Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hpHP Product Security Response TeamHP:C06962103
HistoryNov 09, 2020 - 12:00 a.m.

HPSBHF03703 rev. 4 - Intel® 2020.2 IPU - CSME, SPS, TXE, AMT, and DAL Security Update

2020-11-0900:00:00
HP Product Security Response Team
support.hp.com
63

0.003 Low

EPSS

Percentile

68.7%

JSON

Potential Security Impact

Escalation of Privilege, Denial of Service, Information Disclosure

Source: HP, HP Product Security Response Team (PSRT)

Reported By: Intel

VULNERABILITY SUMMARY

Intel has informed HP of potential security vulnerabilities identified in Intel® Converged Security and Manageability Engine (CSME), Server Platform Services (SPS), Intel® Trusted Execution Engine (TXE), Intel® Dynamic Application Loader (DAL), Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM) and Intel® Dynamic Application Loader (Intel® DAL) that may allow escalation of privilege, denial of service, or information disclosure. Intel is releasing firmware and software updates to mitigate these potential vulnerabilities.

Intel is not releasing updates to mitigate a potential vulnerability and has issued a Product Discontinuation Notice for Intel® DAL SDK.

RESOLUTION

Intel has released updates to mitigate the potential vulnerabilities. HP has identified the affected platforms and the corresponding SoftPaq updated versions. See the affected platforms listed below. Newer versions may become available and the minimum versions listed below may become obsolete. If a SoftPaq Link becomes invalid, check the HP Customer Support - Software and Driver Downloads site to obtain the latest update for your product model.

HP recommends keeping your system up to date with the latest firmware and software.

> note:
>
> This bulletin may be updated when new information and/or SoftPaqs are available. Sign up for HP Subscriptions to be notified and receive:
>
> * Product support eAlerts
> * Driver updates
> * Security Bulletin updates

Pending: SoftPaq is in progress.

Under investigation: System under investigation for impact, or SoftPaq under investigation for feasibility/availability.

**Not available:**SoftPaq not available due to technical or logistical constraints.

**Check support page:**The listed SoftPaq has been removed from downloaded site. SoftPaqs with newer versions may be available on the HP Customer Support - Software and Driver Downloads site.

Related

nessus 4
intel 1
f5 6
prion 22
cve 22
ics 2
cert 1
threatpost 1
nessus
nessus
Intel Active Management Technology (AMT) Multiple Vulnerabilities (INTEL-SA-00391) (remote check)
2020-11-20 00:00:00
Intel Converged Security Management Engine (CSME) Active Management Technology (AMT) Multiple Vulnerabilities (INTEL-SA-00391)
2020-11-20 00:00:00
Siemens SIMATIC S7-1500 Improper Initialization (CVE-2020-8744)
2022-11-07 00:00:00
intel
intel
2020.2 IPU – Intel® CSME, SPS, TXE, and AMT Advisory
2022-05-12 00:00:00
f5
f5
K23033557 : Intel software vulnerabilities CVE-2020-8746, CVE-2020-8747, CVE-2020-8749, CVE-2020-8752, CVE-2020-8753
2020-11-26 00:00:00
K45573415 : Intel software vulnerabilities CVE-2020-12297, CVE-2020-12304, CVE-2020-12354
2020-11-26 00:00:00
K35925420 : Intel software vulnerabilities CVE-2020-8754, CVE-2020-8757, CVE-2020-8760, CVE-2020-12356
2020-11-26 00:00:00
prion
prion
Default credentials
2020-11-12 18:15:00
Improper access control
2020-11-12 18:15:00
Design/Logic Flaw
2020-11-12 18:15:00
cve
cve
CVE-2020-12355
2020-11-12 18:15:00
CVE-2020-12304
2020-11-12 18:15:00
CVE-2020-12297
2020-11-12 18:15:00
ics
ics
Siemens SIMATIC S7-1500
2021-05-11 12:00:00
Siemens Industrial PCs and CNC devices (Update A)
2022-12-15 12:00:00
cert
cert
Replay Protected Memory Block (RPMB) protocol does not adequately defend against replay attacks
2020-11-10 00:00:00
threatpost
threatpost
Colossal Intel Update Anchored by Critical Privilege-Escalation Bugs
2020-11-10 20:59:04

0.003 Low

EPSS

Percentile

68.7%

JSON
Related for HP:C06962103
nessus4intel1f56prion22cve22ics2cert1threatpost1