Lucene search
K

71 matches found

bdu_fstec
bdu_fstec
added 2020/11/19 12:0 a.m.7 views

The vulnerability of the DAL subsystem of the Intel Converged Security and Manageability Engine (CSME) and the Intel Trusted Execution Engine (TXE) software allows a perpetrator to enhance their privileges.

The vulnerability of the DAL subsystem of the Intel Converged Security and Manageability Engine CSME and the Intel Trusted Execution Engine TXE is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7CVSS7.2AI score0.00364EPSS
Exploits0References2Affected Software2
bdu_fstec
bdu_fstec
added 2020/09/29 12:0 a.m.8 views

The vulnerability of the Intel Converged Security and Manageability Engine implementation arises from insufficient validation of input data, allowing a perpetrator to trigger a service failure.

The vulnerability of the Intel Converged Security and Manageability Engine implementation exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

7.8CVSS7.3AI score0.01864EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2020/09/29 12:0 a.m.6 views

The vulnerability of the Intel Converged Security and Manageability Engine implementation lies in the insufficient calculation of the password hash. This allows attackers to escalate their privileges, disclose sensitive information, or cause service failures.

The vulnerability of the Intel Converged Security and Manageability Engine implementation is related to insufficient calculation of the password hash. Exploiting this vulnerability can allow attackers to enhance their privileges, disclose protected information, or cause service failures...

7.5CVSS6.9AI score0.00239EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2020/09/29 12:0 a.m.6 views

The vulnerability of the Intel Converged Security and Manageability Engine implementation lies in the writing beyond the buffer boundaries of memory, which allows attackers to enhance their privileges.

The vulnerability of the Intel Converged Security and Manageability Engine implementation lies in the writing of data beyond the buffer boundaries of memory. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.8CVSS7.1AI score0.00388EPSS
Exploits0References3Affected Software1
ncsc
ncsc
added 2020/06/10 12:0 a.m.8 views

Vulnerabilities fixed in Intel products

Intel has fixed vulnerabilities in Intel Converged Security and Manageability Engine CSME, Intel Server Platform Services SPS, Intel Trusted Execution Engine TXE, Intel Active Management Technology AMT, Intel Standard Manageability ISM and Intel Dynamic Application Loader DAL. The above products...

9.8CVSS6.7AI score0.03536EPSS
Exploits0
osv
osv
added 2020/06/09 8:15 p.m.2 views

CVE-2020-8336

Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash...

6.8CVSS6.9AI score
Exploits0References1
hp
hp
added 2020/06/05 12:0 a.m.62 views

HPSBHF03667 rev. 2 - Intel® 2020.1 IPU - CSME, SPS, TXT, AMT and DAL Security Updates

Potential Security Impact Escalation of Privilege, Denial of Service, Information Disclosure. Source: HP, HP Product Security Response Team PSRT Reported By: Intel® VULNERABILITY SUMMARY HP has been notified by Intel of potential security vulnerabilities in the Intel® Converged Security and...

8.4CVSS1.4AI score0.0231EPSS
Exploits0
lenovo
lenovo
added 2020/06/04 8:27 p.m.208 views

Intel CSME, SPS, TXE, AMT and DAL Advisory - Lenovo Support US

Lenovo Security Advisory: LEN-30041 Potential Impact: Privilege escalation, denial of service, information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2020-0542, CVE-2020-0532, CVE-2020-0538, CVE-2020-0534, CVE-2020-0541, CVE-2020-0533, CVE-2020-0537, CVE-2020-053...

7.5CVSS0.7AI score0.18564EPSS
Exploits3
lenovo
lenovo
added 2020/06/04 8:27 p.m.44 views

Intel CSME, SPS, TXE, AMT and DAL Advisory - Lenovo Support US

No description provided...

7.8CVSS6.1AI score0.00396EPSS
Exploits0
bdu_fstec
bdu_fstec
added 2020/01/20 12:0 a.m.6 views

The vulnerability of Intel Converged Security and Manageability Engine (CSME) software, which stems from insufficient validation of input data, allows attackers to escalate their privileges.

The vulnerability of Intel Converged Security and Manageability Engine CSME lies in insufficient validation of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

2.3CVSS6.9AI score0.00353EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2019/12/13 12:0 a.m.8 views

The vulnerability of the MEinfo utility in Intel’s Converged Security and Manageability Engine (CSME) and Intel’s Trusted Execution Engine (TXE) allows a attacker to enhance their privileges.

