Insufficient data sanitization vulnerability in HECI subsystem for Intel® CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel® SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access.
[
{
"product": "Intel(R) Converged Security & Management Engine (CSME), Intel(R) Server Platform Services (SPS)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions before 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0."
}
]
}
]