME en versiones anteriores a la 12.0.5 y el firmware Intel TXE en versiones anteriores a la 4.0 podría permitir que un usuario no autenticado divulgue información mediante acceso físico.", }, ], id: "CVE-2018-3659", lastModified: "2024-11-21T04:05:51.160", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-09-12T19:29:03.107", references: [ { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00142.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00142.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-15 14:15
Modified
2024-11-21 04:53
Severity ?
Summary
Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and Intel(R) TXE versions before 3.1.75 and 4.0.25 may allow an unauthenticated user to potentially enable information disclosure via network access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2CA2E306-9AEC-4767-9738-3EF0B833F896", versionEndExcluding: "11.8.77", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "299E26BE-7DB3-4D58-9C86-7634ACA11324", versionEndExcluding: "11.12.77", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E62CE07C-7068-4FE3-9268-0A551D397597", versionEndExcluding: "11.22.77", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:undefined", matchCriteriaId: "7A86A849-7161-4EA0-B1CF-4E74A55D2E67", versionEndExcluding: "12.0.64", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "51B0E191-66BD-49B1-B745-F63006AD2A6F", versionEndExcluding: "13.0.32", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "004EE62A-979B-4D9B-928D-B2558CE79B4E", versionEndExcluding: "14.0.33", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2ADFD0F7-45EE-4639-AB9D-CA36F7F18181", versionEndExcluding: "3.1.75", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6D84402A-0018-4632-984C-78F4D85609C3", versionEndExcluding: "4.0.25", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and Intel(R) TXE versions before 3.1.75 and 4.0.25 may allow an unauthenticated user to potentially enable information disclosure via network access.", }, { lang: "es", value: "Una comprobación de entrada inapropiada en el subsistema DAL para Intel® CSME versiones anteriores a 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 e Intel® TXE versiones anteriores a 3.1.75 y 4.0.25, puede permitir a un usuario no autenticado habilitar potencialmente una divulgación de información por medio de un acceso de red", }, ], id: "CVE-2020-0536", lastModified: "2024-11-21T04:53:41.603", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-15T14:15:10.783", references: [ { source: "secure@intel.com", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { source: "secure@intel.com", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-18 22:15
Modified
2024-11-21 04:20
Severity ?
Summary
Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CDF9B1B-4031-40EF-8516-60ABD2BBF1C0", versionEndExcluding: "11.8.70", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2BEC9F8B-3830-4657-874A-521BB9D312F2", versionEndExcluding: "11.11.70", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "58765D34-F8CD-48A2-BA46-F234C2A30B57", versionEndExcluding: "11.22.70", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BB1F8A4D-A2DF-44A8-BA4F-8868107C35A0", versionEndExcluding: "12.0.45", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "219FA251-B255-4CCC-9FAE-A36C542160E0", versionEndExcluding: "13.0.10", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6BBE6CE-6551-47F9-970D-9C85128EBCDC", versionEndExcluding: "14.0.10", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD17A8EA-F595-4E4E-B694-FE07544E7945", versionEndExcluding: "3.1.70", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3BCB9B3C-C83A-4563-80F6-3AA50C16A118", versionEndExcluding: "4.0.20", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, { lang: "es", value: "Una comprobación de entrada insuficiente en el software MEInfo para Intel® CSME versiones anteriores a 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 y 14.0.10; Intel® TXE versiones anteriores a 3.1.70 y 4.0.20, puede permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso local.", }, ], id: "CVE-2019-11104", lastModified: "2024-11-21T04:20:32.660", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-18T22:15:12.723", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-14 20:29
Modified
2024-11-21 03:44
Severity ?
Summary
Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89FAC2D9-E921-4F45-B786-0902B310C2A3", versionEndExcluding: "11.8.60", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB85F0E9-95F9-452C-AAAF-0C8CCCE76C59", versionEndExcluding: "11.11.60", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A44D8E6-445C-475D-BB1A-75C03AEE940B", versionEndExcluding: "11.22.60", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91671FB7-F021-4781-9CBD-E7B66727B747", versionEndExcluding: "12.0.20", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3029FF22-3BD0-41A7-BBF9-E6183DF2BD31", versionEndExcluding: "3.1.60", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "916A348F-144A-4A81-B93F-D3422A662D09", versionEndExcluding: "4.0.10", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access.", }, { lang: "es", value: "Una validación de entrada insuficiente en el subsistema Intel(r) CSME en las versiones anteriores a la 11.8.60, 11.11.60, 11.22.60 o 12.0.20 o Intel(r) TXE en las versiones anteriores a la 3.1.60 o 4.0.10 puede permitir a un usuario con privilegios una escalada de privilegios a través del acceso local.", }, ], id: "CVE-2018-12190", lastModified: "2024-11-21T03:44:43.530", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-14T20:29:00.427", references: [ { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-18 22:15
Modified
2024-11-21 04:20
Severity ?
Summary
Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CDF9B1B-4031-40EF-8516-60ABD2BBF1C0", versionEndExcluding: "11.8.70", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2BEC9F8B-3830-4657-874A-521BB9D312F2", versionEndExcluding: "11.11.70", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "58765D34-F8CD-48A2-BA46-F234C2A30B57", versionEndExcluding: "11.22.70", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BB1F8A4D-A2DF-44A8-BA4F-8868107C35A0", versionEndExcluding: "12.0.45", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "219FA251-B255-4CCC-9FAE-A36C542160E0", versionEndExcluding: "13.0.10", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6BBE6CE-6551-47F9-970D-9C85128EBCDC", versionEndExcluding: "14.0.10", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD17A8EA-F595-4E4E-B694-FE07544E7945", versionEndExcluding: "3.1.70", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3BCB9B3C-C83A-4563-80F6-3AA50C16A118", versionEndExcluding: "4.0.20", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.", }, { lang: "es", value: "Una omisión de autenticación en el subsistema para Intel(R) CSME versiones anteriores a 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 y 14.0.10; Intel(R) TXE versiones anteriores a 3.1.70 y 4.0.20, puede permitir a un usuario privilegiado habilitar una escalada de privilegios por medio de un acceso local.", }, ], id: "CVE-2019-11110", lastModified: "2024-11-21T04:20:33.370", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-18T22:15:13.190", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-15 14:15
Modified
2024-11-21 04:53
Severity ?
Summary
Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2CA2E306-9AEC-4767-9738-3EF0B833F896", versionEndExcluding: "11.8.77", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "299E26BE-7DB3-4D58-9C86-7634ACA11324", versionEndExcluding: "11.12.77", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E62CE07C-7068-4FE3-9268-0A551D397597", versionEndExcluding: "11.22.77", versionStartIncluding: "11.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.", }, { lang: "es", value: "Un hash unidireccional reversible en Intel® CSME versiones anteriores a 11.8.76, 11.12.77 y 11.22.77, puede permitir a un usuario privilegiado habilitar potencialmente una escalada de privilegios, una denegación de servicio o una divulgación de información por medio de un acceso local", }, ], id: "CVE-2020-0533", lastModified: "2024-11-21T04:53:41.270", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-15T14:15:10.237", references: [ { source: "secure@intel.com", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { source: "secure@intel.com", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-326", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-18 22:15
Modified
2024-11-21 04:20
Severity ?
Summary
Insufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CDF9B1B-4031-40EF-8516-60ABD2BBF1C0", versionEndExcluding: "11.8.70", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BB1F8A4D-A2DF-44A8-BA4F-8868107C35A0", versionEndExcluding: "12.0.45", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "219FA251-B255-4CCC-9FAE-A36C542160E0", versionEndExcluding: "13.0.10", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6BBE6CE-6551-47F9-970D-9C85128EBCDC", versionEndExcluding: "14.0.10", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD17A8EA-F595-4E4E-B694-FE07544E7945", versionEndExcluding: "3.1.70", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3BCB9B3C-C83A-4563-80F6-3AA50C16A118", versionEndExcluding: "4.0.20", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.", }, { lang: "es", value: "Una comprobación de sesión insuficiente en el subsistema para Intel® CSME versiones anteriores a 11.8.70, 12.0.45, 13.0.10 y 14.0.10; Intel® TXE versiones anteriores a 3.1.70 y 4.0.20, puede permitir a un usuario privilegiado habilitar una escalada de privilegios por medio de un acceso local.", }, ], id: "CVE-2019-11106", lastModified: "2024-11-21T04:20:32.913", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-18T22:15:12.863", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-613", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-14 20:29
Modified
2024-11-21 03:44
Severity ?
Summary
Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89FAC2D9-E921-4F45-B786-0902B310C2A3", versionEndExcluding: "11.8.60", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB85F0E9-95F9-452C-AAAF-0C8CCCE76C59", versionEndExcluding: "11.11.60", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A44D8E6-445C-475D-BB1A-75C03AEE940B", versionEndExcluding: "11.22.60", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91671FB7-F021-4781-9CBD-E7B66727B747", versionEndExcluding: "12.0.20", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:server_platform_services_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2525BE7F-C701-4A68-82DE-7B9E5C559F98", versionEndExcluding: "sps_e5_04.00.04.393.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.", }, { lang: "es", value: "Un error de lógica en el subsistema del kernel en Intel CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20; o Intel(R) Server Platform Services, en versiones anteriores a la SPS_E5_04.00.04.393.0, podría permitir que un usuario no autenticado pueda omitir la autenticación MEBx mediante acceso físico.", }, ], id: "CVE-2018-12192", lastModified: "2024-11-21T03:44:43.777", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-14T20:29:00.490", references: [ { source: "secure@intel.com", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "secure@intel.com", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-18 22:15
Modified
2024-11-21 04:16
Severity ?
Summary
Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CDF9B1B-4031-40EF-8516-60ABD2BBF1C0", versionEndExcluding: "11.8.70", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2BEC9F8B-3830-4657-874A-521BB9D312F2", versionEndExcluding: "11.11.70", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "58765D34-F8CD-48A2-BA46-F234C2A30B57", versionEndExcluding: "11.22.70", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BB1F8A4D-A2DF-44A8-BA4F-8868107C35A0", versionEndExcluding: "12.0.45", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD17A8EA-F595-4E4E-B694-FE07544E7945", versionEndExcluding: "3.1.70", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3BCB9B3C-C83A-4563-80F6-3AA50C16A118", versionEndExcluding: "4.0.20", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access.", }, { lang: "es", value: "Un desbordamiento de la pila en el subsistema para Intel® CSME versiones anteriores a 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel® TXE versiones anteriores a 3.1.70 y 4.0.20, puede permitir a un usuario no autenticado habilitar potencialmente una escalada de privilegios, una divulgación de información o una denegación de servicio por medio de un acceso adyacente.", }, ], id: "CVE-2019-0169", lastModified: "2024-11-21T04:16:23.887", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-18T22:15:11.940", references: [ { source: "secure@intel.com", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-18 22:15
Modified
2024-11-21 04:20
Severity ?
Summary
Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | converged_security_management_engine_firmware | * | |
| intel | converged_security_management_engine_firmware | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BB1F8A4D-A2DF-44A8-BA4F-8868107C35A0", versionEndExcluding: "12.0.45", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "219FA251-B255-4CCC-9FAE-A36C542160E0", versionEndExcluding: "13.0.10", versionStartIncluding: "13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access.", }, { lang: "es", value: "Una comprobación de entrada insuficiente en el subsistema para Intel(R) CSME versiones anteriores a 12.0.45 y 13.0.10, puede permitir a un usuario privilegiado habilitar una escalada de privilegios por medio de un acceso local.", }, ], id: "CVE-2019-11108", lastModified: "2024-11-21T04:20:33.127", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-18T22:15:13.050", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-14 20:29
Modified
2024-11-21 03:44
Severity ?
Summary
Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89FAC2D9-E921-4F45-B786-0902B310C2A3", versionEndExcluding: "11.8.60", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB85F0E9-95F9-452C-AAAF-0C8CCCE76C59", versionEndExcluding: "11.11.60", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A44D8E6-445C-475D-BB1A-75C03AEE940B", versionEndExcluding: "11.22.60", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91671FB7-F021-4781-9CBD-E7B66727B747", versionEndExcluding: "12.0.20", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.", }, { lang: "es", value: "Validación de entradas insuficiente en Intel(R) AMT en Intel(R) CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20, podría permitir que un usuario privilegiado pueda ejecutar código arbitrario mediante acceso local.", }, ], id: "CVE-2018-12196", lastModified: "2024-11-21T03:44:44.037", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-14T20:29:00.537", references: [ { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-09-12 19:29
Modified
2024-11-21 04:05
Severity ?
