Lucene search
K

84 matches found

ThreatPost
ThreatPost
added 2019/03/15 7:30 p.m.162 views

Lenovo Patches Intel Firmware Flaws in Multiple Product Lines

Lenovo has patched several several high-severity vulnerabilities tied to Intel flaws that could enable escalation of privilege, information disclosure, or even denial of service. Overall the device maker patched flaws tied to 16 high-severity CVEs on Thursday. Those include five related to Intel...

7.2CVSS7.4AI score0.01113EPSS
Exploits0References15
Lenovo
Lenovo
added 2019/03/14 2:33 p.m.5 views

Intel CSME, Server Platform Services, Trusted Execution Engine and Intel Active Management Technology Vulnerabilities - Lenovo Support US

No description provided...

7.6CVSS5.4AI score0.01113EPSS
Exploits0
Hewlett-Packard
Hewlett-Packard
added 2019/03/12 12:0 a.m.49 views

HPSBHF03607 rev. 3 - Intel CSME, Trusted Execution Engine (TXE), Active Management Technology (AMT) Security Updates

Potential Security Impact Escalation of Privilege, Denial of Service, Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Intel® CSME, Server Platform Services, Trusted...

8.2CVSS1.8AI score0.01113EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/10/05 12:0 a.m.6 views

The vulnerability of Microprogramming Software, including Intel Converged Security and Manageability Engine (CSME), Intel Server Platform Services (SPS), and Intel Trusted Execution Engine (TXE), arises due to privilege management errors, allowing attackers to disclose or modify protected information.

The vulnerabilities of Intel CSME, Intel SPS, and Intel TXE are caused by privilege management errors. Exploiting these vulnerabilities can allow attackers to disclose or modify protected information...

7.3CVSS5.5AI score0.00433EPSS
Exploits0References4Affected Software3
OSV
OSV
added 2018/09/12 7:29 p.m.4 views

CVE-2018-3659

A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may allow an unauthenticated user to potentially disclose information via physical access...

6.8CVSS5.7AI score0.00423EPSS
Exploits0References2
NVD
NVD
added 2018/09/12 7:29 p.m.29 views

CVE-2018-3655

A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access...

7.3CVSS7AI score0.00433EPSS
Exploits0References3
OSV
OSV
added 2018/09/12 7:29 p.m.3 views

CVE-2018-3655

A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access...

7.3CVSS5.8AI score0.00433EPSS
Exploits0References3
Prion
Prion
added 2018/09/12 7:29 p.m.25 views

Design/Logic Flaw

A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access...

3.6CVSS6.9AI score0.00433EPSS
Exploits0References3Affected Software3
CVE
CVE
added 2018/09/12 7:0 p.m.54 views

CVE-2018-3655

The CVE-2018-3655 issue affects Intel CSME firmware before 11.21.55, Intel SPS before 4.0, and Intel TXE firmware before 3.1.55. The vulnerability allows an unauthenticated user with physical access to potentially modify or disclose information stored in the CSME/SPS/TXE subsystems. Exploitation ...

7.3CVSS6.4AI score0.00433EPSS
Exploits0References3Affected Software1
Lenovo
Lenovo
added 2018/07/25 11:19 a.m.748 views

Intel ME 6.x/7.x/8.x/9.x/10.x./11.x, SPS 4.0, and TXE 3.0 Cumulative Security Update - US

Lenovo Security Advisory: LEN-17297 Potential Impact: An attacker could load and execute arbitrary code outside the visibility of the user, operating system, and hypervisor/virtualization platform; resulting in exfiltration of secrets, subtle manipulation of system operation, or denial of service...

9CVSS8.2AI score0.04407EPSS
Exploits0
Intel
Intel
added 2018/02/07 12:0 a.m.62 views

Intel Q3’17 ME 6.x/7.x/8.x/9.x/10.x/11.x, SPS 4.0, and TXE 3.0 Security Review Cumulative Update

Summary: In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of our Intel® Management Engine ME, Intel® Server Platform Services SPS, and Intel® Trusted Execution Engine TXE with the objective of enhancing firmware resilience. As...

9CVSS7.6AI score0.04407EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2017/12/07 12:0 a.m.7 views

Multiple vulnerabilities in the Intel Trusted Execution Engine (TXE) subsystem of the Platform Controller Hub family of microcontrollers, which allow attackers to enhance their privileges

The multiple vulnerabilities of the Intel Trusted Execution Engine TXE subsystem in microprogramming software of the Platform Controller Hub PCH family, which serve as south bridges, are caused by buffer overflows. These vulnerabilities are related to deficiencies in access control. Exploitation ...

7.5CVSS7.8AI score0.00609EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/12/05 12:0 a.m.7 views

Multiple vulnerabilities in the Intel Trusted Execution Engine (TXE) subsystem of the Platform Controller Hub family of microprogramming devices, which allow unauthorized code to be executed

The multiple vulnerabilities of the Intel Trusted Execution Engine TXE subsystem in microprogramming software of the Platform Controller Hub PCH family, which serve as south bridges, are caused by buffer overflows. Exploitation of these vulnerabilities could allow an attacker to execute unsigned...

8.2CVSS8AI score0.00649EPSS
Exploits0References6Affected Software1
CNVD
CNVD
added 2017/11/22 12:0 a.m.4 views

Multiple Local Elevation of Privilege Vulnerabilities in Intel Trusted Execution Engine

Intel Trusted Execution Engine Firmware is a trusted execution engine firmware product. Intel Trusted Execution Engine has multiple local elevation of privilege vulnerabilities. An attacker could exploit this vulnerability to access privileged content...

7.8CVSS7.3AI score0.00609EPSS
Exploits0References1
CNVD
CNVD
added 2017/11/22 12:0 a.m.6 views

Multiple Local Buffer Overflow Vulnerabilities in Intel Trusted Execution Engine

Intel Trusted Execution Engine Firmware is a trusted execution engine firmware product. Intel Trusted Execution Engine has multiple local buffer overflow vulnerabilities. The vulnerabilities could be exploited by an attacker with local access rights to execute arbitrary code...

7.8CVSS8AI score0.00649EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2017/11/21 3:3 p.m.34 views

Intel Patches CPU Bugs Impacting Millions of Devices

Intel released patches on Monday to protect millions of PCs and servers from vulnerabilities found in its Management Engine, Trusted Execution Engine and Server Platform Services that could allow local attackers elevate privileges, run arbitrary code, crash systems and eavesdrop on communications...

9CVSS2.2AI score0.04407EPSS
Exploits0References15
Prion
Prion
added 2017/11/21 2:29 p.m.17 views

Buffer overflow

Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code...

7.2CVSS7.7AI score0.00649EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2017/11/21 2:29 p.m.22 views

CVE-2017-5710

Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector...

7.8CVSS7AI score0.00609EPSS
Exploits0References6
OSV
OSV
added 2017/11/21 2:29 p.m.2 views

CVE-2017-5707

Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code...

7.8CVSS6.3AI score0.00649EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2017/11/21 2:29 p.m.24 views

CVE-2017-5710

Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector...

7.8CVSS7.3AI score0.00609EPSS
Exploits0References2
Rows per page
Query Builder