CVE-2025-27708

Out-of-bounds read in the firmware for some IntelR Converged Security and Management Engine CSME Firmware FW within Ring 0: Kernel may allow an information disclosure. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...

CVE-2025-27708

Out-of-bounds read in the firmware for some IntelR Converged Security and Management Engine CSME Firmware FW within Ring 0: Kernel may allow an information disclosure. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...

CVE-2025-27708

The CVE-2025-27708 entry describes an out-of-bounds read in Intel CSME firmware (Ring 0) that may allow information disclosure. A local attacker with privileged user rights and high attack complexity could expose data without user interaction, with confidentiality impact High and no integrity/ava...

Intel Chipset Firmware February 2026 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® Converged Security and Management Engine Intel® CSME, some Intel® Active Management Technology Intel® AMT, and some Intel® Standard Manageability, which might allow denial of service or information disclosure. Intel is...

Intel Converged Security and Management Engine（CSME） 缓冲区错误漏洞

The Intel Converged Security and Management Engine CSME is a security management engine developed by Intel Corporation in the United States. The Intel Converged Security and Management Engine Firmware contains a buffer overflow vulnerability, which stems from out-of-bounds reads, potentially...

2026.1 IPU, Intel® Chipset Firmware Advisory

Summary: Potential security vulnerabilities in some Intel® Converged Security and Management Engine Intel® CSME, some Intel® Active Management Technology Intel® AMT, and some Intel® Standard Manageability may allow denial of service or information disclosure. Intel is releasing firmware updates t...

PT-2026-7295

Name of the Vulnerable Software and Affected Versions IntelR Converged Security and Management Engine CSME Firmware FW affected versions not specified Description An out-of-bounds read issue exists in the firmware within Ring 0: Kernel, potentially allowing information disclosure. A system softwa...

Intel Chipset Firmware August 2025 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® Converged Security and Manageability Engine CSME, Intel® Active Management Technology AMT, and Intel® Standard Manageability, which might allow information disclosure or escalation of privilege. Intel is releasing firmware...

EUVD-2018-15497

Malware in sbrugna...

EUVD-2025-24439

Malicious code in bioql PyPI...

EUVD-2025-24442

Malicious code in bioql PyPI...

Intel Converged Security and Management Engine Competitive Conditions Vulnerability

The Intel Converged Security and Management Engine is Intel's microcontroller embedded in the chipset to provide system management, security and low-power features. A competitive condition vulnerability exists in Intel Converged Security and Management Engine, and no detailed vulnerability detail...

CVE-2025-20037

Time-of-check time-of-use race condition in firmware for some IntelR Converged Security and Management Engine may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-20037

Time-of-check time-of-use race condition in firmware for some IntelR Converged Security and Management Engine may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-20067

Observable timing discrepancy in firmware for some IntelR CSME and IntelR SPS may allow a privileged user to potentially enable information disclosure via local access...

CVE-2025-20067

Observable timing discrepancy in firmware for some IntelR CSME and IntelR SPS may allow a privileged user to potentially enable information disclosure via local access...

CVE-2025-20037

Time-of-check time-of-use race condition in firmware for some IntelR Converged Security and Management Engine may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-20037

Time-of-check time-of-use race condition in firmware for some IntelR Converged Security and Management Engine may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-20037

Intel’s advisory (INTEL-SA-01280) confirms CVE-2025-20037 as a TOCTOU race condition in firmware affecting CSME, SPS, AMT, and related Intel firmware. The flaw permits a local, privileged escalation (attack vector: local, requires high privileges; UI: none) with high impact on integrity and avail...

PT-2025-32698

Name of the Vulnerable Software and Affected Versions: IntelR CSME and IntelR SPS affected versions not specified Description: An observable timing discrepancy in firmware may allow a privileged user to potentially enable information disclosure via local access. Recommendations: At the moment,...