Input validation

2019-03-1420:29:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Insufficient input validation in Intel® AMT in Intel® CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.

CPENameOperatorVersion
converged_security_management_engine_firmwarege11.0
converged_security_management_engine_firmwarelt11.8.60
converged_security_management_engine_firmwarege11.10
converged_security_management_engine_firmwarelt11.11.60
converged_security_management_engine_firmwarege11.20
converged_security_management_engine_firmwarelt11.22.60
converged_security_management_engine_firmwarege12.0.0
converged_security_management_engine_firmwarelt12.0.20

Name	Operator	Version
converged_security_management_engine_firmware	ge	11.0
converged_security_management_engine_firmware	lt	11.8.60
converged_security_management_engine_firmware	ge	11.10
converged_security_management_engine_firmware	lt	11.11.60
converged_security_management_engine_firmware	ge	11.20
converged_security_management_engine_firmware	lt	11.22.60
converged_security_management_engine_firmware	ge	12.0.0
converged_security_management_engine_firmware	lt	12.0.20