Intel CSME, SPS, TXE, AMT and DAL Advisory - Lenovo Support US

Lenovo Security Advisory: LEN-30041 Potential Impact: Privilege escalation, denial of service, information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2020-0542, CVE-2020-0532, CVE-2020-0538, CVE-2020-0534, CVE-2020-0541, CVE-2020-0533, CVE-2020-0537, CVE-2020-053...

CVE-2020-1963

Apache Ignite uses H2 database to build SQL distributed execution engine. H2 provides SQL functions which could be used by attacker to access to a filesystem...

[SECURITY] Fedora 32 Update: bubblewrap-0.4.1-1.fc32

Bubblewrap /usr/bin/bwrap is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces...

CVE-2019-11090

Cryptographic timing conditions in the subsystem for IntelR PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; IntelR TXE 3.1.70 and 4.0.20; IntelR SPS before versions SPSE504.01.04.305.0, SPSSoC-X04.00.04.108.0, SPSSoC-A04.00.04.191.0, SPSE304.01.04.086.0,...

CVE-2019-11102

Insufficient input validation in IntelR DAL software for IntelR CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; IntelR TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access...

CVE-2019-0168

Insufficient input validation in the subsystem for IntelR CSME before versions 11.8.70, 12.0.45 and 13.0.10; IntelR TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access...

The vulnerability of the driver for the hardware abstraction layer of the MEinfo utility lies in the Microprogramming Software Intel Converged Security and Manageability Engine (CSME), the Microprogramming Software Intel Trusted Execution Engine (TXE), the Intel-SA-00086 Detection Tool, and the INTEL-SA-00125 Detection Tool. This vulnerability allows attackers to enhance their privileges.

The vulnerability of the MEinfo driver for hardware abstraction in Intel Converged Security and Manageability Engine CSME microprogramming software, Intel Trusted Execution Engine TXE microprogramming software, Intel-SA-00086 Detection Tool, and INTEL-SA-00125 Detection Tool is related to...

The vulnerability of the embedded microcontroller’s consumer driver, Intel Management Engine, and the microprogramming software Intel Trusted Execution Engine (TXE), allows a perpetrator to enhance their privileges.

The vulnerability of the embedded microcontroller’s consumer driver, Intel Management Engine for Windows, and Intel Trusted Execution Engine TXE software, is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Intel Platform Trust Technology (PTT) platform for storing account data and managing keys, along with the microsoftware Intel Trusted Execution Engine (TXE) and Intel Server Platform Services, arises from the lack of protection for operational data. This allows attackers to gain access to the cryptographic keys stored in the Trusted Platform Module (TPM).

The vulnerability of the Intel Platform Trust Technology-based data storage and key management platform, along with the Intel Trusted Execution Engine software and Intel Server Platform Services, is related to the lack of protection for sensitive data. Exploiting this vulnerability could allow a...

Intel TXE and Intel Converged Security and Management Engine Code Issue Vulnerabilities

Intel Converged Security and Management Engine CSME and Intel TXE are both products of Intel Corporation, U.S.A. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trust execution engine with hardware authentication capabilities for use in CPUs central...

Intel TXE and Intel Converged Security and Management Engine License Issue Vulnerability

Intel Converged Security and Management Engine CSME and Intel TXE are both products of Intel Corporation, U.S.A. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trust execution engine with hardware authentication capabilities for use in CPUs central...

Competitive conditions issue vulnerability for multiple Intel products

Intel Server Platform Services SPS, etc. are products of Intel Corporation. Intel Server Platform Services is a server platform service program. Intel TXE is a trust execution engine used in CPUs central processing units with hardware authentication capabilities. Intel Platform Trust Technology P...

Unspecified Vulnerability in Intel TXE and Intel Management Engine Consumer Driver

Intel TXE and Intel Management Engine Consumer Driver are both products of Intel Corporation, USA. Intel TXE is a Trusted Execution Engine with hardware validation for use in CPUs Central Processing Units.Intel Management Engine Consumer Driver is a management engine consumer driver. An unspecifi...

The vulnerability of Microprogramming Software, Intel Converged Security and Manageability Engine (CSME), and Intel Trusted Execution Engine (TXE) arises from insufficient validation of input data, allowing attackers to disclose protected information.

The vulnerability of Microprogramming Software Intel Converged Security and Manageability Engine CSME and Intel Trusted Execution Engine TXE is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to disclose protected information...

The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine (CSME), Intel Trusted Execution Engine (TXE), and Intel Dynamic Application Loader (DAL) arises from insufficient validation of input data, allowing attackers to disclose protected information.

The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine CSME, Intel Trusted Execution Engine TXE, and Intel Dynamic Application Loader DAL is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to disclose...

The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine (CSME), Intel Trusted Execution Engine (TXE), and Intel Dynamic Application Loader (DAL) arises from insufficient session verification, allowing attackers to exploit their privileges.

The vulnerability of the Intel Active Management Technology AMT implementation of the Intel Converged Security and Manageability Engine CSME software is related to insufficient session verification. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine (CSME), Intel Trusted Execution Engine (TXE), and Intel Dynamic Application Loader (DAL) is related to authentication errors, allowing attackers to escalate their privileges.

The vulnerabilities of Microprogramming Software: Intel Converged Security and Manageability Engine CSME, Intel Trusted Execution Engine TXE, and Intel Dynamic Application Loader DAL are related to authentication errors. Exploiting these vulnerabilities can allow attackers to enhance their...

Intel Converged Security and Management Engine Information Disclosure Vulnerability

Intel Converged Security and Management Engine CSME and Intel TXE are both products of Intel Corporation, U.S.A. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trust execution engine with hardware authentication capabilities for use in CPUs central...

Intel Converged Security and Management Engine and Intel TXE Buffer Overflow Vulnerability

Intel Converged Security and Management Engine CSME and Intel TXE are both products of Intel Corporation, U.S.A. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trust execution engine with hardware authentication capabilities for use in CPUs central...

Intel CSME and TXE Input Validation Error Vulnerability

Intel Converged Security and Management Engine CSME and Intel TXE are both products of Intel Corporation, U.S.A. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trust execution engine with hardware authentication capabilities for use in CPUs central...