Summary
Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "503E551C-FC5F-4ABC-8DEA-E360701F0B33", versionEndExcluding: "22.01.06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*", matchCriteriaId: "506DEE00-30D2-4E29-9645-757EB8778C0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33F546AF-8F80-4E0A-9B92-86E3A1F931C0", versionEndExcluding: "21.01.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*", matchCriteriaId: "A40D0CDB-7BE6-491F-B730-3B4E10CA159A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B5B6E6B-16A0-4236-AABE-82385B53EC78", versionEndExcluding: "21.01.09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*", matchCriteriaId: "FDF9D4C3-1892-48FA-95B4-835B636A4005", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc547e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D476D093-4A97-499C-B40D-7A301BC9AA2E", versionEndExcluding: "r1.30.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pc547e:-:*:*:*:*:*:*:*", matchCriteriaId: "F6A757F1-E478-4A3D-8D5F-C996E176A11A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pc547g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "30F129DB-51AC-4F40-A0D1-AB5CF90D9C2D", versionEndExcluding: "r1.23.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*", matchCriteriaId: "9EB339B5-602F-4AB5-9998-465FDC6ABD6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc627d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "790D244A-AC3D-4BBC-9139-A90048FD375A", versionEndExcluding: "19.02.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc627d:-:*:*:*:*:*:*:*", matchCriteriaId: "509AD120-3465-4C00-AAB3-B6F6ED708B51", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc647d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C046182-BB33-41D0-B041-1566B8041917", versionEndExcluding: "19.01.14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc647d:-:*:*:*:*:*:*:*", matchCriteriaId: "D0EF28FB-BAB3-4710-9D25-25F67ACADC60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc677d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8DE74300-E061-452E-AD1D-6DD7C2C62729", versionEndExcluding: "19.02.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc677d:-:*:*:*:*:*:*:*", matchCriteriaId: "057D9947-CE4A-4B4C-B721-4B29FB71350C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc827d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE4A7C13-6F81-4629-9C28-9202028634AE", versionEndExcluding: "19.02.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc827d:-:*:*:*:*:*:*:*", matchCriteriaId: "E6D87239-40C1-4038-B734-D77AC4DDD571", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_ipc847d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93485235-481B-4BAF-BB7A-81BB5AA1BC53", versionEndExcluding: "19.01.14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_ipc847d:-:*:*:*:*:*:*:*", matchCriteriaId: "D8F37D88-E086-4060-8420-BD0F8D8FF580", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD949046-46E5-48C9-883B-92F04926E8BC", versionEndExcluding: "23.01.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*", matchCriteriaId: "187C6D51-5B86-484D-AE0F-26D1C9465580", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C23AFAB4-B286-4FD6-ABC3-86B2881E271C", versionEndExcluding: "12.0.5", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D5FAD938-027A-406F-9E7C-1BFD992839F4", versionEndExcluding: "12.0.5", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:manageability_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63591E72-6038-4417-BA10-54180507AF0F", versionEndExcluding: "11.0", versionStartIncluding: "9.0.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.", }, { lang: "es", value: "Múltiples desbordamientos de búfer en Intel AMT en el firmware Intel CSME en versiones anteriores a la 12.0.5 podrían permitir que un usuario no autenticado con Intel AMT provisionado provoque una denegación de servicio (DoS) parcial mediante acceso de red.", }, ], id: "CVE-2018-3658", lastModified: "2024-11-21T04:05:51.020", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-09-12T19:29:02.967", references: [ { source: "secure@intel.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106996", }, { source: "secure@intel.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106996", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-772", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-11 03:15
Modified
2024-11-21 07:12
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11BC4447-C51A-4FE3-9961-44C003DD5E87", versionEndExcluding: "11.12.94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:c232:-:*:*:*:*:*:*:*", matchCriteriaId: "4C3CC679-8CEE-41F9-8DD0-4B5B02D7BBF6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:c236:-:*:*:*:*:*:*:*", matchCriteriaId: "8D02651A-0F34-476D-B049-72C872464FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:c420:-:*:*:*:*:*:*:*", matchCriteriaId: "69ECA4C4-3A03-4C07-9461-63C84221CD80", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:c422:-:*:*:*:*:*:*:*", matchCriteriaId: "095F8957-9499-475C-8D68-A07A1140A4DE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:cm236:-:*:*:*:*:*:*:*", matchCriteriaId: "BAA5A85C-17B0-490F-853F-3451D2406F47", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:cm238:-:*:*:*:*:*:*:*", matchCriteriaId: "E1CA8160-27AD-4390-AF99-82CF31DDE94F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:x299:-:*:*:*:*:*:*:*", matchCriteriaId: "E20F674C-6522-42E4-85D9-B4C39A882D20", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "136B04D8-2CB6-47B0-9D6E-891DF57DA35B", versionEndExcluding: "11.8.94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:b150:-:*:*:*:*:*:*:*", matchCriteriaId: "E4A62BA8-3AE3-4339-97D3-4768A122C71C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:b250:-:*:*:*:*:*:*:*", matchCriteriaId: "6A2CDBC2-2B45-4E22-845A-EB8415D4C56D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8100:-:*:*:*:*:*:*:*", matchCriteriaId: "FD84789A-B7F4-493E-A3F6-D5287ACFEB98", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8100b:-:*:*:*:*:*:*:*", matchCriteriaId: "4A504EF6-8F7D-4839-B16D-FDCBD3B22287", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8100h:-:*:*:*:*:*:*:*", matchCriteriaId: "47B28199-5B9A-4AC4-9529-77A6FC591DC9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8100t:-:*:*:*:*:*:*:*", matchCriteriaId: "33B0B0C9-54ED-4D7E-B0F2-C87690056800", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8109u:-:*:*:*:*:*:*:*", matchCriteriaId: "E7DDCC11-A3DD-493E-AAFA-B50050FE3AC4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8130u:-:*:*:*:*:*:*:*", matchCriteriaId: "6287BCB7-8EFD-485E-B40E-AE6B9DB067DF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8140u:-:*:*:*:*:*:*:*", matchCriteriaId: "25227F52-7398-4E68-A973-B9177886BE0E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8145u:-:*:*:*:*:*:*:*", matchCriteriaId: "0D78093B-076C-48FB-A224-F94F5743ACF3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8145ue:-:*:*:*:*:*:*:*", matchCriteriaId: "B230FB82-C498-4118-97D3-3835CB713E87", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8300:-:*:*:*:*:*:*:*", matchCriteriaId: "F1DCD6D7-7FF2-419B-A41C-CF1FA830F289", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8300t:-:*:*:*:*:*:*:*", matchCriteriaId: "B8127E47-6082-4313-B310-1C6278471A21", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8350k:-:*:*:*:*:*:*:*", matchCriteriaId: "C14BA084-59CC-40E8-A62F-7AD1C9DD9283", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*", matchCriteriaId: "2AC12E92-33CB-4603-AC14-3351CE1D4E3A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*", matchCriteriaId: "6E62309E-1071-4569-8C9A-11748D629CAB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8250u:-:*:*:*:*:*:*:*", matchCriteriaId: "2DDA599F-09D5-4351-B7F5-351A2E04E091", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8257u:-:*:*:*:*:*:*:*", matchCriteriaId: "A205DBD9-A841-446A-8ED8-57989B806518", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8259u:-:*:*:*:*:*:*:*", matchCriteriaId: "D0D473E4-5EB1-434D-9D8F-C9365988EEAD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8260u:-:*:*:*:*:*:*:*", matchCriteriaId: "AFEF82DB-59F7-4530-B3CC-3D417CD519B3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*", matchCriteriaId: "6D3E166F-3D9F-4D0D-924A-147883598EA3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8269u:-:*:*:*:*:*:*:*", matchCriteriaId: "70D9D4EE-A6CA-4C9F-905F-27570858B5FE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8279u:-:*:*:*:*:*:*:*", matchCriteriaId: "73DA1253-1652-417A-BE27-586EF8ED59F8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8300h:-:*:*:*:*:*:*:*", matchCriteriaId: "8BD64BB5-CBC1-4862-BEE6-04FC53017976", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8305g:-:*:*:*:*:*:*:*", matchCriteriaId: "F4D55B9D-4BAB-4082-A33F-626E15229333", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*", matchCriteriaId: "71294A32-F3DD-45EA-A0FC-C3EA0351FA29", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8350u:-:*:*:*:*:*:*:*", matchCriteriaId: "4E920376-561D-4892-97A2-F4400223B3CA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*", matchCriteriaId: "C9054F35-AAB5-481E-B512-EDF4C3F2EA2F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8365ue:-:*:*:*:*:*:*:*", matchCriteriaId: "790A7B55-AD96-4B1C-A31A-C6778BFD5CC5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8400:-:*:*:*:*:*:*:*", matchCriteriaId: "9D350A92-3992-4464-84AB-960ABCA45698", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8400b:-:*:*:*:*:*:*:*", matchCriteriaId: "43DA2F8C-1C05-4447-A861-A33E81050F37", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8400h:-:*:*:*:*:*:*:*", matchCriteriaId: "4D9E3717-83D4-4C7B-9700-2ABDA6DDAD23", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8400t:-:*:*:*:*:*:*:*", matchCriteriaId: "AA341190-21EC-46FB-849D-F54AD3DFCF93", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8500:-:*:*:*:*:*:*:*", matchCriteriaId: "908629C1-FD27-4247-A33E-4F5E57DFF918", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8500b:-:*:*:*:*:*:*:*", matchCriteriaId: "7A98CDB0-BC13-4FB3-9DF2-56D9DCD9002F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8500t:-:*:*:*:*:*:*:*", matchCriteriaId: "C2AF0758-7F39-40C0-A174-4805AADACE14", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8600:-:*:*:*:*:*:*:*", matchCriteriaId: "D99484C0-1349-47EC-AFEB-5F7F281A514E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8600k:-:*:*:*:*:*:*:*", matchCriteriaId: "CF02D685-1E67-40E1-A858-000498D5D877", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8600t:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F74885-92EE-4F36-B4E1-5F1F8AD65F88", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7\\+8700:-:*:*:*:*:*:*:*", matchCriteriaId: "0EDCD661-394A-431F-84C2-0252ABD6F1B1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8086k:-:*:*:*:*:*:*:*", matchCriteriaId: "0304CBDA-AF3E-4F32-BF45-FD2199D1E025", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*", matchCriteriaId: "957F3AC9-D071-4932-B2C9-1643FB78BC7A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*", matchCriteriaId: "1395788D-E23B-433A-B111-745C55018C68", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8557u:-:*:*:*:*:*:*:*", matchCriteriaId: "05EA3461-021B-42CD-B4BD-4D2E8703DB93", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*", matchCriteriaId: "CB6774C8-431B-42AC-8955-02B529222372", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*", matchCriteriaId: "F41025AC-6EFE-4562-B1D1-BAB004875B06", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8569u:-:*:*:*:*:*:*:*", matchCriteriaId: "AC1ED81E-3D62-47FB-8FD4-B2732525C33C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*", matchCriteriaId: "AC82E058-25FE-4B6C-BA3C-AB043CFAB113", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*", matchCriteriaId: "34DD3CCB-91D5-48D6-80BC-CA643385BCE4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8665ue:-:*:*:*:*:*:*:*", matchCriteriaId: "41EB643A-7C3B-4017-A12C-FB48A4F6D9EF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8700:-:*:*:*:*:*:*:*", matchCriteriaId: "04076FFA-D74F-4501-9921-D8EBDF97CD20", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8700b:-:*:*:*:*:*:*:*", matchCriteriaId: "A4440FC7-F90C-44E0-B7FB-C88BC95EAB77", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8700k:-:*:*:*:*:*:*:*", matchCriteriaId: "B8846D3C-39C6-48BE-9643-ACC479416257", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8700t:-:*:*:*:*:*:*:*", matchCriteriaId: "07279DDB-B07D-4224-AA1C-24B4F3D63BB8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*", matchCriteriaId: "D4DDEFAF-EEC8-441D-82EF-ECF20B9496A4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*", matchCriteriaId: "F423BBE6-327A-40DC-8BCE-BF43600A68D5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*", matchCriteriaId: "08718840-D468-4E86-8FFF-A2B1841E6BF6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*", matchCriteriaId: "C9B77426-B579-43C6-9340-F291138ECD7A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*", matchCriteriaId: "DD0CF1E4-487A-4C61-AF4E-733D7ECBCFCC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8850h:-:*:*:*:*:*:*:*", matchCriteriaId: "DE776B91-9E25-48F5-A4F0-EB36B704AEBB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i9-8950hk:-:*:*:*:*:*:*:*", matchCriteriaId: "469D79CD-B627-4ACF-ABC7-0EAE5D41A005", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_m3-8100y:-:*:*:*:*:*:*:*", matchCriteriaId: "E5AFFC8B-3AC1-49B4-9A73-18A3EC928591", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h110:-:*:*:*:*:*:*:*", matchCriteriaId: "09271283-1681-4EB4-8BD3-DE01674D4D19", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h170:-:*:*:*:*:*:*:*", matchCriteriaId: "1B23A6C6-89CF-42CA-A3D0-E17EB8104BBE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h270:-:*:*:*:*:*:*:*", matchCriteriaId: "2715B64C-204D-4243-944E-434FDA366AA9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm170:-:*:*:*:*:*:*:*", matchCriteriaId: "B6CEAEB8-C0DD-4886-8EBB-D244A87338C7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm175:-:*:*:*:*:*:*:*", matchCriteriaId: "CDA12EE0-6877-431B-8CC9-9C7576444E64", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q150:-:*:*:*:*:*:*:*", matchCriteriaId: "73A05885-8AFD-4FFA-BE18-9CE24A1427B8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q170:-:*:*:*:*:*:*:*", matchCriteriaId: "B7BB0694-7F15-4784-97AA-9E9783B3702C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q250:-:*:*:*:*:*:*:*", matchCriteriaId: "C6E4C9D1-C1E8-43E1-88B8-76637A991EB1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q270:-:*:*:*:*:*:*:*", matchCriteriaId: "64E68EB4-7634-42AB-8DCD-8C87C86F78E1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:qm170:-:*:*:*:*:*:*:*", matchCriteriaId: "49495821-5D75-49F0-B2BB-2F73441731D1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:qm175:-:*:*:*:*:*:*:*", matchCriteriaId: "634DFA37-FE38-423B-92FA-01AAB0B389E3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:x299:-:*:*:*:*:*:*:*", matchCriteriaId: "E20F674C-6522-42E4-85D9-B4C39A882D20", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:z170:-:*:*:*:*:*:*:*", matchCriteriaId: "C6E0469E-FFC6-46BF-BB03-34326D1DBE19", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:z270:-:*:*:*:*:*:*:*", matchCriteriaId: "955612CC-223F-47C0-9D75-D71A39E61A3D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34D35636-BCC5-4C47-88E3-B8681CD79440", versionEndExcluding: "12.0.93", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:b360:-:*:*:*:*:*:*:*", matchCriteriaId: "0829C549-51C2-4029-9623-51D0C5470FBB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:b365:-:*:*:*:*:*:*:*", matchCriteriaId: "6CC7A911-2CFA-44B3-9B5D-824C02A92D1C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:c242:-:*:*:*:*:*:*:*", matchCriteriaId: "A7FDE41F-FF2A-42F0-AF4D-F57A28E377F4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:c246:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB420EA-D647-4272-8A96-2A09E70FAEAE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_4205u:-:*:*:*:*:*:*:*", matchCriteriaId: "6910BDD0-4968-45AE-AD19-3A1206F5D068", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_4305u:-:*:*:*:*:*:*:*", matchCriteriaId: "14C91CFB-C318-4F06-9A01-DCCEE2E901B4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_4305ue:-:*:*:*:*:*:*:*", matchCriteriaId: "F5C0F89F-0C58-44B8-A02C-50A97B086659", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:cm246:-:*:*:*:*:*:*:*", matchCriteriaId: "246F7FE9-0B21-4947-B6C2-6CA2DB1D7817", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8100:-:*:*:*:*:*:*:*", matchCriteriaId: "FD84789A-B7F4-493E-A3F6-D5287ACFEB98", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8100b:-:*:*:*:*:*:*:*", matchCriteriaId: "4A504EF6-8F7D-4839-B16D-FDCBD3B22287", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8100h:-:*:*:*:*:*:*:*", matchCriteriaId: "47B28199-5B9A-4AC4-9529-77A6FC591DC9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8100t:-:*:*:*:*:*:*:*", matchCriteriaId: "33B0B0C9-54ED-4D7E-B0F2-C87690056800", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8109u:-:*:*:*:*:*:*:*", matchCriteriaId: "E7DDCC11-A3DD-493E-AAFA-B50050FE3AC4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8130u:-:*:*:*:*:*:*:*", matchCriteriaId: "6287BCB7-8EFD-485E-B40E-AE6B9DB067DF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8140u:-:*:*:*:*:*:*:*", matchCriteriaId: "25227F52-7398-4E68-A973-B9177886BE0E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8145u:-:*:*:*:*:*:*:*", matchCriteriaId: "0D78093B-076C-48FB-A224-F94F5743ACF3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8145ue:-:*:*:*:*:*:*:*", matchCriteriaId: "B230FB82-C498-4118-97D3-3835CB713E87", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8300:-:*:*:*:*:*:*:*", matchCriteriaId: "F1DCD6D7-7FF2-419B-A41C-CF1FA830F289", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8300t:-:*:*:*:*:*:*:*", matchCriteriaId: "B8127E47-6082-4313-B310-1C6278471A21", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3-8350k:-:*:*:*:*:*:*:*", matchCriteriaId: "C14BA084-59CC-40E8-A62F-7AD1C9DD9283", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*", matchCriteriaId: "2AC12E92-33CB-4603-AC14-3351CE1D4E3A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*", matchCriteriaId: "6E62309E-1071-4569-8C9A-11748D629CAB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8250u:-:*:*:*:*:*:*:*", matchCriteriaId: "2DDA599F-09D5-4351-B7F5-351A2E04E091", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8257u:-:*:*:*:*:*:*:*", matchCriteriaId: "A205DBD9-A841-446A-8ED8-57989B806518", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8259u:-:*:*:*:*:*:*:*", matchCriteriaId: "D0D473E4-5EB1-434D-9D8F-C9365988EEAD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8260u:-:*:*:*:*:*:*:*", matchCriteriaId: "AFEF82DB-59F7-4530-B3CC-3D417CD519B3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*", matchCriteriaId: "6D3E166F-3D9F-4D0D-924A-147883598EA3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8269u:-:*:*:*:*:*:*:*", matchCriteriaId: "70D9D4EE-A6CA-4C9F-905F-27570858B5FE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8279u:-:*:*:*:*:*:*:*", matchCriteriaId: "73DA1253-1652-417A-BE27-586EF8ED59F8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8300h:-:*:*:*:*:*:*:*", matchCriteriaId: "8BD64BB5-CBC1-4862-BEE6-04FC53017976", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8305g:-:*:*:*:*:*:*:*", matchCriteriaId: "F4D55B9D-4BAB-4082-A33F-626E15229333", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*", matchCriteriaId: "71294A32-F3DD-45EA-A0FC-C3EA0351FA29", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8350u:-:*:*:*:*:*:*:*", matchCriteriaId: "4E920376-561D-4892-97A2-F4400223B3CA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*", matchCriteriaId: "C9054F35-AAB5-481E-B512-EDF4C3F2EA2F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8365ue:-:*:*:*:*:*:*:*", matchCriteriaId: "790A7B55-AD96-4B1C-A31A-C6778BFD5CC5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8400:-:*:*:*:*:*:*:*", matchCriteriaId: "9D350A92-3992-4464-84AB-960ABCA45698", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8400b:-:*:*:*:*:*:*:*", matchCriteriaId: "43DA2F8C-1C05-4447-A861-A33E81050F37", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8400h:-:*:*:*:*:*:*:*", matchCriteriaId: "4D9E3717-83D4-4C7B-9700-2ABDA6DDAD23", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8400t:-:*:*:*:*:*:*:*", matchCriteriaId: "AA341190-21EC-46FB-849D-F54AD3DFCF93", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8500:-:*:*:*:*:*:*:*", matchCriteriaId: "908629C1-FD27-4247-A33E-4F5E57DFF918", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8500b:-:*:*:*:*:*:*:*", matchCriteriaId: "7A98CDB0-BC13-4FB3-9DF2-56D9DCD9002F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8500t:-:*:*:*:*:*:*:*", matchCriteriaId: "C2AF0758-7F39-40C0-A174-4805AADACE14", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8600:-:*:*:*:*:*:*:*", matchCriteriaId: "D99484C0-1349-47EC-AFEB-5F7F281A514E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8600k:-:*:*:*:*:*:*:*", matchCriteriaId: "CF02D685-1E67-40E1-A858-000498D5D877", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5-8600t:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F74885-92EE-4F36-B4E1-5F1F8AD65F88", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7\\+8700:-:*:*:*:*:*:*:*", matchCriteriaId: "0EDCD661-394A-431F-84C2-0252ABD6F1B1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8086k:-:*:*:*:*:*:*:*", matchCriteriaId: "0304CBDA-AF3E-4F32-BF45-FD2199D1E025", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*", matchCriteriaId: "957F3AC9-D071-4932-B2C9-1643FB78BC7A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*", matchCriteriaId: "1395788D-E23B-433A-B111-745C55018C68", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8557u:-:*:*:*:*:*:*:*", matchCriteriaId: "05EA3461-021B-42CD-B4BD-4D2E8703DB93", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*", matchCriteriaId: "CB6774C8-431B-42AC-8955-02B529222372", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*", matchCriteriaId: "F41025AC-6EFE-4562-B1D1-BAB004875B06", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8569u:-:*:*:*:*:*:*:*", matchCriteriaId: "AC1ED81E-3D62-47FB-8FD4-B2732525C33C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*", matchCriteriaId: "AC82E058-25FE-4B6C-BA3C-AB043CFAB113", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*", matchCriteriaId: "34DD3CCB-91D5-48D6-80BC-CA643385BCE4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8665ue:-:*:*:*:*:*:*:*", matchCriteriaId: "41EB643A-7C3B-4017-A12C-FB48A4F6D9EF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8700:-:*:*:*:*:*:*:*", matchCriteriaId: "04076FFA-D74F-4501-9921-D8EBDF97CD20", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8700b:-:*:*:*:*:*:*:*", matchCriteriaId: "A4440FC7-F90C-44E0-B7FB-C88BC95EAB77", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8700k:-:*:*:*:*:*:*:*", matchCriteriaId: "B8846D3C-39C6-48BE-9643-ACC479416257", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8700t:-:*:*:*:*:*:*:*", matchCriteriaId: "07279DDB-B07D-4224-AA1C-24B4F3D63BB8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*", matchCriteriaId: "D4DDEFAF-EEC8-441D-82EF-ECF20B9496A4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*", matchCriteriaId: "F423BBE6-327A-40DC-8BCE-BF43600A68D5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*", matchCriteriaId: "08718840-D468-4E86-8FFF-A2B1841E6BF6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*", matchCriteriaId: "C9B77426-B579-43C6-9340-F291138ECD7A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*", matchCriteriaId: "DD0CF1E4-487A-4C61-AF4E-733D7ECBCFCC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7-8850h:-:*:*:*:*:*:*:*", matchCriteriaId: "DE776B91-9E25-48F5-A4F0-EB36B704AEBB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i9-8950hk:-:*:*:*:*:*:*:*", matchCriteriaId: "469D79CD-B627-4ACF-ABC7-0EAE5D41A005", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_m3-8100y:-:*:*:*:*:*:*:*", matchCriteriaId: "E5AFFC8B-3AC1-49B4-9A73-18A3EC928591", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h310:-:*:*:*:*:*:*:*", matchCriteriaId: "8DD64A3C-6925-4715-9D55-F1FC8AA0BB95", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h370:-:*:*:*:*:*:*:*", matchCriteriaId: "D7D83701-E7FF-41D3-ACC6-C78519E34FBD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm370:-:*:*:*:*:*:*:*", matchCriteriaId: "1893AF0C-A12E-4DDE-88D6-44A4318176D2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_gold_5405u:-:*:*:*:*:*:*:*", matchCriteriaId: "0D376C32-99BE-4DF4-A63D-2156D10EEA73", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q370:-:*:*:*:*:*:*:*", matchCriteriaId: "5CD6D64A-BC68-458E-810B-9EEDFD35817A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:qm370:-:*:*:*:*:*:*:*", matchCriteriaId: "205568C6-2BBB-4B1B-A609-5448F8B7E22E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:z370:-:*:*:*:*:*:*:*", matchCriteriaId: "DD09C370-3A22-4AFD-89D7-C35B152C4DE6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:z390:-:*:*:*:*:*:*:*", matchCriteriaId: "9379A170-4752-49F2-941D-75D88D385966", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "55DE4BD2-14AA-44EB-A031-644934344F67", versionEndExcluding: "14.1.70", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "180F0BC8-3FBB-4ADE-8679-169E4C308D00", versionEndExcluding: "14.5.50", versionStartIncluding: "14.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:b460:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB47F1D-AE3D-4F0E-AEFE-879140B47DD5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h410:-:*:*:*:*:*:*:*", matchCriteriaId: "BE191F8B-AC43-431E-87F7-46E2EF211D27", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h420e:-:*:*:*:*:*:*:*", matchCriteriaId: "C530D5AA-7480-45A7-BF06-45BF95B96B22", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h470:-:*:*:*:*:*:*:*", matchCriteriaId: "3D7E83B0-4902-40CF-9B24-3358846186E8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm470:-:*:*:*:*:*:*:*", matchCriteriaId: "A9AC90E6-DF0B-4370-825E-41E4986D30CE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q470:-:*:*:*:*:*:*:*", matchCriteriaId: "61E425A8-F0F9-4C38-B199-0A410F0D0270", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q470e:-:*:*:*:*:*:*:*", matchCriteriaId: "1F945B90-257C-4DCB-9CB3-F34C6F6529D3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:qm480:-:*:*:*:*:*:*:*", matchCriteriaId: "3D4ACE9D-B829-44BD-8124-30BD62E8F8B4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:w480:-:*:*:*:*:*:*:*", matchCriteriaId: "D5AE97F1-0236-4305-BC0B-253160262125", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:w480e:-:*:*:*:*:*:*:*", matchCriteriaId: "8621ECA8-A467-471E-A871-72EDD10BB2FF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:wm490:-:*:*:*:*:*:*:*", matchCriteriaId: "6AC3826E-7DA9-4A86-836F-7F3B32AEB3D2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:z490:-:*:*:*:*:*:*:*", matchCriteriaId: "D16ACC77-CE53-4897-BEF8-50CFE7AD56FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "59579717-55D1-402C-870F-3BED480A32CA", versionEndExcluding: "15.0.45", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:b560:-:*:*:*:*:*:*:*", matchCriteriaId: "9FE930AA-59F7-43A7-9FF3-363CE72A6728", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h510:-:*:*:*:*:*:*:*", matchCriteriaId: "D67C6D6B-12F3-43A6-BB8D-DFE0B6483294", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h570:-:*:*:*:*:*:*:*", matchCriteriaId: "96F1DD9B-C078-41C5-88E0-DB7705E17742", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm570:-:*:*:*:*:*:*:*", matchCriteriaId: "9D9BD5A1-AD1F-4770-87EE-7F1804BA87A1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm570e:-:*:*:*:*:*:*:*", matchCriteriaId: "242BA56E-E8D0-4851-AA71-FECB9E102F87", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q570:-:*:*:*:*:*:*:*", matchCriteriaId: "44BCD8EB-D71A-4BD6-8D2D-AF2430F840C3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:qm580:-:*:*:*:*:*:*:*", matchCriteriaId: "61AB83BE-01F0-412B-98E9-B766884BF249", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:qm580e:-:*:*:*:*:*:*:*", matchCriteriaId: "8CDD634A-B6BA-452C-A6E0-18ADEFF81529", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:rm590e:-:*:*:*:*:*:*:*", matchCriteriaId: "E1C4E46E-5828-4EE6-9A95-8F4FE56AC156", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:w580:-:*:*:*:*:*:*:*", matchCriteriaId: "EE366EB3-BE96-4A01-9BD5-792B59163938", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:wm590:-:*:*:*:*:*:*:*", matchCriteriaId: "4158B9A6-ACBE-4A62-AA2C-9790F73C4C3C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:z590:-:*:*:*:*:*:*:*", matchCriteriaId: "89563A0F-CE7A-41C5-A8C7-9FC2D40F000A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E7317CB4-D0A7-4508-83AD-6C30CF407E96", versionEndExcluding: "16.1.27", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:b660:-:*:*:*:*:*:*:*", matchCriteriaId: "2576527C-0218-491F-871E-07A60A5E1C25", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h610:-:*:*:*:*:*:*:*", matchCriteriaId: "A68DECC9-072F-43C0-90EF-02E8BBC9AE4C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h610e:-:*:*:*:*:*:*:*", matchCriteriaId: "9B973879-DE48-4461-B543-98625EABCCE4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h670:-:*:*:*:*:*:*:*", matchCriteriaId: "BCF3A230-7824-4417-B5C4-E2D30ECBE3AE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm670:-:*:*:*:*:*:*:*", matchCriteriaId: "70675897-E01D-4217-82AE-EC15AE58390E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q670:-:*:*:*:*:*:*:*", matchCriteriaId: "B3DBB4E3-B863-4333-AC01-DB21416FCB94", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q670e:-:*:*:*:*:*:*:*", matchCriteriaId: "5B479403-BA34-426F-8DB6-61303C57F268", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r680e:-:*:*:*:*:*:*:*", matchCriteriaId: "F20D230F-E14A-4986-8746-168CC9C61AD0", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:w680:-:*:*:*:*:*:*:*", matchCriteriaId: "EF31448A-E935-4FFF-AF76-2B06EF71E229", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:wm690:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B7B7CD-63B7-4F80-A0A1-7C69F0868D1B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:z690:-:*:*:*:*:*:*:*", matchCriteriaId: "2D1C667A-A904-4707-BE7E-FF7530E0D716", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access.", }, { lang: "es", value: "La validación de entrada inadecuada en algunos firmware para Intel(R) AMT e Intel(R) Standard Manageability antes de las versiones 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45 y 16.1.27 en Intel (R) CSME puede permitir que un usuario no autenticado habilite potencialmente la denegación de servicio a través del acceso a la red.", }, ], id: "CVE-2022-36392", lastModified: "2024-11-21T07:12:55.977", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "secure@intel.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-08-11T03:15:13.250", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", }, { source: "secure@intel.com", url: "https://security.netapp.com/advisory/ntap-20230824-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20230824-0002/", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "secure@intel.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-116", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-14 20:29
Modified
2024-11-21 03:44
Severity ?
Summary
Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89FAC2D9-E921-4F45-B786-0902B310C2A3", versionEndExcluding: "11.8.60", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB85F0E9-95F9-452C-AAAF-0C8CCCE76C59", versionEndExcluding: "11.11.60", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A44D8E6-445C-475D-BB1A-75C03AEE940B", versionEndExcluding: "11.22.60", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91671FB7-F021-4781-9CBD-E7B66727B747", versionEndExcluding: "12.0.20", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3029FF22-3BD0-41A7-BBF9-E6183DF2BD31", versionEndExcluding: "3.1.60", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "916A348F-144A-4A81-B93F-D3422A662D09", versionEndExcluding: "4.0.10", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access.", }, { lang: "es", value: "Excepción sin gestionar en el subsistema de protección de contenidos en Intel CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20; o Intel TXE, en versiones anteriores a la 3.1.60 o 4.0.10, podría permitir que un usuario privilegiado pueda modificar datos mediante acceso local.", }, ], id: "CVE-2018-12189", lastModified: "2024-11-21T03:44:43.417", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-14T20:29:00.397", references: [ { source: "secure@intel.com", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-754", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-14 20:29
Modified
2024-11-21 03:44
Severity ?
Summary
Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physical access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89FAC2D9-E921-4F45-B786-0902B310C2A3", versionEndExcluding: "11.8.60", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB85F0E9-95F9-452C-AAAF-0C8CCCE76C59", versionEndExcluding: "11.11.60", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A44D8E6-445C-475D-BB1A-75C03AEE940B", versionEndExcluding: "11.22.60", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91671FB7-F021-4781-9CBD-E7B66727B747", versionEndExcluding: "12.0.20", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physical access.", }, { lang: "es", value: "Validación de entradas insuficiente en Intel(R) AMT en Intel(R) CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20, podría permitir que un usuario no autenticado pueda ejecutar código arbitrario mediante acceso físico.", }, ], id: "CVE-2018-12185", lastModified: "2024-11-21T03:44:43.067", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-14T20:29:00.257", references: [ { source: "secure@intel.com", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-07-10 21:29
Modified
2024-11-21 04:05
Severity ?
