Intel CSME, Server Platform Services, Trusted Execution Engine and Intel Active Management Technology Vulnerabilities - US

Lenovo Security Advisory: LEN-25083

Potential Impact: Privilege escalation, denial of service, information disclosure

Severity: High

Scope of Impact: Industry-wideF

CVE Identifier: CVE-2018-12188, CVE-2018-12189, CVE-2018-12190, CVE-2018-12191, CVE-2018-12192, CVE-2018-12199, CVE-2018-12198, CVE-2018-12200, CVE-2018-12187, CVE-2018-12196, CVE-2018-12185

Summary Description:

Multiple potential security vulnerabilities in Intel CSME, Server Platform Services, Trusted Execution Engine, and Intel Active Management Technology may allow users to potentially escalate privileges, disclose information, or cause a denial of service.

Mitigation Strategy for Customers (what you should do to protect yourself):

Intel recommends upgrading to the Intel CSME, Server Platform Services, Trusted Execution Engine, and Intel Active Management Technology version (or newer) indicated for your model in the Product Impact section below.

Product Impact: