13 matches found
CVE-2018-12147
Insufficient input validation in HECI subsystem in IntelR CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of privileges via local access...
EUVD-2021-2679
Malware in sbrugna...
CVE-2021-0060
Insufficient compartmentalization in HECI subsystem for the IntelR SPS before versions SPSE504.01.04.516.0, SPSE504.04.04.033.0, SPSE504.04.03.281.0, SPSE503.01.03.116.0, SPSE305.01.04.309.0, SPS02.04.00.101.0, SPSSoC-A05.00.03.114.0, SPSSoC-X04.00.04.326.0, SPSSoC-X03.00.03.117.0,...
CVE-2021-0060
CVE-2021-0060 affects Intel Chipset Firmware’s Server Platform Services (SPS) HECI, where insufficient compartmentalization could let an authenticated user escalate privileges with physical access. Affected products include Intel SPS firmwares, before versions SPS_E5_04.01.04.516.0, SPS_E5_04.04....
CVE-2021-0060
Insufficient compartmentalization in HECI subsystem for the IntelR SPS before versions SPSE504.01.04.516.0, SPSE504.04.04.033.0, SPSE504.04.03.281.0, SPSE503.01.03.116.0, SPSE305.01.04.309.0, SPS02.04.00.101.0, SPSSoC-A05.00.03.114.0, SPSSoC-X04.00.04.326.0, SPSSoC-X03.00.03.117.0,...
The vulnerability of the HECI subsystem of the microprogramming software Intel Converged Security and Manageability Engine and Intel Server Platform Services allows attackers to disclose protected information.
The vulnerability of the HECI microprogramming software’s subsystem, including Intel Converged Security and Manageability Engine and Intel Server Platform Services, is related to the lack of protection for operational data. Exploiting this vulnerability can allow attackers to disclose sensitive...
Intel Converged Security and Management Engine and Intel Server Platform Services HECI Subsystem Information Disclosure Vulnerability
The Intel Converged Security and Management Engine CSME and Intel Server Platform Services SPS are both products of Intel Corporation.Intel Converged Security and Management Engine is a security management engine. Intel Converged Security and Management Engine CSME and Intel Server Platform...
CVE-2019-0093
Insufficient data sanitization vulnerability in HECI subsystem for IntelR CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and IntelR SPS before version SPSE305.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access...
CVE-2019-0093
Insufficient data sanitization vulnerability in HECI subsystem for IntelR CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and IntelR SPS before version SPSE305.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access...
CVE-2019-0093
CVE-2019-0093 is an information-disclosure vulnerability in Intel® CSME/HECI and Intel® SPS. The issue is caused by insufficient data sanitization in the HECI subsystem and affects Intel® CSME before 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel® SPS before SPS_E3_05.00.04.027.0, potentially all...
CVE-2018-12198
Insufficient input validation in IntelR Server Platform Services HECI subsystem before version SPSE504.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access...
CVE-2018-12198
Insufficient input validation in IntelR Server Platform Services HECI subsystem before version SPSE504.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access...
CVE-2018-12198
Insufficient input validation in IntelR Server Platform Services HECI subsystem before version SPSE504.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access...