Summary
Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*", matchCriteriaId: "13808A7B-9416-4D3A-9437-A6011706B072", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*", matchCriteriaId: "B6B859F7-0373-4ADD-92B3-0FAB42FCF23C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*", matchCriteriaId: "AAC76F31-00A5-4719-AA50-92F773919B3C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*", matchCriteriaId: "49996F5A-51B2-4D4E-AE04-E98E093A76CC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*", matchCriteriaId: "9F8406B0-D1E5-4633-B17E-53DC99FE7622", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*", matchCriteriaId: "3D49435C-7C33-454B-9F43-9C10F28A28A1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*", matchCriteriaId: "D17E1A0F-1150-4899-81BC-BE84E4EF5FA3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*", matchCriteriaId: "EADD98AE-BAB0-440D-AB9F-2D76BE5109E2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*", matchCriteriaId: "ED44A404-8548-4EDC-8928-4094D05A6A38", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*", matchCriteriaId: "3A6E4AA3-BEBC-4B14-9A52-A8F8B2954D64", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*", matchCriteriaId: "D2AAD8F0-0D31-4806-8A88-A30E5BE43630", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*", matchCriteriaId: "8164EE5F-6ABA-4365-8718-2F98C2E57A0F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*", matchCriteriaId: "C7110AF9-A407-4EE2-9C46-E5F1E3638E9A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*", matchCriteriaId: "2A06696D-37F0-427D-BFC5-1606E7441C31", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*", matchCriteriaId: "E9F8A5FC-5EFE-42EC-A49B-D3A312FB5F6F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7020u:*:*:*:*:*:*:*", matchCriteriaId: "A54EC3F7-0B8C-46CE-A8C7-4BB61B355843", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7100:*:*:*:*:*:*:*", matchCriteriaId: "233009BD-0DEC-405C-AD1A-B58AEB48B0DC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7100e:*:*:*:*:*:*:*", matchCriteriaId: "D332B6F4-DB19-4E02-A2B6-23D7235BCAB0", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7100h:*:*:*:*:*:*:*", matchCriteriaId: "A3D29927-72F4-4AF9-B096-57DB2712FBE1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7100t:*:*:*:*:*:*:*", matchCriteriaId: "BA5AE231-F198-49EC-8A97-FF250A742840", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7100u:*:*:*:*:*:*:*", matchCriteriaId: "22A6603F-9646-4220-BFCB-81266F1FC60E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7101e:*:*:*:*:*:*:*", matchCriteriaId: "68E25472-7F96-425C-87DD-D1835B12589E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7101te:*:*:*:*:*:*:*", matchCriteriaId: "09253F55-3355-44C1-862C-9A6DAD5C461C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7102e:*:*:*:*:*:*:*", matchCriteriaId: "32CAE041-761F-4D81-B075-D3E567CFFE94", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7130u:*:*:*:*:*:*:*", matchCriteriaId: "843E440C-3847-4B13-BB0C-E0C282853850", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7167u:*:*:*:*:*:*:*", matchCriteriaId: "BEB1AF20-A65B-45F7-8C60-3475A640E2FC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7300:*:*:*:*:*:*:*", matchCriteriaId: "154B92C1-04B9-459D-9FC7-6EA1E09CE12C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7300t:*:*:*:*:*:*:*", matchCriteriaId: "2E0F9407-BCB5-4F50-8D54-74389DA58E15", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7320:*:*:*:*:*:*:*", matchCriteriaId: "60F6B441-537F-4255-9BC6-CE807B46DC55", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7350k:*:*:*:*:*:*:*", matchCriteriaId: "CE7EFD6E-5954-4041-8245-0AB2D45E583F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*", matchCriteriaId: "68A76015-0A05-4EC7-B136-DC13B55D881F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8100h:*:*:*:*:*:*:*", matchCriteriaId: "0DA0AF32-485E-418D-B3F5-F7207CF17E4A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8100t:*:*:*:*:*:*:*", matchCriteriaId: "353CB864-53C3-4BC3-B02A-38FEE42BDBCC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8109u:*:*:*:*:*:*:*", matchCriteriaId: "3A649B47-E110-4C6C-AE60-13DB543CFE29", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8130u:*:*:*:*:*:*:*", matchCriteriaId: "02377127-6C03-4FED-BB51-555B8E0DB223", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8145u:*:*:*:*:*:*:*", matchCriteriaId: "07CCBA16-2DC6-43D5-BFF2-550C749DB54E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8300:*:*:*:*:*:*:*", matchCriteriaId: "100127DD-4981-46D3-95A7-D5C0585F097E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8300t:*:*:*:*:*:*:*", matchCriteriaId: "1228D0D5-8708-4D2A-AEC2-52D6BEFF5AF4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*", matchCriteriaId: "C352DCE8-E8D9-40D3-AFE9-B5FB84F7ED33", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*", matchCriteriaId: "13808A7B-9416-4D3A-9437-A6011706B072", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5:7y54:*:*:*:*:*:*:*", matchCriteriaId: "8E0195D5-380D-401F-92EB-37AEA34E7478", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7y57:*:*:*:*:*:*:*", matchCriteriaId: "0E6AB8D9-FEA0-4830-941B-A2605830ADD0", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*", matchCriteriaId: "0FC246FE-4CA6-4B2D-83C3-D50A386C24A0", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*", matchCriteriaId: "758A14DB-1BAF-442A-BA7C-5E9C67847BEA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*", matchCriteriaId: "61309100-CFA7-4607-A236-8910838AA057", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*", matchCriteriaId: "82D76265-7BD0-4C51-AE77-22B22524DE81", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*", matchCriteriaId: "DE38B195-BB8D-4747-881D-E8033760B4C8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*", matchCriteriaId: "1AA8BE76-168D-48A3-8DF6-E91F44600408", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*", matchCriteriaId: "3B656975-5D71-4712-9820-BDB7BC248AFA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*", matchCriteriaId: "FA045267-114D-4587-B6D7-E273C28DC9B1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*", matchCriteriaId: "77018415-E122-406E-896D-1BC6CF790BE3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*", matchCriteriaId: "3ADF37F1-546B-4EF0-8DEC-DC3B9F5309FF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*", matchCriteriaId: "D7469256-1A64-46FF-8F5A-A8E9E3CF5BE5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*", matchCriteriaId: "7F9069B9-9FE3-4AD5-9A8E-55C0F73BD756", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*", matchCriteriaId: "F4E1C012-3E05-44DB-B6D2-BFD619C034B4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*", matchCriteriaId: "15D689D6-8594-42F2-8EEF-DCAEBA885A67", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*", matchCriteriaId: "A6446000-0494-4DC5-ABAA-F20A44546068", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*", matchCriteriaId: "99B94EEC-6690-45D0-B086-F4A5B25C25CB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*", matchCriteriaId: "8B767B6E-B3E6-4424-97A6-89A7E7EB0EEB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*", matchCriteriaId: "832AB3CD-E3A1-4CCB-A210-287973563D0E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*", matchCriteriaId: "5A26C0CC-68AD-40F5-96B8-87E6C643F6F8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*", matchCriteriaId: "99C4221A-9994-43B3-9C7A-E13815A50A10", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*", matchCriteriaId: "20070B1D-B91C-40BA-A9D8-E80170A2933F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*", matchCriteriaId: "A70129C9-371F-4542-A388-C095869E593A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7200u:*:*:*:*:*:*:*", matchCriteriaId: "83A2B089-EF84-4CC6-BFF6-8E74584688CD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7260u:*:*:*:*:*:*:*", matchCriteriaId: "6D2A5D20-2921-4FA2-B62F-01A6A2957D7B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7267u:*:*:*:*:*:*:*", matchCriteriaId: "5427051C-F785-4190-86E4-7F6E226968B4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7287u:*:*:*:*:*:*:*", matchCriteriaId: "B4E5D44F-183D-4B1B-8ACF-6954A834B63A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7300hq:*:*:*:*:*:*:*", matchCriteriaId: "96AEABB2-D597-4126-AEA2-D67117E86962", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7300u:*:*:*:*:*:*:*", matchCriteriaId: "1E84AC40-E06A-42B9-B125-E7263A191702", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7360u:*:*:*:*:*:*:*", matchCriteriaId: "F1869D54-7B07-400D-8941-59DE0FE4127D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7400:*:*:*:*:*:*:*", matchCriteriaId: "A27F73DD-FDC1-4A7B-85B1-543FFB036CCC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7400t:*:*:*:*:*:*:*", matchCriteriaId: "AEC66A91-0BA2-4073-B4B7-E8354B3D2409", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7440eq:*:*:*:*:*:*:*", matchCriteriaId: "CAD36097-3356-49B6-93A4-B6AC9203C2A9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7440hq:*:*:*:*:*:*:*", matchCriteriaId: "9C0CE988-82FB-4412-AF06-91A1E056FD0B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7442eq:*:*:*:*:*:*:*", matchCriteriaId: "799CBCB6-5345-433A-9D2A-B36A86178982", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7500:*:*:*:*:*:*:*", matchCriteriaId: "BE27EBE2-D4BD-412C-8DB0-C30DF71E5788", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7500t:*:*:*:*:*:*:*", matchCriteriaId: "16F2AE62-2E44-4F70-B790-1D5399DF61A7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7600:*:*:*:*:*:*:*", matchCriteriaId: "1EBF09B5-A51E-4579-A5E4-3B755CDDB737", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7600k:*:*:*:*:*:*:*", matchCriteriaId: "3F4D20EC-92C4-4BB3-8F13-540AAA001E9F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7600t:*:*:*:*:*:*:*", matchCriteriaId: "7AC49B2C-12AB-463F-AB13-7C9A9E381014", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8200y:*:*:*:*:*:*:*", matchCriteriaId: "A529E849-E1FD-4BD1-A6A5-377F79FE26D2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*", matchCriteriaId: "6C4DE25F-168A-4C67-8B66-09F61F072BD4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8259u:*:*:*:*:*:*:*", matchCriteriaId: "11ED2E75-9BCD-4F52-A610-E50A5DA24A8E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8265u:*:*:*:*:*:*:*", matchCriteriaId: "A216FA06-4E47-4105-8ADE-956F887AFC6B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8269u:*:*:*:*:*:*:*", matchCriteriaId: "137DECAA-074A-4FEC-A633-FE3836E0D32B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8300h:*:*:*:*:*:*:*", matchCriteriaId: "80C307EB-64E4-4BBE-A41A-5FE5AF197ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8305g:*:*:*:*:*:*:*", matchCriteriaId: "EDD1091D-CDD9-41C0-A8D8-19B8ECAA672F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*", matchCriteriaId: "58157F24-D89E-4552-8CE6-2F01E98BD1E5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*", matchCriteriaId: "BC7FFD78-1E1C-4246-BBD3-73FAC06AA46B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8400b:*:*:*:*:*:*:*", matchCriteriaId: "328F854B-3716-47D9-BE70-765DE3689DAC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8400h:*:*:*:*:*:*:*", matchCriteriaId: "D179F530-F642-444C-8184-3770FA8A338E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8400t:*:*:*:*:*:*:*", matchCriteriaId: "CB237F89-7405-46F7-972E-81A3B78631BA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8500:*:*:*:*:*:*:*", matchCriteriaId: "6BA4C4C2-0DC2-46FA-89E9-38F632DACB4C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8500b:*:*:*:*:*:*:*", matchCriteriaId: "017FA232-935C-4096-8087-5F90147589C2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8500t:*:*:*:*:*:*:*", matchCriteriaId: "131FA189-EAB5-4D51-AFD8-7AD03D4E0DE7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8600:*:*:*:*:*:*:*", matchCriteriaId: "7C86118F-42C7-4F7E-B156-AA7AC53BE96B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*", matchCriteriaId: "45ACBBEA-EC95-4F3E-B585-893DB6D21A0F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8600t:*:*:*:*:*:*:*", matchCriteriaId: "E2EFD9AB-6FF2-4C90-AF14-510B16F41C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*", matchCriteriaId: "13808A7B-9416-4D3A-9437-A6011706B072", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*", matchCriteriaId: "7DEC55DF-1950-45E5-A5F2-B5604AFA1CBD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6500u:*:*:*:*:*:*:*", matchCriteriaId: "923D2D73-F953-44D2-9A25-E118136E8C5A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6560u:*:*:*:*:*:*:*", matchCriteriaId: "B219CA1A-FFBD-4434-B7FC-EFD52EBC955F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6567u:*:*:*:*:*:*:*", matchCriteriaId: "AE2AEDB1-8C35-4210-B045-69216480B384", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6600u:*:*:*:*:*:*:*", matchCriteriaId: "484C1B49-7D90-4360-BE33-C1DAB755ED89", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6650u:*:*:*:*:*:*:*", matchCriteriaId: "C08FE92E-D97F-40E1-8482-1DA777EBC785", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6660u:*:*:*:*:*:*:*", matchCriteriaId: "2EBD6720-F788-4FD7-BC7F-AAEFAA137486", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6700:*:*:*:*:*:*:*", matchCriteriaId: "08032549-991F-465D-8794-21C8ED2C98D6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6700hq:*:*:*:*:*:*:*", matchCriteriaId: "94514F41-CDCF-4EED-896E-8B5AE7360F0A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6700k:*:*:*:*:*:*:*", matchCriteriaId: "27F79141-5702-4157-8D13-FFB1C2F23FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6700t:*:*:*:*:*:*:*", matchCriteriaId: "114D7086-4C6D-4EE8-A2ED-7D4F63FD6A07", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6700te:*:*:*:*:*:*:*", matchCriteriaId: "FF8D239C-B3D6-4F08-AF99-E64752B72346", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6770hq:*:*:*:*:*:*:*", matchCriteriaId: "207507FE-1DC7-4569-A5A9-392290622EC9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6785r:*:*:*:*:*:*:*", matchCriteriaId: "15FC32E2-9228-4903-9F0A-AF327A1C2D36", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6820eq:*:*:*:*:*:*:*", matchCriteriaId: "FF50D5C4-DFC1-4306-B2C8-09D6788904FE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6820hk:*:*:*:*:*:*:*", matchCriteriaId: "0665FECD-A31D-4EB2-A360-CFA1E58CDEFE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6820hq:*:*:*:*:*:*:*", matchCriteriaId: "62783CBF-1299-4045-A0D9-E95E7B385164", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6822eq:*:*:*:*:*:*:*", matchCriteriaId: "3B04C754-50CD-4C8C-B56F-A50944EE5799", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6870hq:*:*:*:*:*:*:*", matchCriteriaId: "B6A7DE62-EB8A-4C5B-B143-3892CF1EE7CA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6920hq:*:*:*:*:*:*:*", matchCriteriaId: "23BA712E-4516-4823-8E85-6AC24BE3240F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6970hq:*:*:*:*:*:*:*", matchCriteriaId: "7C1303D7-33B3-48AA-BD62-74984AD22AF1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*", matchCriteriaId: "6158ED8A-007E-48B7-99BF-8BA03BF584BD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*", matchCriteriaId: "DBA7096A-F321-49A0-911A-F9683ABE6E6A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*", matchCriteriaId: "6A471395-7F8F-4BA5-962D-4D8F271FAB47", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*", matchCriteriaId: "B9484380-92B9-44DB-8E20-DC8DE02D1CA6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*", matchCriteriaId: "8010808D-805D-4CA3-9EA2-55EB1E57964C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*", matchCriteriaId: "9716FE9F-A056-42A3-A241-F2FE37A6386A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*", matchCriteriaId: "F73422A3-ECA0-4C41-9AA5-CF7D77885CF6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*", matchCriteriaId: "7A96A5AF-C9EF-4DED-AE25-4540A2B02915", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*", matchCriteriaId: "D5115B12-053A-4866-A833-D6EC88D8F93E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*", matchCriteriaId: "C5619D4D-9685-4595-8A5F-A18273FE4213", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*", matchCriteriaId: "B77E00E7-0EA4-4E32-A693-0E0F66BA4C57", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*", matchCriteriaId: "DAA3457E-7E1A-4878-9752-79382E954A66", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*", matchCriteriaId: "68630C63-4457-4E12-B7BD-AD456B237FC5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8086k:*:*:*:*:*:*:*", matchCriteriaId: "B506523F-101E-4F05-82D5-31E37B8B2E8C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8500y:*:*:*:*:*:*:*", matchCriteriaId: "1ED47811-5435-43D1-A57F-CA89807A6118", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*", matchCriteriaId: "F6FB5695-2950-4CEC-81B4-FD280F835330", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8559u:*:*:*:*:*:*:*", matchCriteriaId: "6799338F-C0F9-4B25-A14C-68C4158B01F6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8565u:*:*:*:*:*:*:*", matchCriteriaId: "BE77F2FF-75AB-4071-B575-C7ECAF5FAEA8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*", matchCriteriaId: "9F340AF8-508F-449D-9AFA-4E55F069B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*", matchCriteriaId: "E944410E-D674-4141-B50C-9F55090325FF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8700b:*:*:*:*:*:*:*", matchCriteriaId: "5461E4AD-2944-46A0-A696-FC32CD069D64", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*", matchCriteriaId: "A6438E07-0AC0-4BF9-B0F2-9072CA9639D6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8700t:*:*:*:*:*:*:*", matchCriteriaId: "E2A76E12-842B-4925-B5F5-53497C3E420F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8705g:*:*:*:*:*:*:*", matchCriteriaId: "28F8C010-77B1-4774-AE6D-2A8375F5E8B5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8706g:*:*:*:*:*:*:*", matchCriteriaId: "19CC5153-BE9A-4394-BFA5-1F0DBEA16163", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8709g:*:*:*:*:*:*:*", matchCriteriaId: "361C2658-F122-4AE9-B67D-4467F29E096D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8750h:*:*:*:*:*:*:*", matchCriteriaId: "66106AD9-F1DA-4A43-9968-7F5BD31D92CD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8809g:*:*:*:*:*:*:*", matchCriteriaId: "C47C2864-4B34-46DD-AABF-9F38B72578AC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8850h:*:*:*:*:*:*:*", matchCriteriaId: "77AFA400-C880-48AE-B32F-0AC8DF073CCB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*", matchCriteriaId: "13808A7B-9416-4D3A-9437-A6011706B072", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i9:8950hk:*:*:*:*:*:*:*", matchCriteriaId: "8F28F2C6-E1CE-4722-A496-C8AEBC7CF6E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*", matchCriteriaId: "13808A7B-9416-4D3A-9437-A6011706B072", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "7EF7EC93-0170-45A9-86C7-5460320B2AE9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "A8A7B1C2-D2CE-485A-9376-27E14F3FA05A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "4B9FF7FB-AB5A-4549-8C15-E69458C649E2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "1CEF6608-B650-4C77-9823-0AD57B3484F1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "EBAAC728-6A0F-4675-9677-AAF7DD5D38ED", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "DB3BFEFD-3D0D-48B0-A5AE-6F3C2D791CE1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "A79C2131-5566-4CC2-B6ED-38E3F6964500", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "605D7552-8184-4B11-96FD-FE501A6C97DD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "3144BBDE-CC96-4408-AA02-ECC3BF902A34", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "E7165B43-ED22-4714-8FA4-1E201D1BFA69", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "3E3E6F5F-6B82-43D9-BD6E-D22F9B991DB4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "75AD7649-3FEA-4971-9886-6C9312B937A1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "C35AA9AC-28B3-49C2-A9B5-5D26DFEDB723", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "3472AA7B-C0CF-4D65-8A6C-B1D52D27F0CB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "C07E80D5-70A5-49C9-9044-D683C7ECCFF5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "D75D0EEB-707C-4C86-A569-E91E9F00BA77", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "04DB08C8-0018-4A8E-A206-097BDDF83B08", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "B7193E85-30BE-42D5-A26B-3F88817F3574", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "2A371DF9-E224-404F-99C2-C2A4607E62D8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*", matchCriteriaId: "13808A7B-9416-4D3A-9437-A6011706B072", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w:2123:*:*:*:*:*:*:*", matchCriteriaId: "FFB069D8-C4F7-4AA2-8B58-1A7094D72D40", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w:2125:*:*:*:*:*:*:*", matchCriteriaId: "064C9D77-F224-403E-B714-89EC9DE79A83", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w:2133:*:*:*:*:*:*:*", matchCriteriaId: "C259C0B1-2075-4DC8-9C02-4EEFF9BB4A7A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w:2135:*:*:*:*:*:*:*", matchCriteriaId: "B52F8ED6-63B7-4B83-9586-4129E1E8E523", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w:2145:*:*:*:*:*:*:*", matchCriteriaId: "F915355B-1385-4329-9A7E-CE683B30C3AD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w:2155:*:*:*:*:*:*:*", matchCriteriaId: "59D83BE6-62D2-434F-AE62-EF934955000E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w:2175:*:*:*:*:*:*:*", matchCriteriaId: "04541EAF-0EC5-49C4-8B84-D97C6B376400", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w:2195:*:*:*:*:*:*:*", matchCriteriaId: "31B22944-141B-44AF-88CB-631216772968", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "E902EEC6-9A41-4FBC-8D81-891DF846A5CB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.", }, { lang: "es", value: "Un error de lógica en Intel Converged Security Management Engine 11.x podría permitir que un atacante ejecute código arbitrario mediante el acceso local privilegiado.", }, ], id: "CVE-2018-3627", lastModified: "2024-11-21T04:05:47.670", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-07-10T21:29:00.810", references: [ { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0006/", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-18 22:15
Modified
2024-11-21 04:16
Severity ?