The vulnerability of the MEinfo utility in Intel’s Converged Security and Manageability Engine CSME and Intel’s Trusted Execution Engine TXE software exists due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.3CVSS7.4AI score0.00355EPSS
Exploits0References2Affected Software2
bdu_fstec
bdu_fstec
added 2019/12/13 12:0 a.m.9 views

The vulnerability of Intel Converged Security and Manageability Engine’s microprogramming software arises from insufficient validation of input data. This allows attackers to escalate their privileges.

The vulnerability of Intel Converged Security and Manageability Engine CSME exists due to insufficient testing of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.3CVSS7.3AI score0.00355EPSS
Exploits0References2Affected Software1
bdu_fstec
bdu_fstec
added 2019/11/25 12:0 a.m.6 views

The vulnerability of Microprogramming Software, Intel Converged Security and Manageability Engine (CSME), and Intel Trusted Execution Engine (TXE) arises from insufficient validation of input data, allowing attackers to disclose protected information.

The vulnerability of Microprogramming Software Intel Converged Security and Manageability Engine CSME and Intel Trusted Execution Engine TXE is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to disclose protected information...

6.2CVSS6.5AI score0.00349EPSS
Exploits0References2Affected Software2
bdu_fstec
bdu_fstec
added 2019/11/25 12:0 a.m.6 views

The vulnerability of Intel Converged Security and Manageability Engine (CSME) software, which stems from insufficient validation of input data, allows attackers to trigger a service failure.

The vulnerability of Intel Converged Security and Manageability Engine CSME is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to trigger a service failure...

4.6CVSS6.5AI score0.00309EPSS
Exploits0References2Affected Software1
bdu_fstec
bdu_fstec
added 2019/11/25 12:0 a.m.6 views

The vulnerability of Microprogramming Software, Intel Converged Security and Manageability Engine (CSME), and Intel Trusted Execution Engine (TXE) arises from insufficient validation of input data, allowing attackers to disclose protected information.

The vulnerability of Microprogramming Software Intel Converged Security and Manageability Engine CSME and Intel Trusted Execution Engine TXE is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to disclose protected information...

4.6CVSS6.5AI score0.00346EPSS
Exploits0References2Affected Software2
bdu_fstec
bdu_fstec
added 2019/11/25 12:0 a.m.6 views

The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine (CSME), Intel Trusted Execution Engine (TXE), and Intel Dynamic Application Loader (DAL) is related to authentication errors, allowing attackers to escalate their privileges.

The vulnerabilities of Microprogramming Software: Intel Converged Security and Manageability Engine CSME, Intel Trusted Execution Engine TXE, and Intel Dynamic Application Loader DAL are related to authentication errors. Exploiting these vulnerabilities can allow attackers to enhance their...

4.1CVSS7AI score0.00366EPSS
Exploits0References2Affected Software2
bdu_fstec
bdu_fstec
added 2019/05/31 12:0 a.m.9 views

Vulnerability in the subsystems of Microprogramming Software: Intel Converged Security and Manageability Engine, Intel Server Platform Services, and Intel Trusted Execution Engine (TXE). This vulnerability is related to lack of access control, allowing attackers to enhance their privileges.

The vulnerability in the microprogramming system components of the Intel Converged Security and Manageability Engine, Intel Server Platform Services, and Intel Trusted Execution Engine TXE is related to access control deficiencies. Exploiting this vulnerability can allow attackers to enhance thei...

7.1CVSS7.8AI score0.00362EPSS
Exploits0References4Affected Software2
bdu_fstec
bdu_fstec
added 2019/05/31 12:0 a.m.6 views

Vulnerability in the Intel Converged Security and Manageability Engine microprogramming subsystem, related to buffer overflow attacks, allows attackers to escalate their privileges.

The vulnerability in the Intel Converged Security and Manageability Engine CSME microprogramming subsystem is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker, operating remotely, to increase their privileges...

9CVSS8.1AI score0.01864EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2019/03/29 12:0 a.m.5 views

The vulnerabilities of Intel Converged Security and Manageability Engine and Trusted Execution Engine implementations allow attackers to gain access to protected information due to insufficient validation of input data.

The vulnerability of Intel Converged Security and Manageability Engine and Trusted Execution Engine implementations is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to gain access to protected information...

6.8CVSS5.8AI score0.00336EPSS
Exploits0References2Affected Software2
bdu_fstec
bdu_fstec
added 2019/03/29 12:0 a.m.4 views

The vulnerability of the Intel Converged Security and Manageability Engine implementation lies in insufficient validation of input data, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Intel Converged Security and Manageability Engine implementation is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to execute arbitrary code...

6.7CVSS7.1AI score0.00424EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder