Lucene search
K

84 matches found

OSV
OSV
added 2020/06/15 2:15 p.m.2 views

CVE-2020-0536

Improper input validation in the DAL subsystem for IntelR CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and IntelR TXE versions before 3.1.75 and 4.0.25 may allow an unauthenticated user to potentially enable information disclosure via network access...

7.5CVSS7.2AI score0.017EPSS
Exploits0References3
CNVD
CNVD
added 2020/06/11 12:0 a.m.3 views

Intel TXE and CSME Path Traversal Vulnerability

Intel Converged Security and Management Engine CSME and Intel TXE are both products of Intel Corporation, U.S.A. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trust execution engine with hardware authentication capabilities for use in CPUs central...

5.5CVSS7AI score0.0035EPSS
Exploits0References1
NCSC
NCSC
added 2020/06/10 12:0 a.m.8 views

Vulnerabilities fixed in Intel products

Intel has fixed vulnerabilities in Intel Converged Security and Manageability Engine CSME, Intel Server Platform Services SPS, Intel Trusted Execution Engine TXE, Intel Active Management Technology AMT, Intel Standard Manageability ISM and Intel Dynamic Application Loader DAL. The above products...

9.8CVSS6.7AI score0.03536EPSS
Exploits0
Hewlett-Packard
Hewlett-Packard
added 2020/06/05 12:0 a.m.62 views

HPSBHF03667 rev. 2 - Intel® 2020.1 IPU - CSME, SPS, TXT, AMT and DAL Security Updates

Potential Security Impact Escalation of Privilege, Denial of Service, Information Disclosure. Source: HP, HP Product Security Response Team PSRT Reported By: Intel® VULNERABILITY SUMMARY HP has been notified by Intel of potential security vulnerabilities in the Intel® Converged Security and...

8.4CVSS1.4AI score0.0231EPSS
Exploits0
Lenovo
Lenovo
added 2020/06/04 8:27 p.m.208 views

Intel CSME, SPS, TXE, AMT and DAL Advisory - Lenovo Support US

Lenovo Security Advisory: LEN-30041 Potential Impact: Privilege escalation, denial of service, information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2020-0542, CVE-2020-0532, CVE-2020-0538, CVE-2020-0534, CVE-2020-0541, CVE-2020-0533, CVE-2020-0537, CVE-2020-053...

7.5CVSS0.7AI score0.18564EPSS
Exploits3
Lenovo
Lenovo
added 2020/06/04 8:27 p.m.44 views

Intel CSME, SPS, TXE, AMT and DAL Advisory - Lenovo Support US

No description provided...

7.8CVSS6.1AI score0.00396EPSS
Exploits0
OSV
OSV
added 2019/12/18 10:15 p.m.3 views

CVE-2019-11102

Insufficient input validation in IntelR DAL software for IntelR CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; IntelR TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access...

4.4CVSS6.6AI score0.00346EPSS
Exploits0References1
OSV
OSV
added 2019/12/18 10:15 p.m.2 views

CVE-2019-11090

Cryptographic timing conditions in the subsystem for IntelR PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; IntelR TXE 3.1.70 and 4.0.20; IntelR SPS before versions SPSE504.01.04.305.0, SPSSoC-X04.00.04.108.0, SPSSoC-A04.00.04.191.0, SPSE304.01.04.086.0,...

5.9CVSS7AI score0.02342EPSS
Exploits0References1
OSV
OSV
added 2019/12/18 10:15 p.m.3 views

CVE-2019-0168

Insufficient input validation in the subsystem for IntelR CSME before versions 11.8.70, 12.0.45 and 13.0.10; IntelR TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access...

4.4CVSS5.8AI score0.00346EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/12/13 12:0 a.m.8 views

The vulnerability of the Intel Platform Trust Technology (PTT) platform for storing account data and managing keys, along with the microsoftware Intel Trusted Execution Engine (TXE) and Intel Server Platform Services, arises from the lack of protection for operational data. This allows attackers to gain access to the cryptographic keys stored in the Trusted Platform Module (TPM).

The vulnerability of the Intel Platform Trust Technology-based data storage and key management platform, along with the Intel Trusted Execution Engine software and Intel Server Platform Services, is related to the lack of protection for sensitive data. Exploiting this vulnerability could allow a...

6.8CVSS7.2AI score0.02342EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/12/13 12:0 a.m.10 views

The vulnerability of the embedded microcontroller’s consumer driver, Intel Management Engine, and the microprogramming software Intel Trusted Execution Engine (TXE), allows a perpetrator to enhance their privileges.

