Lucene search
+L

318 matches found

CVE
CVE
added 2024/11/12 5:15 p.m.66 views

CVE-2024-21939

CVE-2024-21939 concerns the AMD Cloud Manageability Service (ACMS). The connected AMD advisory documents indicate the issue stems from incorrect default ACL permissions in the ACMS Software installation directory, enabling a low-privileged local attacker to escalate privileges and potentially exe...

7.3CVSS8AI score0.0023EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.7 views

AMD Cloud Manageability Service 安全漏洞

AMD Cloud Manageability Service is a software product within the AMD Manageability solution from UltraMicroelectronics AMD that enables IT administrators to manage AMD devices that are not on the corporate network. AMD Cloud Manageability Service has a security vulnerability that stems from...

7.3CVSS7.5AI score0.0023EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/12 12:0 a.m.9 views

PT-2024-19122 · Amd · Amd Cloud Manageability Service

Name of the Vulnerable Software and Affected Versions: AMD Cloud Manageability Service ACMS Software affected versions not specified Description: The issue is related to incorrect default permissions in the installation directory of the AMD Cloud Manageability Service ACMS Software. This could...

7.3CVSS7.4AI score0.0023EPSS
Exploits0References4
Amd
Amd
added 2024/11/12 12:0 a.m.24 views

AMD Cloud Manageability Service Incorrect Default Permissions Vulnerability

Bulletin ID: AMD-SB-9006 Potential Impact: Incorrect Default Permissions Leading to Arbitrary Execution Severity: High Summary A researcher reported an incorrect default permissions vulnerability within the AMD Cloud Manageability Service ACMS Software. ACMS is designed to help enable IT...

7.3CVSS7.9AI score0.0023EPSS
Exploits0
CVE
CVE
added 2024/08/14 1:45 p.m.51 views

CVE-2023-38655

CVE-2023-38655 concerns improper buffer restrictions in firmware for Intel® AMT and Intel® Standard Manageability. The vulnerability could allow a privileged attacker to cause a denial of service over the network. Connected sources corroborate the issue within Intel chipset firmware/CSME/AMT ecos...

6.9CVSS7AI score0.00501EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/13 12:0 a.m.4 views

PT-2024-7105 · Intel · Intel Converged Security/Manageability Engine

Name of the Vulnerable Software and Affected Versions: Intel Converged Security and Manageability Engine CSME affected versions not specified Description: The issue is related to insufficient input validation in the Intel Converged Security and Manageability Engine CSME firmware, which may allow ...

6.7CVSS6.7AI score0.00169EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/08/13 12:0 a.m.5 views

PT-2024-7103 · Intel · Intel Csme

Name of the Vulnerable Software and Affected Versions: IntelR CSME affected versions not specified Description: The issue is related to an unchecked return value in the firmware of some Intel Converged Security and Manageability Engine CSME subsystems. This may allow an unauthenticated user with...

5.7CVSS7.3AI score0.00209EPSS
Exploits0References4
OSV
OSV
added 2024/05/16 9:15 p.m.4 views

UBUNTU-CVE-2022-37341

Improper access control in some IntelR Ethernet Adapters and IntelR Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access...

7.8CVSS5.8AI score0.00198EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/16 12:0 a.m.8 views

PT-2024-11602 · Intel · Intel Ethernet Adapters +1

Name of the Vulnerable Software and Affected Versions: IntelR Ethernet Adapters and IntelR Ethernet Controller I225 Manageability firmware affected versions not specified Description: The issue is related to improper access control in the firmware of certain Intel Ethernet Adapters and Intel...

7.2CVSS7.2AI score0.00198EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/04/02 12:0 a.m.7 views

The vulnerability of software for remote management and monitoring of the Intel Local Manageability Service arises from insufficient protection of registration data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the software for remote management and monitoring of the Intel Local Manageability Service is related to insufficient protection of registration data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

3.3CVSS5.5AI score0.00165EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/02 12:0 a.m.8 views

The vulnerability of software for remote management and monitoring of the Intel Converged Security and Manageability Engine (CSME) arises from insufficient validation of input data. This allows attackers to increase their privileges.

