CVE-2020-12303

🗓️ 12 Nov 2020 18:07:22Reported by intelType

Use after free vulnerability in Intel(R) CSME and TX

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability of the DAL subsystem of the Intel Converged Security and Manageability Engine (CSME) and the Intel Trusted Execution Engine (TXE) software allows a perpetrator to enhance their privileges.	19 Nov 202000:00	–	bdu_fstec
CVE	CVE-2020-12303	12 Nov 202018:07	–	cve
EUVD	EUVD-2020-4615	7 Oct 202500:30	–	euvd
F5 Networks	K43877335: Intel software vulnerabilities CVE-2020-8751, CVE-2020-8755, CVE-2020-8761, CVE-2020-12303	21 Feb 202318:32	–	f5
Hewlett-Packard	HPSBHF03703 rev. 4 - Intel® 2020.2 IPU - CSME, SPS, TXE, AMT, and DAL Security Update	9 Nov 202000:00	–	hp
Intel	2020.2 IPU – Intel® CSME, SPS, TXE, and AMT Advisory	12 May 202200:00	–	intel
Tenable Nessus	Intel Active Management Technology (AMT) Multiple Vulnerabilities (INTEL-SA-00391) (remote check)	20 Nov 202000:00	–	nessus
Tenable Nessus	Intel Converged Security Management Engine (CSME) Active Management Technology (AMT) Multiple Vulnerabilities (INTEL-SA-00391)	20 Nov 202000:00	–	nessus
NCSC	Multiple vulnerabilities fixed in Intel systems	13 Nov 202000:00	–	ncsc
NVD	CVE-2020-12303	12 Nov 202018:15	–	nvd

[
  {
    "product": "Intel(R) CSME, Intel(R) TXE",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE 3.1.80, 4.0.30"
      }
    ]
  }
]

Source	Link
intel	www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391
security	www.security.netapp.com/advisory/ntap-20201113-0005/
security	www.security.netapp.com/advisory/ntap-20201113-0002/

13 Nov 2020 09:06Current

8.1High risk

Vulners AI Score8.1

EPSS0.00364