Intel Chipset Firmware February 2026 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® Converged Security and Management Engine Intel® CSME, some Intel® Active Management Technology Intel® AMT, and some Intel® Standard Manageability, which might allow denial of service or information disclosure. Intel is...

Intel Chipset Firmware August 2025 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® Converged Security and Manageability Engine CSME, Intel® Active Management Technology AMT, and Intel® Standard Manageability, which might allow information disclosure or escalation of privilege. Intel is releasing firmware...

CVE-2025-20037

Time-of-check time-of-use race condition in firmware for some IntelR Converged Security and Management Engine may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-20067

Observable timing discrepancy in firmware for some IntelR CSME and IntelR SPS may allow a privileged user to potentially enable information disclosure via local access...

SUSE CVE-2019-11087

Insufficient input validation in the subsystem for IntelR CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; IntelR TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of...

SUSE CVE-2019-11104

Insufficient input validation in MEInfo software for IntelR CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; IntelR TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access...

多款Intel产品授权问题漏洞

Intel Converged Security and Management Engine CSME, etc. are products of Intel Corporation, USA. Intel Converged Security and Management Engine is a security management engine. Intel Server Platform Services SPS is a server platform service program. Intel Converged Security and Management Engine...

多款Intel产品输入验证错误漏洞

Intel Converged Security and Management Engine CSME, etc. are products of Intel Corporation, USA. Intel Converged Security and Management Engine is a security management engine. Intel Server Platform Services SPS is a server platform service program. Intel Converged Security and Management Engine...

Lenovo ThinkPad 输入验证错误漏洞

Lenovo ThinkPad is a portable computer from Lenovo China. An input validation error vulnerability exists in the SMI callback function used in the CSME configuration of some Lenovo laptops and ThinkPad systems, which can be exploited by an attacker to obtain data outside the scope of SMRAM...

CVE-2020-24506

Out of bound read in a subsystem in the IntelR CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentially enable information disclosure via local access...

The vulnerability of microprogramming software, including Intel Converged Security and Manageability Engine (CSME), Intel Trusted Execution Engine (TXE), and Intel Server Platform Services (SPS), arises from insecure resource initialization, allowing attackers to escalate their privileges.

The vulnerabilities of Microprogramming Software, including Intel Converged Security and Manageability Engine CSME, Intel Trusted Execution Engine TXE, and Intel Server Platform Services SPS, are related to insecure resource initialization. Exploiting these vulnerabilities can allow attackers to...

Vulnerability in the Microprogramming Software of the Intel Converged Security and Manageability Engine (CSME) and the Intel Server Platform Services (SPS) allows attackers to enhance their privileges.

The vulnerability in the Microprogramming Software of the Intel Converged Security and Manageability Engine CSME and the Microprogramming Software of the Intel Server Platform Services SPS is caused by synchronization errors when using a shared resource. Exploiting this vulnerability can allow an...

Multiple vulnerabilities fixed in Intel systems

Intel has fixed several vulnerabilities in Converged Security and Manageability Engine CSME, Server Platform Services SPS, Trusted Execution Engine TXE, Dynamic Application Loader DAL, Active Management Technology AMT and Standard Manageability ISM. Malicious parties can exploit the vulnerabiliti...

The vulnerability of the Intel Dynamic Application Loader (DAL) subsystem of the Intel Converged Security and Manageability Engine (CSME) and Intel Trusted Execution Engine (TXE) allows a attacker to trigger a service failure.

The vulnerability of the Intel Dynamic Application Loader DAL subsystem within the Intel Converged Security and Manageability Engine CSME and Intel Trusted Execution Engine TXE is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could...

The vulnerability relates to the implementation of the Intel Converged Security and Manageability Engine, the microsoftware of the Intel Server Platform Services, and the Intel Trusted Execution Engine. It stems from a numerical overflow in data structures, allowing an attacker to trigger a service failure.

The vulnerability of the Intel Converged Security and Manageability Engine, the microsoftware of the Intel Server Platform Services, and the Intel Trusted Execution Engine is related to a count-based overflow in data structures. Exploiting this vulnerability can allow an attacker to trigger a...

The vulnerability of the Intel Converged Security and Manageability Engine implementation arises from the possibility of operations occurring outside the buffer in memory. This allows attackers to escalate their privileges, disclose sensitive information, or cause system failures.

The vulnerability of the Intel Converged Security and Manageability Engine implementation lies in the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow attackers to enhance their privileges, expose sensitive information, or cause service failures...

Intel CSME, TXE and SPS Input Validation Error Vulnerability

Intel Converged Security and Management Engine CSME, etc. are products of Intel Corporation, USA. Intel Converged Security and Management Engine is a security management engine. Intel Server Platform Services SPS is a server platform service program. Intel Converged Security and Management Engine...

The vulnerability of Intel Converged Security and Manageability Engine’s microprogramming software arises from insufficient validation of input data. This allows attackers to escalate their privileges.

The vulnerability of Intel Converged Security and Manageability Engine CSME exists due to insufficient testing of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of Intel Converged Security and Manageability Engine’s microprogramming software, related to a logical error, allows attackers to escalate their privileges and expose sensitive information.

The vulnerability of Intel Converged Security and Manageability Engine CSME is related to a logical error. Exploiting this vulnerability can allow attackers to enhance their privileges and expose sensitive information...

Unspecified Vulnerability in Multiple Intel Products

Intel Converged Security and Management Engine CSME, etc. are products of Intel Corporation.Intel Converged Security and Management Engine is a security management engine.Intel TXE is a Trust Execution Engine TEE with hardware verification in CPU Central Processing Unit.INTEL-SA-00086 Detection...