The vulnerability of the software for remote management and monitoring of the Intel Converged Security and Manageability Engine CSME is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.7CVSS5.5AI score0.00174EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/02 12:0 a.m.10 views

The vulnerability of the software for remote management and monitoring of the Intel Converged Security and Manageability Engine (CSME) is related to incorrect default permissions, allowing attackers to increase their privileges.

The vulnerability of the software for remote management and monitoring of the Intel Converged Security and Manageability Engine CSME is related to incorrect default permissions. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.7CVSS5.5AI score0.00142EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/14 4:45 p.m.18 views

CVE-2023-27502

Insertion of sensitive information into log file for some IntelR Local Manageability Service software before version 2316.5.1.2 may allow an authenticated user to potentially enable information disclosure via local access...

3.3CVSS6.3AI score0.00165EPSS
Exploits0References1
CVE
CVE
added 2024/03/14 4:45 p.m.72 views

CVE-2023-27502

Intel Local Manageability Service prior to v2316.5.1.2 is affected by CVE-2023-27502, which enables potential information disclosure via local access through log message disclosure. The issue is limited to authenticated Local Manageability Service users and involves sensitive data being written i...

3.3CVSS5.9AI score0.00165EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/14 12:0 a.m.5 views

Intel Local Manageability Service Log Information Disclosure Vulnerability

Intel Local Manageability Service is a management engine from Intel Corporation USA designed to help IT administrators manage computers and devices in an organization over a local network or remote connection. Intel Local Manageability Service versions prior to 2316.5.1.2 are vulnerable to a log...

3.3CVSS6.4AI score0.00165EPSS
Exploits0References3
Hewlett-Packard
Hewlett-Packard
added 2024/03/13 12:0 a.m.28 views

Intel 2024.1 IPU - Chipset Software March 2024 Security Update

Intel has informed HP of potential security vulnerabilities in the Intel® Converged Security Management Engine CSME installer and Intel® Local Manageability Service software which may allow escalation of privilege or information disclosure. Intel is releasing updates to mitigate these potential...

6.7CVSS7.6AI score0.00174EPSS
Exploits0Affected Software319
Intel
Intel
added 2024/03/12 12:0 a.m.14 views

2024.1 IPU - Intel® Chipset Software and SPS Advisory

Summary: Potential security vulnerabilities in the Intel® Converged Security Management Engine CSME installer, Intel® Local Manageability Service software and Intel® Server Platform Servcies SPS may allow information disclosure, escalation of privilege, or denial of service. Vulnerability Details...

6.8CVSS7.4AI score0.00516EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/02/26 12:0 a.m.9 views

The vulnerability of the Manageability Engine (ME) in Intel Server Platform Services (SPS) software for Lenovo ThinkSystem servers allows a malicious actor to alter the firmware configuration and trigger a service failure.

The vulnerability of the Manageability Engine ME in Intel Server Platform Services SPS of Lenovo ThinkSystem servers stems from the synchronization failure between BIOS/UEFI and ME states due to the use of non-replicable configurations. Exploiting this vulnerability can allow an attacker to alter...

2CVSS5.4AI score0.00162EPSS
Exploits0References2
NVD
NVD
added 2024/02/23 9:15 p.m.26 views

CVE-2021-33142

Improper input validation in some IntelR Ethernet Adapters and IntelR Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable denial of service via local access...

6CVSS5.7AI score0.00229EPSS
Exploits0References1
OSV
OSV
added 2024/02/23 9:15 p.m.2 views

CVE-2021-33157

Insufficient control flow management in some IntelR Ethernet Adapters and IntelR Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access...

7.2CVSS5.8AI score0.00196EPSS
Exploits0References1
Rows per page
Query Builder