K10522033 : Intel CSME and TXE vulnerability CVE-2019-0098

Security Advisory Description

Logic bug vulnerability in subsystem for Intel® CSME before version 12.0.35, Intel® TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. (CVE-2019-0098)

Impact

An attacker with physical access to the system can exploit this vulnerability with Converged Security and Management Engine (CSME) and Trusted Execution Engine (TXE) to escalate their privileges.