Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

2020.2 IPU – Intel® CSME, SPS, TXE, and AMT Advisory

🗓️ 12 May 2022 00:00:00Reported by Intel Security CenterType 
intel
 intel🔗 www.intel.com👁 58 Views

Intel security advisory for potential vulnerabilities in CSME, SPS, TXE, AM

Related
ReporterTitlePublishedViews
Family
BDU FSTEC		The vulnerability of Intel Trusted Execution Engine’s microprogramming software, related to the use of memory after it is freed, allows attackers to enhance their privileges.
19 Nov 202000:00
bdu_fstec
BDU FSTEC		A vulnerability exists in the microprogramming software subsystem of the Intel Converged Security and Manageability Engine (CSME), which allows attackers to enhance their privileges.
19 Nov 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the DAL subsystem of the Intel Converged Security and Manageability Engine (CSME) and the Intel Trusted Execution Engine (TXE) software allows a perpetrator to enhance their privileges.
19 Nov 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the Windows installer of the Intel AMT SDK allows a perpetrator to increase their privileges.
19 Nov 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the Intel Active Management Technology implementation arises from the possibility of writing operations outside of the buffer in memory, allowing an attacker to exploit their privileges.
19 Nov 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of microprogramming software, including the Intel Converged Security and Manageability Engine (CSME), Intel Trusted Execution Engine (TXE), and Intel Server Platform Services (SPS), is related to deficiencies in access control. This allows attackers to enhance their privileges.
26 Nov 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the Microprogramming Software Intel Converged Security and Manageability Engine (CSME) and Intel Trusted Execution Engine (TXE) arises from the implementation of incorrect control flow. This allows attackers to enhance their privileges.
26 Nov 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the Installer component in Intel Dynamic Application Loader (DAL) software allows a hacker to enhance their privileges.
26 Nov 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the IPv6 protocol implementation under Intel Active Management Technology and Intel Standard Manageability allows attackers to enhance their privileges.
26 Nov 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the DHCP subsystem of Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM) allows attackers to disclose protected information.
26 Nov 202000:00
bdu_fstec
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
10 Nov 2020 00:00Current
8.4High risk
Vulners AI Score8.4
CVSS 27.5
CVSS 3.19.8
EPSS0.01634
intel converged security and manageability engineserver platform servicestrusted execution engineactive management technologyprivilege escalationdenial of serviceinformation disclosurefirmware updatesvulnerabilitycve-2020-8752out-of-bounds writecvss 9.4 criticalcve-2020-8753out-of-bounds readcvss 8.2 highcve-2020-12297improper access controlcvss 8.2 highcve-2020-12304insufficient control flow managementcvss 7.3 highcve-2020-8745insecure default initializationcvss 7.2 highcve-2020-8744improper initializationcve-2020-8705security advisory
58