Summary
Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CDF9B1B-4031-40EF-8516-60ABD2BBF1C0", versionEndExcluding: "11.8.70", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BB1F8A4D-A2DF-44A8-BA4F-8868107C35A0", versionEndExcluding: "12.0.45", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "219FA251-B255-4CCC-9FAE-A36C542160E0", versionEndExcluding: "13.0.10", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD17A8EA-F595-4E4E-B694-FE07544E7945", versionEndExcluding: "3.1.70", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3BCB9B3C-C83A-4563-80F6-3AA50C16A118", versionEndExcluding: "4.0.20", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.", }, { lang: "es", value: "Una comprobación de entrada insuficiente en el subsistema para Intel® CSME versiones anteriores a 11.8.70, 12.0.45 y 13.0.10; Intel® TXE versiones anteriores a 3.1.70 y 4.0.20, puede permitir a un usuario privilegiado habilitar una divulgación de información por medio de un acceso local.", }, ], id: "CVE-2019-0168", lastModified: "2024-11-21T04:16:23.760", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-18T22:15:11.847", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-06-13 16:29
Modified
2024-11-21 03:44
Severity ?
Summary
Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of privileges via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3DC5E648-8DD3-4313-BE9D-2CE595F40D91", versionEndIncluding: "11.8.50", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2A4E3031-2AB8-4CA2-9D85-55FE1F8BF7CC", versionEndIncluding: "11.11.50", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7781499E-1729-4890-901E-0A2B7EACF949", versionEndIncluding: "11.21.51", versionStartIncluding: "11.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:server_platform_services_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C9BE1C00-6AAB-4402-98B8-8D68DFF1358E", versionEndExcluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8337C6A0-41B7-417D-BD0C-B65ACD99C5FF", versionEndIncluding: "3.1.50", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of privileges via local access.", }, { lang: "es", value: "La validación de entrada insuficiente en el subsistema HECI en Intel (R) CSME anterior a la versión 11.21.55, los Servicios de plataforma de servidor Intel® anterior a la versión 4.0 y el Firmware Intel® Trusted Execution Engine anterior a la versión 3.1.55 pueden permitir que un usuario privilegiado pueda permitir la escalada de privilegios a través de acceso local.", }, ], id: "CVE-2018-12147", lastModified: "2024-11-21T03:44:39.373", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-13T16:29:00.247", references: [ { source: "secure@intel.com", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html", }, { source: "nvd@nist.gov", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html?wapkw=2018-12147", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-14 20:29
Modified
2024-11-21 03:44
Severity ?
Summary
Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89FAC2D9-E921-4F45-B786-0902B310C2A3", versionEndExcluding: "11.8.60", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB85F0E9-95F9-452C-AAAF-0C8CCCE76C59", versionEndExcluding: "11.11.60", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A44D8E6-445C-475D-BB1A-75C03AEE940B", versionEndExcluding: "11.22.60", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91671FB7-F021-4781-9CBD-E7B66727B747", versionEndExcluding: "12.0.20", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3029FF22-3BD0-41A7-BBF9-E6183DF2BD31", versionEndExcluding: "3.1.60", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "916A348F-144A-4A81-B93F-D3422A662D09", versionEndExcluding: "4.0.10", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access.", }, { lang: "es", value: "Validación de entradas incorrecta en Intel CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20; o Intel TXE, en versiones anteriores a la 3.1.60 o 4.0.10, podría permitir que un usuario no autenticado pueda modificar datos mediante acceso físico.", }, ], id: "CVE-2018-12188", lastModified: "2024-11-21T03:44:43.310", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-14T20:29:00.350", references: [ { source: "secure@intel.com", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-11 03:15
Modified
2024-11-21 07:15
Severity ?
7.2 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CF505BC6-9834-416D-8539-9EADD93D81A3", versionEndExcluding: "16.1.27", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:b660:-:*:*:*:*:*:*:*", matchCriteriaId: "2576527C-0218-491F-871E-07A60A5E1C25", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h610:-:*:*:*:*:*:*:*", matchCriteriaId: "A68DECC9-072F-43C0-90EF-02E8BBC9AE4C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h610e:-:*:*:*:*:*:*:*", matchCriteriaId: "9B973879-DE48-4461-B543-98625EABCCE4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h670:-:*:*:*:*:*:*:*", matchCriteriaId: "BCF3A230-7824-4417-B5C4-E2D30ECBE3AE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm670:-:*:*:*:*:*:*:*", matchCriteriaId: "70675897-E01D-4217-82AE-EC15AE58390E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q670:-:*:*:*:*:*:*:*", matchCriteriaId: "B3DBB4E3-B863-4333-AC01-DB21416FCB94", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q670e:-:*:*:*:*:*:*:*", matchCriteriaId: "5B479403-BA34-426F-8DB6-61303C57F268", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:r680e:-:*:*:*:*:*:*:*", matchCriteriaId: "F20D230F-E14A-4986-8746-168CC9C61AD0", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:w680:-:*:*:*:*:*:*:*", matchCriteriaId: "EF31448A-E935-4FFF-AF76-2B06EF71E229", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:wm690:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B7B7CD-63B7-4F80-A0A1-7C69F0868D1B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:z690:-:*:*:*:*:*:*:*", matchCriteriaId: "2D1C667A-A904-4707-BE7E-FF7530E0D716", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5438BCF4-5C36-458B-95B3-F55AC0C886CA", versionEndExcluding: "15.0.45", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:atom_x6200fe:-:*:*:*:*:*:*:*", matchCriteriaId: "89231773-9D9B-434A-A6A3-8527C4F6FEBB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6211e:-:*:*:*:*:*:*:*", matchCriteriaId: "A85EA674-2537-4323-AEDA-FA356489E7DE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6212re:-:*:*:*:*:*:*:*", matchCriteriaId: "F85599DD-3F80-4EB0-9753-D24EDD8D76CC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6214re:-:*:*:*:*:*:*:*", matchCriteriaId: "2D98929C-9560-40CF-8231-718B5BFF19EA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6413e:-:*:*:*:*:*:*:*", matchCriteriaId: "1B3348F4-8E2B-42BE-9F3A-48DFF5CE0047", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6414re:-:*:*:*:*:*:*:*", matchCriteriaId: "F1D7A0BC-7798-466E-B341-D371988FE6CA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6416re:-:*:*:*:*:*:*:*", matchCriteriaId: "8A8C0489-E31A-455A-AA64-3765074530F4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6425e:-:*:*:*:*:*:*:*", matchCriteriaId: "7F068F4F-8CCD-4218-871C-BEABEB0DAB55", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6425re:-:*:*:*:*:*:*:*", matchCriteriaId: "7313975C-41A5-4657-8758-1C16F947BE4C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:atom_x6427fe:-:*:*:*:*:*:*:*", matchCriteriaId: "2FBE4406-9979-4723-833C-176F051E6389", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:b560:-:*:*:*:*:*:*:*", matchCriteriaId: "9FE930AA-59F7-43A7-9FF3-363CE72A6728", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:c252:-:*:*:*:*:*:*:*", matchCriteriaId: "F6E46116-6B73-4A65-A2AB-E238678B7E48", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:c256:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F281EE-3F33-406A-8FA0-43B3AB6BC35B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j1750:-:*:*:*:*:*:*:*", matchCriteriaId: "A2F55513-48F4-44EC-9293-2CA744FCE07B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j1800:-:*:*:*:*:*:*:*", matchCriteriaId: "51D52347-FA7F-4592-99E4-4C01D2833F35", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j1850:-:*:*:*:*:*:*:*", matchCriteriaId: "82EC9A22-4893-4770-A501-31D492DC7EC3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j1900:-:*:*:*:*:*:*:*", matchCriteriaId: "744EC990-7849-4BC1-BC75-1D64693645A4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3060:-:*:*:*:*:*:*:*", matchCriteriaId: "B949F28E-5C73-4222-973E-DC39325E9268", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3160:-:*:*:*:*:*:*:*", matchCriteriaId: "132E32FD-4A52-43AF-9C0A-75F299B4C93F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3355:-:*:*:*:*:*:*:*", matchCriteriaId: "7087FCA7-6D5C-45A5-B380-533915BC608A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3355e:-:*:*:*:*:*:*:*", matchCriteriaId: "85683891-11D4-47B1-834B-5E0380351E78", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3455:-:*:*:*:*:*:*:*", matchCriteriaId: "DBF2D89D-AC2D-4EAB-ADF3-66C25FE54E19", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j3455e:-:*:*:*:*:*:*:*", matchCriteriaId: "03D778C7-F242-4A6A-9B62-A7C578D985FC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j4005:-:*:*:*:*:*:*:*", matchCriteriaId: "652EC574-B9B6-4747-AE72-39D1379A596B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j4025:-:*:*:*:*:*:*:*", matchCriteriaId: "522A9A57-B8D8-4C61-92E3-BE894A765C12", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j4105:-:*:*:*:*:*:*:*", matchCriteriaId: "A588BEB3-90B5-482E-B6C4-DC6529B0B4C4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j4125:-:*:*:*:*:*:*:*", matchCriteriaId: "826BAF04-E174-483D-8700-7FA1EAC4D555", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j6412:-:*:*:*:*:*:*:*", matchCriteriaId: "3D3162DD-BF40-4A58-8FC4-63B4455C0E51", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_j6413:-:*:*:*:*:*:*:*", matchCriteriaId: "F7A8BF58-1D33-484A-951C-808443912BE8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2805:-:*:*:*:*:*:*:*", matchCriteriaId: "04CEC115-871B-4222-A3F8-6B1EE15E9A2C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2806:-:*:*:*:*:*:*:*", matchCriteriaId: "3FD0BD9D-F741-457D-9495-8BCC3707D098", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2807:-:*:*:*:*:*:*:*", matchCriteriaId: "B2935CEA-13CE-4F4C-84B1-0318FB6FE39A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2808:-:*:*:*:*:*:*:*", matchCriteriaId: "C3BB7241-F796-44A7-8171-B555A45FF852", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2810:-:*:*:*:*:*:*:*", matchCriteriaId: "5F967E7C-E56D-46B2-AEB8-1931FA324029", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2815:-:*:*:*:*:*:*:*", matchCriteriaId: "5D902C7F-DCE8-41ED-8E80-26DA251FBF36", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2820:-:*:*:*:*:*:*:*", matchCriteriaId: "71C505E0-3548-49BD-9B53-2A588FF29144", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2830:-:*:*:*:*:*:*:*", matchCriteriaId: "5E735023-A75C-48E3-AD6B-BB29CF95B17F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2840:-:*:*:*:*:*:*:*", matchCriteriaId: "3826FEBA-0B2E-403D-9A6A-0DA02FEF9A2B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2910:-:*:*:*:*:*:*:*", matchCriteriaId: "4080CDEF-3938-44D5-9737-6A9D72DB54B7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2920:-:*:*:*:*:*:*:*", matchCriteriaId: "A77976A7-6C2D-4E0B-A28B-06A23EEA0D68", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2930:-:*:*:*:*:*:*:*", matchCriteriaId: "A5600350-04CC-4481-AC47-9F98BEB9D258", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n2940:-:*:*:*:*:*:*:*", matchCriteriaId: "A5A64D0A-D1C2-41B3-B51B-563263438CA8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3000:-:*:*:*:*:*:*:*", matchCriteriaId: "B57F4250-80C8-4612-97F6-2702D3F7DF25", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3010:-:*:*:*:*:*:*:*", matchCriteriaId: "7AA180B4-0EB8-4884-A600-BFAEB64A0A58", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3050:-:*:*:*:*:*:*:*", matchCriteriaId: "27D79952-8946-488A-8BD8-6129D97A8E34", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3060:-:*:*:*:*:*:*:*", matchCriteriaId: "6B17905A-95E2-4E60-8A0F-AA8ABAF9D523", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3150:-:*:*:*:*:*:*:*", matchCriteriaId: "752081F5-AE8D-4004-B564-863840AC52E1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3160:-:*:*:*:*:*:*:*", matchCriteriaId: "5375A75A-85AA-4119-9F6C-1AD9D2550F6B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3350:-:*:*:*:*:*:*:*", matchCriteriaId: "F5884F21-BAB5-4A45-8C72-C90D07BAECA8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3350e:-:*:*:*:*:*:*:*", matchCriteriaId: "EC2A2AC5-FA56-49F0-BA00-E96B10FEF889", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n3450:-:*:*:*:*:*:*:*", matchCriteriaId: "B8FF7ADD-9E27-4A23-9714-5B76132C20BC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4000:-:*:*:*:*:*:*:*", matchCriteriaId: "C8771AB4-2F51-494D-8C86-3524BB4219C7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4020:-:*:*:*:*:*:*:*", matchCriteriaId: "6D7E822D-994F-410D-B13C-939449FFC293", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4100:-:*:*:*:*:*:*:*", matchCriteriaId: "AB5576F2-4914-427C-9518-ED7D16630CC5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4120:-:*:*:*:*:*:*:*", matchCriteriaId: "3ABB7C52-863F-4291-A05B-422EE9615FAE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4500:-:*:*:*:*:*:*:*", matchCriteriaId: "B54D15DF-53EA-4611-932A-EDB8279F582A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n4505:-:*:*:*:*:*:*:*", matchCriteriaId: "BE7B5E21-2796-4578-998F-B03E26277DE7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n5100:-:*:*:*:*:*:*:*", matchCriteriaId: "96D6F5D3-3559-47AD-8201-C9D34417DC09", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n5105:-:*:*:*:*:*:*:*", matchCriteriaId: "AA455AC5-8434-4B59-BE89-E82CDACD2AEC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n6210:-:*:*:*:*:*:*:*", matchCriteriaId: "5D31CA93-6F45-4BCE-B504-35F6494B864C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:celeron_n6211:-:*:*:*:*:*:*:*", matchCriteriaId: "406E9139-BCFF-406B-A856-57896D27B752", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h510:-:*:*:*:*:*:*:*", matchCriteriaId: "D67C6D6B-12F3-43A6-BB8D-DFE0B6483294", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:h570:-:*:*:*:*:*:*:*", matchCriteriaId: "96F1DD9B-C078-41C5-88E0-DB7705E17742", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm570:-:*:*:*:*:*:*:*", matchCriteriaId: "9D9BD5A1-AD1F-4770-87EE-7F1804BA87A1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:hm570e:-:*:*:*:*:*:*:*", matchCriteriaId: "242BA56E-E8D0-4851-AA71-FECB9E102F87", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_j2850:-:*:*:*:*:*:*:*", matchCriteriaId: "1C43D202-D661-4042-9F68-0FA7EE73CFEE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_j2900:-:*:*:*:*:*:*:*", matchCriteriaId: "29ECACD3-E10C-4773-B847-8C1C097C45FA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_j3710:-:*:*:*:*:*:*:*", matchCriteriaId: "56C4EF86-84BF-48F4-88DE-8142A270D4A3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_j4205:-:*:*:*:*:*:*:*", matchCriteriaId: "B6585755-C56C-4910-A7D5-B2153396AC7A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_j6426:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F281-BA94-4239-8238-AA5EC804AE11", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n3510:-:*:*:*:*:*:*:*", matchCriteriaId: "A635B99E-A03F-488A-A01B-B390691EA03B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n3520:-:*:*:*:*:*:*:*", matchCriteriaId: "22EAE772-AFAC-4272-8129-B416B171490C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n3530:-:*:*:*:*:*:*:*", matchCriteriaId: "EDB3841D-3872-42BD-B0FB-E3E61813CA63", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n3540:-:*:*:*:*:*:*:*", matchCriteriaId: "C5DC1B8F-3F6C-49D8-BF5F-54146DE3E83C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n3700:-:*:*:*:*:*:*:*", matchCriteriaId: "A1A836B1-451E-4CEF-8A14-89FFB9289DD3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n3710:-:*:*:*:*:*:*:*", matchCriteriaId: "8BC51285-B40A-4BEA-9CFF-F3BC01B5BA80", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n4200:-:*:*:*:*:*:*:*", matchCriteriaId: "9A944A8C-462E-4FF9-8AD6-1687297DD0DE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n4200e:-:*:*:*:*:*:*:*", matchCriteriaId: "5378FE6C-251A-4BCD-B151-EA42B594DC37", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:pentium_n6415:-:*:*:*:*:*:*:*", matchCriteriaId: "638FA431-71EA-4668-AFF2-989A4994ED12", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:q570:-:*:*:*:*:*:*:*", matchCriteriaId: "44BCD8EB-D71A-4BD6-8D2D-AF2430F840C3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:qm580:-:*:*:*:*:*:*:*", matchCriteriaId: "61AB83BE-01F0-412B-98E9-B766884BF249", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:qm580e:-:*:*:*:*:*:*:*", matchCriteriaId: "8CDD634A-B6BA-452C-A6E0-18ADEFF81529", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:rm590e:-:*:*:*:*:*:*:*", matchCriteriaId: "E1C4E46E-5828-4EE6-9A95-8F4FE56AC156", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:w580:-:*:*:*:*:*:*:*", matchCriteriaId: "EE366EB3-BE96-4A01-9BD5-792B59163938", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:wm590:-:*:*:*:*:*:*:*", matchCriteriaId: "4158B9A6-ACBE-4A62-AA2C-9790F73C4C3C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:z590:-:*:*:*:*:*:*:*", matchCriteriaId: "89563A0F-CE7A-41C5-A8C7-9FC2D40F000A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.", }, { lang: "es", value: "La validación de entrada inadecuada en el firmware de algunos Intel(R) Converged Security and Management Engine anteriores a las versiones 15.0.45 y 16.1.27 puede permitir que un usuario con privilegios habilite potencialmente la denegación de servicio mediante acceso local.", }, ], id: "CVE-2022-38102", lastModified: "2024-11-21T07:15:47.753", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.8, source: "secure@intel.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-08-11T03:15:14.070", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", }, { source: "secure@intel.com", url: "https://security.netapp.com/advisory/ntap-20230824-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20230824-0002/", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "secure@intel.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-15 14:15
Modified
2024-11-21 04:53
Severity ?
