Intel CSME Vulnerability - Lenovo Support US

2020-02-08T22:30:25
ID LENOVO:PS500307-INTEL-CSME-VULNERABILITY-NOSID
Type lenovo
Reporter Lenovo
Modified 2021-04-05T16:07:00

Description

Lenovo Security Advisory: LEN-30525

Potential Impact: Privilege escalation, denial of service, information disclosure

Severity: High

Scope of Impact: Industry-wide

CVE Identifier: CVE-2019-14598

Summary Description:

Intel reported a potential security vulnerability in CSME subsystem may allow escalation of privilege, denial of service, and information disclosure.

Mitigation Strategy for Customers (what you should do to protect yourself):

Intel recommends updating to Intel® CSME versions 12.0.49, 13.0.21, and 14.0.11 or later. Intel recommends IOT customers using Intel® CSME version 12.0.55 to update to 12.0.56 or
later.