Intel SPS和Intel CSME 安全漏洞

Intel SPS and Intel CSME are both products of Intel Corporation Intel, U.S.A. Intel SPS is a server platform service. Intel CSME is a converged security management engine. A security vulnerability exists in Intel SPS and Intel CSME that stems from an observable time difference that could lead to...

PT-2025-32695

Name of the Vulnerable Software and Affected Versions: IntelR Converged Security and Management Engine affected versions not specified Description: A time-of-check time-of-use TOCTOU race condition exists in the firmware. This may allow a privileged user to potentially escalate privileges via loc...

A vulnerability in the Microprogramming Software Subsystem of the Intel Converged Security and Manageability Engine (CSME) exists, due to insufficient validation of input data. This allows attackers to trigger a service failure.

The vulnerability in the Intel Converged Security and Manageability Engine CSME microprogramming system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to trigger a service failure...

PT-2024-8890 · Intel · Intel Csme

Name of the Vulnerable Software and Affected Versions: IntelR CSME affected versions not specified Description: The issue is related to improper initialization in the firmware of some IntelR CSME, which may allow a privileged user to potentially enable information disclosure via local access. Thi...

SUSE CVE-2019-11101

Insufficient input validation in the subsystem for IntelR CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; IntelR TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access...

多款Intel产品代码问题漏洞

Intel Converged Security and Management Engine CSME, etc. are products of Intel Corporation, USA. Intel Converged Security and Management Engine is a security management engine. Intel Server Platform Services SPS is a server platform service program. Intel Converged Security and Management Engine...

多款Intel产品授权问题漏洞

Intel Converged Security and Management Engine CSME, etc. are products of Intel Corporation, USA. Intel Converged Security and Management Engine is a security management engine. Intel Server Platform Services SPS is a server platform service program. Intel Converged Security and Management Engine...

CVE-2020-8756

Improper input validation in subsystem for IntelR CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access...

The vulnerability of Intel Converged Security and Manageability Engine’s microprogramming software, related to authentication deficiencies, allows attackers to escalate their privileges, cause service failures, or disclose sensitive information.

The vulnerability of Intel Converged Security and Manageability Engine CSME is related to authentication deficiencies. Exploiting this vulnerability can allow attackers to enhance their privileges, cause service failures, or expose sensitive information...

CVE-2019-11104

Insufficient input validation in MEInfo software for IntelR CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; IntelR TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access...

The vulnerability of the driver for the hardware abstraction layer of the MEinfo utility lies in the Microprogramming Software Intel Converged Security and Manageability Engine (CSME), the Microprogramming Software Intel Trusted Execution Engine (TXE), the Intel-SA-00086 Detection Tool, and the INTEL-SA-00125 Detection Tool. This vulnerability allows attackers to enhance their privileges.

The vulnerability of the MEinfo driver for hardware abstraction in Intel Converged Security and Manageability Engine CSME microprogramming software, Intel Trusted Execution Engine TXE microprogramming software, Intel-SA-00086 Detection Tool, and INTEL-SA-00125 Detection Tool is related to...

The vulnerability of the HECI subsystem of the microprogramming software, Intel Converged Security and Manageability Engine, Intel Trusted Execution Engine, and Intel Server Platform Services allows a perpetrator to execute arbitrary code.

The vulnerability of Microprogramming Software, including Intel Converged Security and Manageability Engine CSME, Intel Trusted Execution Engine TXE, and Intel Server Platform Services SPS, is related to the execution of operations outside of the buffer in memory. Exploitation of this vulnerabili...

Intel Converged Security Manageability Engine Active Management Technology Buffer Overflow Vulnerability

The Intel Converged Security Manageability Engine is a security management engine for use in CPUs Central Processing Units from Intel Corporation in the U.S. Active Management Technology AMT is one of the active management components. A buffer overflow vulnerability exists in the event handler of...