Summary
Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2CA2E306-9AEC-4767-9738-3EF0B833F896", versionEndExcluding: "11.8.77", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "299E26BE-7DB3-4D58-9C86-7634ACA11324", versionEndExcluding: "11.12.77", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E62CE07C-7068-4FE3-9268-0A551D397597", versionEndExcluding: "11.22.77", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:undefined", matchCriteriaId: "7A86A849-7161-4EA0-B1CF-4E74A55D2E67", versionEndExcluding: "12.0.64", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "51B0E191-66BD-49B1-B745-F63006AD2A6F", versionEndExcluding: "13.0.32", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "004EE62A-979B-4D9B-928D-B2558CE79B4E", versionEndExcluding: "14.0.33", versionStartIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:14.5.11:*:*:*:*:*:*:*", matchCriteriaId: "9FB809FC-A7A5-4513-AD89-BB32DCAEF8FF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.", }, { lang: "es", value: "Unas restricciones de búfer inapropiadas en el subsistema para Intel® CSME versiones anteriores a 12.0.64, 13.0.32, 14.0.33 y 14.5.12, pueden permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios, una divulgación de información o una denegación de servicio por medio de un acceso local", }, ], id: "CVE-2020-0542", lastModified: "2024-11-21T04:53:42.333", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-15T14:15:11.127", references: [ { source: "secure@intel.com", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { source: "secure@intel.com", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-17 16:29
Modified
2024-11-21 04:16
Severity ?
Summary
Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | converged_security_management_engine_firmware | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5AC5359-A860-4A50-AA82-D811EBFE4AE4", versionEndExcluding: "12.0.35", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.", }, { lang: "es", value: "Un desbordamiento del búfer en Supsystem en Intel (R) DAL anterior a la versión 12.0.35 puede admitir que un usuario privilegiado habilite potencialmente la escalada de privilegios por medio de un acceso local.", }, ], id: "CVE-2019-0170", lastModified: "2024-11-21T04:16:24.007", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-17T16:29:02.173", references: [ { source: "secure@intel.com", url: "https://support.f5.com/csp/article/K51470205", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.f5.com/csp/article/K51470205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-17 16:29
Modified
2024-11-21 04:16
Severity ?
Summary
Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "722AC9BC-05C1-494F-893E-B9EA542CC31C", versionEndExcluding: "11.8.65", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "276FE844-3291-46A3-8CAA-7B74FEF9CCCD", versionEndExcluding: "11.11.65", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC15E3FB-F0E3-4AE2-8C91-7ED126F1C364", versionEndExcluding: "11.22.65", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CBCA8FAE-0A0E-433A-9F67-6E9F0FF90626", versionEndExcluding: "12.0.35", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0F6EB874-BC8C-4A9D-8F1F-1D3AFD0E12A2", versionEndExcluding: "3.1.65", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AC8EEE2F-6E61-4BA2-8DE8-B00A552F4DB8", versionEndExcluding: "4.0.15", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.", }, { lang: "es", value: "Vulnerabilidad de error lógico en el subsistema para Intel (R) CSME anterior a la versión 12.0.35, Intel (R) TXE anterior a 3.1.65, 4.0.15, puede permitir que un usuario no autenticado habilite potencialmente el aumento de privilegios mediante un acceso físico.", }, ], id: "CVE-2019-0098", lastModified: "2024-11-21T04:16:13.603", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-17T16:29:01.423", references: [ { source: "secure@intel.com", url: "https://support.f5.com/csp/article/K10522033", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.f5.com/csp/article/K10522033", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-18 22:15
Modified
2024-11-21 04:16
Severity ?
Summary
Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BB1F8A4D-A2DF-44A8-BA4F-8868107C35A0", versionEndExcluding: "12.0.45", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "219FA251-B255-4CCC-9FAE-A36C542160E0", versionEndExcluding: "13.0.10", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6BBE6CE-6551-47F9-970D-9C85128EBCDC", versionEndExcluding: "14.0.10", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access.", }, { lang: "es", value: "Una comprobación de entrada insuficiente en el subsistema para Intel® CSME versiones anteriores a 12.0.45,13.0.10 y 14.0.10, puede permitir a un usuario privilegiado habilitar potencialmente una denegación de servicio por medio de un acceso local.", }, ], id: "CVE-2019-0165", lastModified: "2024-11-21T04:16:23.467", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-18T22:15:11.707", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-17 16:29
Modified
2024-11-21 04:16
Severity ?
Summary
Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C492D5B7-80F3-4DD4-A792-25A154966D44", versionEndExcluding: "11.8.65", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AC86032A-A9A5-430F-95FC-EA1D5AF94019", versionEndExcluding: "11.11.65", versionStartIncluding: "11.10", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F7A7DAE-A8DE-4723-9117-0E683EF1933F", versionEndExcluding: "11.22.65", versionStartIncluding: "11.20", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1373749-02ED-41E6-B664-BF8406E67FD6", versionEndExcluding: "12.0.35", versionStartIncluding: "12.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0F6EB874-BC8C-4A9D-8F1F-1D3AFD0E12A2", versionEndExcluding: "3.1.65", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2903149E-4328-4BA6-BE5E-DC92C8D64AB0", versionEndIncluding: "4.0.15", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.", }, { lang: "es", value: "Una vulnerabilidad de control de acceso insuficiente en el programa Dynamic Application Loader para Intel (R) CSME anteriores a las versiones 11.8.65, 11.11.65, 11.22.65, 12.0.35 e Intel (R) TXE 3.1.65, 4.0.15 puede admitir que un usuario sin privilegios para habilitar potencialmente la escalada de privilegios por medio de un acceso local.", }, ], id: "CVE-2019-0086", lastModified: "2024-11-21T04:16:12.230", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-17T16:29:00.797", references: [ { source: "secure@intel.com", url: "https://danishcyberdefence.dk/blog/dal", }, { source: "secure@intel.com", url: "https://support.f5.com/csp/article/K35815741", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://danishcyberdefence.dk/blog/dal", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.f5.com/csp/article/K35815741", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-59", }, { lang: "en", value: "CWE-732", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2019-14598
Vulnerability from cvelistv5
Published
2020-02-13 18:21
Modified
2024-08-05 00:19
Severity ?
EPSS score ?
Summary
Improper Authentication in subsystem in Intel(R) CSME versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00307.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20200221-0005/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME |
Version: versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:19:41.403Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00307.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200221-0005/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME", vendor: "n/a", versions: [ { status: "affected", version: "versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10", }, ], }, ], descriptions: [ { lang: "en", value: "Improper Authentication in subsystem in Intel(R) CSME versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege, Denial of Service, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-24T16:06:03", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00307.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200221-0005/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-14598", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME", version: { version_data: [ { version_value: "versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper Authentication in subsystem in Intel(R) CSME versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege, Denial of Service, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00307.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00307.html", }, { name: "https://security.netapp.com/advisory/ntap-20200221-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200221-0005/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-14598", datePublished: "2020-02-13T18:21:27", dateReserved: "2019-08-03T00:00:00", dateUpdated: "2024-08-05T00:19:41.403Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-3643
Vulnerability from cvelistv5
Published
2018-09-12 19:00
Modified
2024-09-16 23:56
Severity ?
EPSS score ?
Summary
A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00131.html | x_refsource_CONFIRM | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20180924-0002/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) Converged Security and Management Engine (CSME) and Intel(R) Server Platform Services firmware |
Version: CSME versions before 12.0.6 or Server Platform Services firmware before version 4.x.04. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T04:50:30.381Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00131.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20180924-0002/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) Converged Security and Management Engine (CSME) and Intel(R) Server Platform Services firmware", vendor: "Intel Corporation", versions: [ { status: "affected", version: "CSME versions before 12.0.6 or Server Platform Services firmware before version 4.x.04.", }, ], }, ], datePublic: "2018-09-11T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-19T19:57:01", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00131.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20180924-0002/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2018-09-11T00:00:00", ID: "CVE-2018-3643", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) Converged Security and Management Engine (CSME) and Intel(R) Server Platform Services firmware", version: { version_data: [ { version_value: "CSME versions before 12.0.6 or Server Platform Services firmware before version 4.x.04.", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00131.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00131.html", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us", }, { name: "https://security.netapp.com/advisory/ntap-20180924-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20180924-0002/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-3643", datePublished: "2018-09-12T19:00:00Z", dateReserved: "2017-12-28T00:00:00", dateUpdated: "2024-09-16T23:56:06.333Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-3616
Vulnerability from cvelistv5
Published
2018-09-12 19:00
Modified
2024-09-16 16:53
Severity ?
EPSS score ?
Summary
Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf | x_refsource_CONFIRM | |
| https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05 | x_refsource_MISC | |
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/106996 | vdb-entry, x_refsource_BID | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20180924-0003/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) Active Management Technology |
Version: Versions before 12.0.5. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T04:50:30.382Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", }, { name: "106996", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106996", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) Active Management Technology", vendor: "Intel Corporation", versions: [ { status: "affected", version: "Versions before 12.0.5.", }, ], }, ], datePublic: "2018-09-11T00:00:00", descriptions: [ { lang: "en", value: "Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-02-25T22:57:01", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", }, { name: "106996", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106996", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2018-09-11T00:00:00", ID: "CVE-2018-3616", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) Active Management Technology", version: { version_data: [ { version_value: "Versions before 12.0.5.", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", }, { name: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", }, { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", }, { name: "106996", refsource: "BID", url: "http://www.securityfocus.com/bid/106996", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", }, { name: "https://security.netapp.com/advisory/ntap-20180924-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-3616", datePublished: "2018-09-12T19:00:00Z", dateReserved: "2017-12-28T00:00:00", dateUpdated: "2024-09-16T16:53:35.507Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-0170
Vulnerability from cvelistv5
Published
2019-05-17 15:41
Modified
2024-08-04 17:44
Severity ?
EPSS score ?
Summary
Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html | x_refsource_MISC | |
| https://support.f5.com/csp/article/K51470205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Dynamic Application Loader (DAL) |
Version: Versions before 12.0.35. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:44:14.679Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K51470205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) Dynamic Application Loader (DAL)", vendor: "n/a", versions: [ { status: "affected", version: "Versions before 12.0.35.", }, ], }, ], descriptions: [ { lang: "en", value: "Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-20T16:06:03", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K51470205", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-0170", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) Dynamic Application Loader (DAL)", version: { version_data: [ { version_value: "Versions before 12.0.35.", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, { name: "https://support.f5.com/csp/article/K51470205", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K51470205", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-0170", datePublished: "2019-05-17T15:41:38", dateReserved: "2018-11-13T00:00:00", dateUpdated: "2024-08-04T17:44:14.679Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-36392
Vulnerability from cvelistv5
Published
2023-08-11 02:36
Modified
2025-02-13 16:32
Severity ?
EPSS score ?
Summary
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) AMT and Intel(R) Standard Manageability in Intel (R) CSME |
Version: before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:00:04.315Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", tags: [ "x_transferred", ], url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230824-0002/", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:intel_and_intel_standard_manageability_in_intel_csme:intel_and_intel_standard_manageability_in_intel_csme:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "intel_and_intel_standard_manageability_in_intel_csme", vendor: "intel_and_intel_standard_manageability_in_intel_csme", versions: [ { lessThan: "11.8.94", status: "affected", version: "0", versionType: "custom", }, { lessThan: "11.12.94", status: "affected", version: "0", versionType: "custom", }, { lessThan: "11.22.94", status: "affected", version: "0", versionType: "custom", }, { lessThan: "12.0.93", status: "affected", version: "0", versionType: "custom", }, { lessThan: "14.1.70", status: "affected", version: "0", versionType: "custom", }, { lessThan: "15.0.45", status: "affected", version: "0", versionType: "custom", }, { lessThan: "16.1.27", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2022-36392", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-17T14:10:42.676462Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-116", description: "CWE-116 Improper Encoding or Escaping of Output", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-17T14:16:02.976Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Intel(R) AMT and Intel(R) Standard Manageability in Intel (R) CSME", vendor: "n/a", versions: [ { status: "affected", version: "before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27", }, ], }, ], descriptions: [ { lang: "en", value: "Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "denial of service", lang: "en", }, { cweId: "CWE-20", description: "Improper input validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-24T18:06:15.943Z", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { name: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", }, { url: "https://security.netapp.com/advisory/ntap-20230824-0002/", }, ], }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2022-36392", datePublished: "2023-08-11T02:36:55.653Z", dateReserved: "2022-07-24T03:00:08.597Z", dateUpdated: "2025-02-13T16:32:48.992Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-3658
Vulnerability from cvelistv5
Published
2018-09-12 19:00
Modified
2024-09-16 22:35
Severity ?
EPSS score ?
Summary
Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf | x_refsource_CONFIRM | |
| https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05 | x_refsource_MISC | |
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/106996 | vdb-entry, x_refsource_BID | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20180924-0003/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) Active Management Technology |
Version: Versions before 12.0.5. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T04:50:30.323Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", }, { name: "106996", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106996", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) Active Management Technology", vendor: "Intel Corporation", versions: [ { status: "affected", version: "Versions before 12.0.5.", }, ], }, ], datePublic: "2018-09-11T00:00:00", descriptions: [ { lang: "en", value: "Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-02-25T22:57:01", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", }, { name: "106996", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106996", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2018-09-11T00:00:00", ID: "CVE-2018-3658", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) Active Management Technology", version: { version_data: [ { version_value: "Versions before 12.0.5.", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", }, { name: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", }, { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", }, { name: "106996", refsource: "BID", url: "http://www.securityfocus.com/bid/106996", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", }, { name: "https://security.netapp.com/advisory/ntap-20180924-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-3658", datePublished: "2018-09-12T19:00:00Z", dateReserved: "2017-12-28T00:00:00", dateUpdated: "2024-09-16T22:35:54.845Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-0168
Vulnerability from cvelistv5
Published
2019-12-18 21:08
Modified
2024-08-04 17:44
Severity ?
EPSS score ?
Summary
Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME, Intel(R) TXE |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:44:14.648Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME, Intel(R) TXE", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege, Denial of Service, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-18T21:08:56", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-0168", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME, Intel(R) TXE", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege, Denial of Service, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-0168", datePublished: "2019-12-18T21:08:56", dateReserved: "2018-11-13T00:00:00", dateUpdated: "2024-08-04T17:44:14.648Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-12147
Vulnerability from cvelistv5
Published
2019-06-13 15:36
Modified
2024-08-05 08:30
Severity ?
EPSS score ?
Summary
Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of privileges via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME Assets Advisory |
Version: before 11.21.55 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:30:57.475Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME Assets Advisory", vendor: "n/a", versions: [ { status: "affected", version: "before 11.21.55", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of privileges via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-24T15:22:31", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2018-12147", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME Assets Advisory", version: { version_data: [ { version_value: "before 11.21.55", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of privileges via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-12147", datePublished: "2019-06-13T15:36:24", dateReserved: "2018-06-11T00:00:00", dateUpdated: "2024-08-05T08:30:57.475Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-0541
Vulnerability from cvelistv5
Published
2020-06-15 13:59
Modified
2024-08-04 06:02
Severity ?
EPSS score ?
Summary
Out-of-bounds write in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow a privileged user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20200611-0006/ | x_refsource_CONFIRM | |
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html | x_refsource_MISC | |
| https://support.lenovo.com/de/en/product_security/len-30041 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:02:52.246Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Out-of-bounds write in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow a privileged user to potentially enable escalation of privilege via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-22T13:29:38", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_MISC", ], url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2020-0541", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Out-of-bounds write in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow a privileged user to potentially enable escalation of privilege via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { name: "https://security.netapp.com/advisory/ntap-20200611-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { name: "https://support.lenovo.com/de/en/product_security/len-30041", refsource: "MISC", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2020-0541", datePublished: "2020-06-15T13:59:31", dateReserved: "2019-10-28T00:00:00", dateUpdated: "2024-08-04T06:02:52.246Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-29871
Vulnerability from cvelistv5
Published
2023-08-11 02:36
Modified
2025-02-13 16:32
Severity ?
EPSS score ?
Summary
Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME software installer |
Version: before version 2239.3.7.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:33:43.005Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", tags: [ "x_transferred", ], url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230824-0002/", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:intel_csme_software_installer:intel_csme_software_installer:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "intel_csme_software_installer", vendor: "intel_csme_software_installer", versions: [ { lessThan: "2239.3.7.0", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2022-29871", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-17T14:06:56.386725Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-863", description: "CWE-863 Incorrect Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-17T14:09:21.753Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Intel(R) CSME software installer", vendor: "n/a", versions: [ { status: "affected", version: "before version 2239.3.7.0", }, ], }, ], descriptions: [ { lang: "en", value: "Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "escalation of privilege", lang: "en", }, { cweId: "CWE-284", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-24T18:06:12.629Z", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { name: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", }, { url: "https://security.netapp.com/advisory/ntap-20230824-0002/", }, ], }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2022-29871", datePublished: "2023-08-11T02:36:56.839Z", dateReserved: "2022-06-19T03:00:05.127Z", dateUpdated: "2025-02-13T16:32:40.219Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-12191
Vulnerability from cvelistv5
Published
2019-03-14 20:00
Modified
2024-09-16 22:09
Severity ?
EPSS score ?
Summary
Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190318-0001/ | x_refsource_CONFIRM | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology |
Version: Multiple versions. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:30:59.792Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", vendor: "Intel Corporation", versions: [ { status: "affected", version: "Multiple versions.", }, ], }, ], datePublic: "2019-03-12T00:00:00", descriptions: [ { lang: "en", value: "Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-04T21:06:06", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2019-03-12T00:00:00", ID: "CVE-2018-12191", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", version: { version_data: [ { version_value: "Multiple versions.", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { name: "https://security.netapp.com/advisory/ntap-20190318-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-12191", datePublished: "2019-03-14T20:00:00Z", dateReserved: "2018-06-11T00:00:00", dateUpdated: "2024-09-16T22:09:10.253Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-3659
Vulnerability from cvelistv5
Published
2018-09-12 19:00
Modified
2024-09-17 02:20
Severity ?
EPSS score ?
Summary
A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may allow an unauthenticated user to potentially disclose information via physical access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00142.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20180924-0003/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) Platform Trust Technology (PTT) |
Version: Before version 12.0.5. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T04:50:30.385Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00142.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) Platform Trust Technology (PTT)", vendor: "Intel Corporation", versions: [ { status: "affected", version: "Before version 12.0.5.", }, ], }, ], datePublic: "2018-09-11T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may allow an unauthenticated user to potentially disclose information via physical access.", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-09-25T09:57:01", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00142.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2018-09-11T00:00:00", ID: "CVE-2018-3659", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) Platform Trust Technology (PTT)", version: { version_data: [ { version_value: "Before version 12.0.5.", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may allow an unauthenticated user to potentially disclose information via physical access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00142.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00142.html", }, { name: "https://security.netapp.com/advisory/ntap-20180924-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-3659", datePublished: "2018-09-12T19:00:00Z", dateReserved: "2017-12-28T00:00:00", dateUpdated: "2024-09-17T02:20:51.669Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-11108
Vulnerability from cvelistv5
Published
2019-12-18 21:10
Modified
2024-08-04 22:48
Severity ?
EPSS score ?
Summary
Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:48:08.111Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege, Denial of Service, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-18T21:10:20", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-11108", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege, Denial of Service, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-11108", datePublished: "2019-12-18T21:10:20", dateReserved: "2019-04-11T00:00:00", dateUpdated: "2024-08-04T22:48:08.111Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-12199
Vulnerability from cvelistv5
Published
2019-03-14 20:00
Modified
2024-09-16 23:51
Severity ?
EPSS score ?
Summary
Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190318-0001/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology |
Version: Multiple versions. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:30:58.791Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", vendor: "Intel Corporation", versions: [ { status: "affected", version: "Multiple versions.", }, ], }, ], datePublic: "2019-03-12T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-18T06:06:06", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2019-03-12T00:00:00", ID: "CVE-2018-12199", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", version: { version_data: [ { version_value: "Multiple versions.", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { name: "https://security.netapp.com/advisory/ntap-20190318-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-12199", datePublished: "2019-03-14T20:00:00Z", dateReserved: "2018-06-11T00:00:00", dateUpdated: "2024-09-16T23:51:24.944Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-0098
Vulnerability from cvelistv5
Published
2019-05-17 15:41
Modified
2024-08-04 17:37
Severity ?
EPSS score ?
Summary
Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html | x_refsource_MISC | |
| https://support.f5.com/csp/article/K10522033 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Converged Security & Management Engine (CSME), Intel (R) Trusted Execution Engine Interface (TXE) |
Version: Versions before Intel (R) CSME 12.0.35 and Intel(R) TXE before 3.1.65, 4.0.15. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:37:07.822Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K10522033", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) Converged Security & Management Engine (CSME), Intel (R) Trusted Execution Engine Interface (TXE)", vendor: "n/a", versions: [ { status: "affected", version: "Versions before Intel (R) CSME 12.0.35 and Intel(R) TXE before 3.1.65, 4.0.15.", }, ], }, ], descriptions: [ { lang: "en", value: "Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-20T00:06:07", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K10522033", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-0098", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) Converged Security & Management Engine (CSME), Intel (R) Trusted Execution Engine Interface (TXE)", version: { version_data: [ { version_value: "Versions before Intel (R) CSME 12.0.35 and Intel(R) TXE before 3.1.65, 4.0.15.", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, { name: "https://support.f5.com/csp/article/K10522033", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K10522033", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-0098", datePublished: "2019-05-17T15:41:38", dateReserved: "2018-11-13T00:00:00", dateUpdated: "2024-08-04T17:37:07.822Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-12185
Vulnerability from cvelistv5
Published
2019-03-14 20:00
Modified
2024-09-16 22:25
Severity ?
EPSS score ?
Summary
Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physical access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190318-0001/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology |
Version: Multiple versions. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:30:59.401Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", vendor: "Intel Corporation", versions: [ { status: "affected", version: "Multiple versions.", }, ], }, ], datePublic: "2019-03-12T00:00:00", descriptions: [ { lang: "en", value: "Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physical access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-18T06:06:07", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2019-03-12T00:00:00", ID: "CVE-2018-12185", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", version: { version_data: [ { version_value: "Multiple versions.", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physical access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { name: "https://security.netapp.com/advisory/ntap-20190318-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-12185", datePublished: "2019-03-14T20:00:00Z", dateReserved: "2018-06-11T00:00:00", dateUpdated: "2024-09-16T22:25:36.918Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38102
Vulnerability from cvelistv5
Published
2023-08-11 02:36
Modified
2025-02-13 16:32
Severity ?
EPSS score ?
Summary
Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Converged Security and Management Engine |
Version: before versions 15.0.45, and 16.1.27 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:45:52.250Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", tags: [ "x_transferred", ], url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230824-0002/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-38102", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-02T13:58:08.283746Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-02T14:04:14.898Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Intel(R) Converged Security and Management Engine", vendor: "n/a", versions: [ { status: "affected", version: "before versions 15.0.45, and 16.1.27", }, ], }, ], descriptions: [ { lang: "en", value: "Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "denial of service", lang: "en", }, { cweId: "CWE-20", description: "Improper Input validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-24T18:06:14.244Z", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { name: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html", }, { url: "https://security.netapp.com/advisory/ntap-20230824-0002/", }, ], }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2022-38102", datePublished: "2023-08-11T02:36:56.232Z", dateReserved: "2022-08-19T03:00:38.763Z", dateUpdated: "2025-02-13T16:32:58.515Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-0536
Vulnerability from cvelistv5
Published
2020-06-15 14:00
Modified
2024-08-04 06:02
Severity ?
EPSS score ?
Summary
Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and Intel(R) TXE versions before 3.1.75 and 4.0.25 may allow an unauthenticated user to potentially enable information disclosure via network access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20200611-0006/ | x_refsource_CONFIRM | |
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html | x_refsource_MISC | |
| https://support.lenovo.com/de/en/product_security/len-30041 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:02:52.338Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and Intel(R) TXE versions before 3.1.75 and 4.0.25 may allow an unauthenticated user to potentially enable information disclosure via network access.", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-22T13:44:22", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_MISC", ], url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2020-0536", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and Intel(R) TXE versions before 3.1.75 and 4.0.25 may allow an unauthenticated user to potentially enable information disclosure via network access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { name: "https://security.netapp.com/advisory/ntap-20200611-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { name: "https://support.lenovo.com/de/en/product_security/len-30041", refsource: "MISC", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2020-0536", datePublished: "2020-06-15T14:00:25", dateReserved: "2019-10-28T00:00:00", dateUpdated: "2024-08-04T06:02:52.338Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-0153
Vulnerability from cvelistv5
Published
2019-05-17 15:41
Modified
2024-08-04 17:44
Severity ?
EPSS score ?
Summary
Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html | x_refsource_MISC | |
| https://support.f5.com/csp/article/K71265658 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Converged Security & Management Engine (CSME) |
Version: Versions before 12.0.35. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:44:14.769Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K71265658", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) Converged Security & Management Engine (CSME)", vendor: "n/a", versions: [ { status: "affected", version: "Versions before 12.0.35.", }, ], }, ], descriptions: [ { lang: "en", value: "Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-20T00:06:07", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K71265658", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-0153", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) Converged Security & Management Engine (CSME)", version: { version_data: [ { version_value: "Versions before 12.0.35.", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, { name: "https://support.f5.com/csp/article/K71265658", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K71265658", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-0153", datePublished: "2019-05-17T15:41:38", dateReserved: "2018-11-13T00:00:00", dateUpdated: "2024-08-04T17:44:14.769Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-12188
Vulnerability from cvelistv5
Published
2019-03-14 20:00
Modified
2024-09-17 02:06
Severity ?
EPSS score ?
Summary
Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190318-0001/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology |
Version: Multiple versions. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:30:59.469Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", vendor: "Intel Corporation", versions: [ { status: "affected", version: "Multiple versions.", }, ], }, ], datePublic: "2019-03-12T00:00:00", descriptions: [ { lang: "en", value: "Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-18T06:06:07", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2019-03-12T00:00:00", ID: "CVE-2018-12188", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", version: { version_data: [ { version_value: "Multiple versions.", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { name: "https://security.netapp.com/advisory/ntap-20190318-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-12188", datePublished: "2019-03-14T20:00:00Z", dateReserved: "2018-06-11T00:00:00", dateUpdated: "2024-09-17T02:06:05.157Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-11104
Vulnerability from cvelistv5
Published
2019-12-18 21:08
Modified
2024-08-04 22:48
Severity ?
EPSS score ?
Summary
Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:48:07.456Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-18T21:08:17", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-11104", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-11104", datePublished: "2019-12-18T21:08:17", dateReserved: "2019-04-11T00:00:00", dateUpdated: "2024-08-04T22:48:07.456Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-12208
Vulnerability from cvelistv5
Published
2019-03-14 20:00
Modified
2024-09-17 00:16
Severity ?
EPSS score ?
Summary
Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190318-0001/ | x_refsource_CONFIRM | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology |
Version: Multiple versions. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:30:59.094Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", vendor: "Intel Corporation", versions: [ { status: "affected", version: "Multiple versions.", }, ], }, ], datePublic: "2019-03-12T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-04T21:06:06", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2019-03-12T00:00:00", ID: "CVE-2018-12208", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", version: { version_data: [ { version_value: "Multiple versions.", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { name: "https://security.netapp.com/advisory/ntap-20190318-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-12208", datePublished: "2019-03-14T20:00:00Z", dateReserved: "2018-06-11T00:00:00", dateUpdated: "2024-09-17T00:16:21.349Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-12196
Vulnerability from cvelistv5
Published
2019-03-14 20:00
Modified
2024-09-16 17:04
Severity ?
EPSS score ?
Summary
Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190318-0001/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology |
Version: Multiple versions. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:30:59.801Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", vendor: "Intel Corporation", versions: [ { status: "affected", version: "Multiple versions.", }, ], }, ], datePublic: "2019-03-12T00:00:00", descriptions: [ { lang: "en", value: "Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-18T06:06:06", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2019-03-12T00:00:00", ID: "CVE-2018-12196", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", version: { version_data: [ { version_value: "Multiple versions.", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { name: "https://security.netapp.com/advisory/ntap-20190318-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-12196", datePublished: "2019-03-14T20:00:00Z", dateReserved: "2018-06-11T00:00:00", dateUpdated: "2024-09-16T17:04:17.378Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-3657
Vulnerability from cvelistv5
Published
2018-09-12 19:00
Modified
2024-09-16 20:01
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf | x_refsource_CONFIRM | |
| https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05 | x_refsource_MISC | |
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/106996 | vdb-entry, x_refsource_BID | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20180924-0003/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) Active Management Technology |
Version: Versions before version 12.0.5. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T04:50:30.304Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", }, { name: "106996", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106996", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) Active Management Technology", vendor: "Intel Corporation", versions: [ { status: "affected", version: "Versions before version 12.0.5.", }, ], }, ], datePublic: "2018-09-11T00:00:00", descriptions: [ { lang: "en", value: "Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-02-25T22:57:01", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", }, { name: "106996", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106996", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2018-09-11T00:00:00", ID: "CVE-2018-3657", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) Active Management Technology", version: { version_data: [ { version_value: "Versions before version 12.0.5.", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf", }, { name: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05", }, { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html", }, { name: "106996", refsource: "BID", url: "http://www.securityfocus.com/bid/106996", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us", }, { name: "https://security.netapp.com/advisory/ntap-20180924-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-3657", datePublished: "2018-09-12T19:00:00Z", dateReserved: "2017-12-28T00:00:00", dateUpdated: "2024-09-16T20:01:21.908Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-11103
Vulnerability from cvelistv5
Published
2019-12-18 21:08
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:40:16.327Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege, Denial of Service, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-18T21:08:27", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-11103", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege, Denial of Service, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-11103", datePublished: "2019-12-18T21:08:27", dateReserved: "2019-04-11T00:00:00", dateUpdated: "2024-08-04T22:40:16.327Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-11105
Vulnerability from cvelistv5
Published
2019-12-18 21:07
Modified
2024-08-04 22:48
Severity ?