The vulnerability of the embedded microcontroller’s consumer driver, Intel Management Engine for Windows, and Intel Trusted Execution Engine TXE software, is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.3CVSS7.4AI score0.0031EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/12/13 12:0 a.m.6 views

The vulnerability of the driver for the hardware abstraction layer of the MEinfo utility lies in the Microprogramming Software Intel Converged Security and Manageability Engine (CSME), the Microprogramming Software Intel Trusted Execution Engine (TXE), the Intel-SA-00086 Detection Tool, and the INTEL-SA-00125 Detection Tool. This vulnerability allows attackers to enhance their privileges.

The vulnerability of the MEinfo driver for hardware abstraction in Intel Converged Security and Manageability Engine CSME microprogramming software, Intel Trusted Execution Engine TXE microprogramming software, Intel-SA-00086 Detection Tool, and INTEL-SA-00125 Detection Tool is related to...

8.2CVSS7.4AI score0.00377EPSS
Exploits0References2Affected Software4
CNVD
CNVD
added 2019/12/06 12:0 a.m.5 views

Intel TXE and Intel Converged Security and Management Engine Code Issue Vulnerabilities

Intel Converged Security and Management Engine CSME and Intel TXE are both products of Intel Corporation, U.S.A. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trust execution engine with hardware authentication capabilities for use in CPUs central...

6.7CVSS7.3AI score0.00335EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/05 12:0 a.m.2 views

Unspecified Vulnerability in Intel TXE and Intel Management Engine Consumer Driver

Intel TXE and Intel Management Engine Consumer Driver are both products of Intel Corporation, USA. Intel TXE is a Trusted Execution Engine with hardware validation for use in CPUs Central Processing Units.Intel Management Engine Consumer Driver is a management engine consumer driver. An unspecifi...

7.8CVSS7.1AI score0.0031EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/11/25 12:0 a.m.6 views

The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine (CSME), Intel Trusted Execution Engine (TXE), and Intel Dynamic Application Loader (DAL) arises from insufficient validation of input data, allowing attackers to disclose protected information.

The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine CSME, Intel Trusted Execution Engine TXE, and Intel Dynamic Application Loader DAL is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to disclose...

4.1CVSS6.5AI score0.00346EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2019/11/25 12:0 a.m.7 views

The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine (CSME), Intel Trusted Execution Engine (TXE), and Intel Dynamic Application Loader (DAL) arises from insufficient session verification, allowing attackers to exploit their privileges.

The vulnerability of the Intel Active Management Technology AMT implementation of the Intel Converged Security and Manageability Engine CSME software is related to insufficient session verification. Exploiting this vulnerability can allow attackers to enhance their privileges...

4.6CVSS6.9AI score0.00335EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/11/25 12:0 a.m.6 views

The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine (CSME), Intel Trusted Execution Engine (TXE), and Intel Dynamic Application Loader (DAL) is related to authentication errors, allowing attackers to escalate their privileges.

The vulnerabilities of Microprogramming Software: Intel Converged Security and Manageability Engine CSME, Intel Trusted Execution Engine TXE, and Intel Dynamic Application Loader DAL are related to authentication errors. Exploiting these vulnerabilities can allow attackers to enhance their...

4.1CVSS7AI score0.00366EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/11/25 12:0 a.m.6 views

The vulnerability of Microprogramming Software, Intel Converged Security and Manageability Engine (CSME), and Intel Trusted Execution Engine (TXE) arises from insufficient validation of input data, allowing attackers to disclose protected information.

The vulnerability of Microprogramming Software Intel Converged Security and Manageability Engine CSME and Intel Trusted Execution Engine TXE is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to disclose protected information...

6.2CVSS6.5AI score0.00349EPSS
Exploits0References2Affected Software2
Lenovo
Lenovo
added 2019/11/04 4:25 p.m.7 views

Intel CSME, Server Platform Services, Trusted Execution Engine, Intel Active Management Technology and Dynamic Application Loader Vulnerabilities - Lenovo Support US

No description provided...

6.1AI score
Exploits0
Lenovo
Lenovo
added 2019/11/04 4:25 p.m.174 views

Intel CSME, Server Platform Services, Trusted Execution Engine, Intel Active Management Technology and Dynamic Application Loader Vulnerabilities - Lenovo Support US

Lenovo Security Advisory: LEN-27716 Potential Impact: Privilege escalation, denial of service, information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2019-0131, CVE-2019-0165, CVE-2019-0166, CVE-2019-0168, CVE-2019-0169, CVE-2019-11086, CVE-2019-11087,...

7.5CVSS2.6AI score0.02342EPSS
Exploits0
Rows per page
Query Builder