CVE-2019-0093

2019-05-1715:41:38

intel

www.cve.org

4.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

JSON

Insufficient data sanitization vulnerability in HECI subsystem for Intel® CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel® SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access.

CNA Affected

[
  {
    "product": "Intel(R) Converged Security & Management Engine (CSME), Intel(R) Server Platform Services (SPS)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Versions before 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0."
      }
    ]
  }
]