EPSS score ?
Summary
Logic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13.0.10 and 14.0.10 may allow a privileged user to potentially enable escalation of privilege and information disclosure via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:48:08.334Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Logic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13.0.10 and 14.0.10 may allow a privileged user to potentially enable escalation of privilege and information disclosure via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-18T21:07:58", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-11105", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Logic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13.0.10 and 14.0.10 may allow a privileged user to potentially enable escalation of privilege and information disclosure via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-11105", datePublished: "2019-12-18T21:07:58", dateReserved: "2019-04-11T00:00:00", dateUpdated: "2024-08-04T22:48:08.334Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-11106
Vulnerability from cvelistv5
Published
2019-12-18 21:09
Modified
2024-08-04 22:48
Severity ?
EPSS score ?
Summary
Insufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:48:08.645Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege, Denial of Service, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-18T21:09:36", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-11106", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege, Denial of Service, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-11106", datePublished: "2019-12-18T21:09:36", dateReserved: "2019-04-11T00:00:00", dateUpdated: "2024-08-04T22:48:08.645Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-0545
Vulnerability from cvelistv5
Published
2020-06-15 14:00
Modified
2024-08-04 06:02
Severity ?
EPSS score ?
Summary
Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0, SPS_E3_04.01.04.109.0, SPS_E3_04.08.04.070.0 may allow a privileged user to potentially enable denial of service via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20200611-0006/ | x_refsource_CONFIRM | |
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html | x_refsource_MISC | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10321 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf | x_refsource_CONFIRM | |
| https://support.lenovo.com/de/en/product_security/len-30041 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME, Intel(R) TXE, and Intel(R) SPS |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:02:52.340Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10321", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME, Intel(R) TXE, and Intel(R) SPS", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0, SPS_E3_04.01.04.109.0, SPS_E3_04.08.04.070.0 may allow a privileged user to potentially enable denial of service via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-22T13:46:14", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10321", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2020-0545", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME, Intel(R) TXE, and Intel(R) SPS", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0, SPS_E3_04.01.04.109.0, SPS_E3_04.08.04.070.0 may allow a privileged user to potentially enable denial of service via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { name: "https://security.netapp.com/advisory/ntap-20200611-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10321", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10321", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf", }, { name: "https://support.lenovo.com/de/en/product_security/len-30041", refsource: "MISC", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2020-0545", datePublished: "2020-06-15T14:00:40", dateReserved: "2019-10-28T00:00:00", dateUpdated: "2024-08-04T06:02:52.340Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-12190
Vulnerability from cvelistv5
Published
2019-03-14 20:00
Modified
2024-09-16 17:54
Severity ?
EPSS score ?
Summary
Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190318-0001/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology |
Version: Multiple versions. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:30:59.514Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", vendor: "Intel Corporation", versions: [ { status: "affected", version: "Multiple versions.", }, ], }, ], datePublic: "2019-03-12T00:00:00", descriptions: [ { lang: "en", value: "Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-29T19:15:27", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2019-03-12T00:00:00", ID: "CVE-2018-12190", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", version: { version_data: [ { version_value: "Multiple versions.", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { name: "https://security.netapp.com/advisory/ntap-20190318-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-12190", datePublished: "2019-03-14T20:00:00Z", dateReserved: "2018-06-11T00:00:00", dateUpdated: "2024-09-16T17:54:51.459Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-11087
Vulnerability from cvelistv5
Published
2019-12-18 21:09
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME, Intel(R) TXE |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:40:16.318Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME, Intel(R) TXE", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege, Denial of Service, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-18T21:09:04", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-11087", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME, Intel(R) TXE", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege, Denial of Service, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-11087", datePublished: "2019-12-18T21:09:04", dateReserved: "2019-04-11T00:00:00", dateUpdated: "2024-08-04T22:40:16.318Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-3627
Vulnerability from cvelistv5
Published
2018-07-10 21:00
Modified
2024-08-05 04:50
Severity ?
EPSS score ?
Summary
Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190327-0006/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel Converged Security Management Engine (Intel CSME) |
Version: 11.x |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T04:50:30.378Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190327-0006/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel Converged Security Management Engine (Intel CSME)", vendor: "Intel Corporation", versions: [ { status: "affected", version: "11.x", }, ], }, ], datePublic: "2018-07-10T00:00:00", descriptions: [ { lang: "en", value: "Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-27T18:06:08", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190327-0006/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2018-3627", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel Converged Security Management Engine (Intel CSME)", version: { version_data: [ { version_value: "11.x", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html", }, { name: "https://security.netapp.com/advisory/ntap-20190327-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190327-0006/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-3627", datePublished: "2018-07-10T21:00:00", dateReserved: "2017-12-28T00:00:00", dateUpdated: "2024-08-05T04:50:30.378Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-0542
Vulnerability from cvelistv5
Published
2020-06-15 13:57
Modified
2024-08-04 06:02
Severity ?
EPSS score ?
Summary
Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20200611-0006/ | x_refsource_CONFIRM | |
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html | x_refsource_MISC | |
| https://support.lenovo.com/de/en/product_security/len-30041 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:02:52.336Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege, Denial of Service, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-22T13:16:14", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_MISC", ], url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2020-0542", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege, Denial of Service, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { name: "https://security.netapp.com/advisory/ntap-20200611-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { name: "https://support.lenovo.com/de/en/product_security/len-30041", refsource: "MISC", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2020-0542", datePublished: "2020-06-15T13:57:47", dateReserved: "2019-10-28T00:00:00", dateUpdated: "2024-08-04T06:02:52.336Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-0086
Vulnerability from cvelistv5
Published
2019-05-17 15:41
Modified
2024-08-04 17:37
Severity ?
EPSS score ?
Summary
Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html | x_refsource_MISC | |
| https://support.f5.com/csp/article/K35815741 | x_refsource_CONFIRM | |
| https://danishcyberdefence.dk/blog/dal | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Converged Security & Management Engine (CSME) Dynamic Application Loader, Intel (R) Trusted Execution Engine Interface (TXE) |
Version: Versions before CSME 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:37:07.698Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K35815741", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://danishcyberdefence.dk/blog/dal", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) Converged Security & Management Engine (CSME) Dynamic Application Loader, Intel (R) Trusted Execution Engine Interface (TXE)", vendor: "n/a", versions: [ { status: "affected", version: "Versions before CSME 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15.", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-01-23T21:10:54", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K35815741", }, { tags: [ "x_refsource_MISC", ], url: "https://danishcyberdefence.dk/blog/dal", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-0086", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) Converged Security & Management Engine (CSME) Dynamic Application Loader, Intel (R) Trusted Execution Engine Interface (TXE)", version: { version_data: [ { version_value: "Versions before CSME 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15.", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", }, { name: "https://support.f5.com/csp/article/K35815741", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K35815741", }, { name: "https://danishcyberdefence.dk/blog/dal", refsource: "MISC", url: "https://danishcyberdefence.dk/blog/dal", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-0086", datePublished: "2019-05-17T15:41:38", dateReserved: "2018-11-13T00:00:00", dateUpdated: "2024-08-04T17:37:07.698Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-12189
Vulnerability from cvelistv5
Published
2019-03-14 20:00
Modified
2024-09-16 18:24
Severity ?
EPSS score ?
Summary
Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190318-0001/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology |
Version: Multiple versions. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:30:59.375Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", vendor: "Intel Corporation", versions: [ { status: "affected", version: "Multiple versions.", }, ], }, ], datePublic: "2019-03-12T00:00:00", descriptions: [ { lang: "en", value: "Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-18T06:06:06", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2019-03-12T00:00:00", ID: "CVE-2018-12189", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", version: { version_data: [ { version_value: "Multiple versions.", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { name: "https://security.netapp.com/advisory/ntap-20190318-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-12189", datePublished: "2019-03-14T20:00:00Z", dateReserved: "2018-06-11T00:00:00", dateUpdated: "2024-09-16T18:24:24.087Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-11110
Vulnerability from cvelistv5
Published
2019-12-18 21:10
Modified
2024-08-04 22:48
Severity ?
EPSS score ?
Summary
Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME, Intel(R) TXE |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:48:07.449Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME, Intel(R) TXE", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege, Denial of Service, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-18T21:10:03", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-11110", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME, Intel(R) TXE", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege, Denial of Service, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-11110", datePublished: "2019-12-18T21:10:03", dateReserved: "2019-04-11T00:00:00", dateUpdated: "2024-08-04T22:48:07.449Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-0169
Vulnerability from cvelistv5
Published
2019-12-18 21:07
Modified
2024-08-04 17:44
Severity ?
EPSS score ?
Summary
Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) TXE |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:44:14.755Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) TXE", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege, Denial of Service, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-11T11:06:01", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-0169", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) TXE", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege, Denial of Service, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-0169", datePublished: "2019-12-18T21:07:38", dateReserved: "2018-11-13T00:00:00", dateUpdated: "2024-08-04T17:44:14.755Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-0165
Vulnerability from cvelistv5
Published
2019-12-18 21:08
Modified
2024-08-04 17:44
Severity ?
EPSS score ?
Summary
Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:44:14.681Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-18T21:08:44", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-0165", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-0165", datePublished: "2019-12-18T21:08:44", dateReserved: "2018-11-13T00:00:00", dateUpdated: "2024-08-04T17:44:14.681Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-3655
Vulnerability from cvelistv5
Published
2018-09-12 19:00
Modified
2024-09-17 02:41
Severity ?
EPSS score ?
Summary
A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html | x_refsource_CONFIRM | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20180924-0003/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) CSME before version 11.21.55, Intel(R) Server Platform Services before version 4.0 and Intel(R) Trusted Execution Engine Firmware |
Version: Versions before 11.21.55, 4.0 and 3.1.55. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T04:50:30.609Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME before version 11.21.55, Intel(R) Server Platform Services before version 4.0 and Intel(R) Trusted Execution Engine Firmware", vendor: "Intel Corporation", versions: [ { status: "affected", version: "Versions before 11.21.55, 4.0 and 3.1.55.", }, ], }, ], datePublic: "2018-09-11T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-09-25T09:57:01", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2018-09-11T00:00:00", ID: "CVE-2018-3655", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME before version 11.21.55, Intel(R) Server Platform Services before version 4.0 and Intel(R) Trusted Execution Engine Firmware", version: { version_data: [ { version_value: "Versions before 11.21.55, 4.0 and 3.1.55.", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us", }, { name: "https://security.netapp.com/advisory/ntap-20180924-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20180924-0003/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-3655", datePublished: "2018-09-12T19:00:00Z", dateReserved: "2017-12-28T00:00:00", dateUpdated: "2024-09-17T02:41:44.716Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-0534
Vulnerability from cvelistv5
Published
2020-06-15 13:58
Modified
2024-08-04 06:02
Severity ?
EPSS score ?
Summary
Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an unauthenticated user to potentially enable denial of service via network access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20200611-0006/ | x_refsource_CONFIRM | |
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html | x_refsource_MISC | |
| https://support.lenovo.com/de/en/product_security/len-30041 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:02:52.301Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an unauthenticated user to potentially enable denial of service via network access.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-22T13:27:19", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_MISC", ], url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2020-0534", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an unauthenticated user to potentially enable denial of service via network access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { name: "https://security.netapp.com/advisory/ntap-20200611-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { name: "https://support.lenovo.com/de/en/product_security/len-30041", refsource: "MISC", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2020-0534", datePublished: "2020-06-15T13:58:41", dateReserved: "2019-10-28T00:00:00", dateUpdated: "2024-08-04T06:02:52.301Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-12192
Vulnerability from cvelistv5
Published
2019-03-14 20:00
Modified
2024-09-16 18:49
Severity ?
EPSS score ?
Summary
Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190318-0001/ | x_refsource_CONFIRM | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology |
Version: Multiple versions. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:30:58.444Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", vendor: "Intel Corporation", versions: [ { status: "affected", version: "Multiple versions.", }, ], }, ], datePublic: "2019-03-12T00:00:00", descriptions: [ { lang: "en", value: "Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-04T21:06:06", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", DATE_PUBLIC: "2019-03-12T00:00:00", ID: "CVE-2018-12192", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", version: { version_data: [ { version_value: "Multiple versions.", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", }, { name: "https://security.netapp.com/advisory/ntap-20190318-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190318-0001/", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-12192", datePublished: "2019-03-14T20:00:00Z", dateReserved: "2018-06-11T00:00:00", dateUpdated: "2024-09-16T18:49:38.184Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-0533
Vulnerability from cvelistv5
Published
2020-06-15 13:58
Modified
2024-08-04 06:02
Severity ?
EPSS score ?
Summary
Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20200611-0006/ | x_refsource_CONFIRM | |
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html | x_refsource_MISC | |
| https://support.lenovo.com/de/en/product_security/len-30041 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:02:52.295Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-22T13:34:51", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_MISC", ], url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2020-0533", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { name: "https://security.netapp.com/advisory/ntap-20200611-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { name: "https://support.lenovo.com/de/en/product_security/len-30041", refsource: "MISC", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2020-0533", datePublished: "2020-06-15T13:58:52", dateReserved: "2019-10-28T00:00:00", dateUpdated: "2024-08-04T06:02:52.295Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-11147
Vulnerability from cvelistv5
Published
2019-12-18 21:07
Modified
2024-08-04 22:48
Severity ?
EPSS score ?
Summary
Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL-SA-00125 Detection Tool version 1.0.45.0 or before may allow an authenticated user to potentially enable escalation of privilege via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:48:08.828Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL-SA-00125 Detection Tool version 1.0.45.0 or before may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege, Denial of Service, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-18T21:07:52", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-11147", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL-SA-00125 Detection Tool version 1.0.45.0 or before may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege, Denial of Service, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-11147", datePublished: "2019-12-18T21:07:52", dateReserved: "2019-04-11T00:00:00", dateUpdated: "2024-08-04T22:48:08.828Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-11101
Vulnerability from cvelistv5
Published
2019-12-18 21:09
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) CSME, Intel(R) TXE |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:40:16.376Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) CSME, Intel(R) TXE", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege, Denial of Service, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-18T21:09:13", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2019-11101", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) CSME, Intel(R) TXE", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege, Denial of Service, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2019-11101", datePublished: "2019-12-18T21:09:13", dateReserved: "2019-04-11T00:00:00", dateUpdated: "2024-08-04T22:40:16.376Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-0539
Vulnerability from cvelistv5
Published
2020-06-15 14:01
Modified
2024-08-04 06:02
Severity ?
EPSS score ?
Summary
Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20200611-0006/ | x_refsource_CONFIRM | |
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html | x_refsource_MISC | |
| https://support.lenovo.com/de/en/product_security/len-30041 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) AMT and Intel(R) CSME |
Version: See provided reference |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:02:52.348Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) AMT and Intel(R) CSME", vendor: "n/a", versions: [ { status: "affected", version: "See provided reference", }, ], }, ], descriptions: [ { lang: "en", value: "Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege, Denial of Service, Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-22T13:53:30", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { tags: [ "x_refsource_MISC", ], url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2020-0539", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) AMT and Intel(R) CSME", version: { version_data: [ { version_value: "See provided reference", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege, Denial of Service, Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { name: "https://security.netapp.com/advisory/ntap-20200611-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200611-0006/", }, { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html", }, { name: "https://support.lenovo.com/de/en/product_security/len-30041", refsource: "MISC", url: "https://support.lenovo.com/de/en/product_security/len-30041", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2020-0539", datePublished: "2020-06-15T14:01:05", dateReserved: "2019-10-28T00:00:00", dateUpdated: "2024-08-04T06:02:52.348Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }