Lucene search
+L

403 matches found

0day.today
0day.today
added 2022/02/18 12:0 a.m.132 views

Intel(R) Management Engine Components 6.0.0.1189 - (LMS) Unquoted Service Path Vulnerability

Exploit Title: IntelR Management Engine Components 6.0.0.1189 - 'LMS' Unquoted Service Path Exploit Author : SamAlucard Vendor : Intel Version : IntelR Management Engine Components 6.0.0.1189 Vendor Homepage : https://www.intel.com Tested on OS: Windows 7 Pro Analyze PoC : ============== C:\sc qc...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/02/18 12:0 a.m.240 views

Intel Management Engine Components 6.0.0.1189 Unquoted Service Path

Exploit Title: IntelR Management Engine Components 6.0.0.1189 - 'LMS' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2022-02-17 Vendor : Intel Version : IntelR Management Engine Components 6.0.0.1189 Vendor Homepage : https://www.intel.com Tested on OS: Windows 7 Pro Analyze PoC ...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/18 12:0 a.m.227 views

Intel(R) Management Engine Components 6.0.0.1189 - 'LMS' Unquoted Service Path

Exploit Title: IntelR Management Engine Components 6.0.0.1189 - 'LMS' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2022-02-17 Vendor : Intel Version : IntelR Management Engine Components 6.0.0.1189 Vendor Homepage : https://www.intel.com Tested on OS: Windows 7 Pro Analyze PoC ...

7.4AI score
Exploits0
CNNVD
CNNVD
added 2022/02/08 12:0 a.m.9 views

Intel 多款产品安全漏洞

Intel AMT SDK for Windows and others are products of Intel Corporation.Intel AMT SDK for Windows is a development kit for providing basic development functionality for Active Management Technology AMT.Intel Setup and Configuration Software Intel SCS is a modular, cross-platform experience. Intel...

4.6CVSS5.2AI score0.00251EPSS
Exploits0References6
Hewlett-Packard
Hewlett-Packard
added 2022/02/08 12:0 a.m.51 views

Intel® MEBx Firmware February 2022 Security Updates

Intel has informed HP of a potential security vulnerability identified in the Intel® Management Engine BIOS eXtensions MEBx which may allow escalation of privilege when provisioning over USB. Intel is releasing firmware updates to mitigate this potential vulnerability. Intel has released updates ...

4.6CVSS1.4AI score0.00251EPSS
Exploits0Affected Software279
OSV
OSV
added 2021/11/17 7:15 p.m.1 views

CVE-2021-33087

Improper authentication in the installer for the IntelR NUC M15 Laptop Kit Management Engine driver pack before version 15.0.10.1508 may allow an authenticated user to potentially enable denial of service via local access...

5.5CVSS5.8AI score0.00207EPSS
Exploits0References1
CVE
CVE
added 2021/11/17 6:53 p.m.42 views

CVE-2021-33087

Mode C: CVE-2021-33087 affects the Intel NUC M15 Laptop Kit driver pack (Management Engine) installer prior to version 15.0.10.1508. The Red Hat advisory and Intel advisory confirm an improper authentication issue in the installer that may allow an authenticated user to cause a denial of service ...

5.5CVSS5.4AI score0.00207EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/11/12 12:0 a.m.3 views

Lenovo ThinkPad 输入验证错误漏洞

Lenovo ThinkPad is a portable computer from Lenovo, a Chinese company. An input validation error vulnerability exists in the SMI callback function used in the CSME configuration of the Lenovo ThinkPad, which can be exploited by an attacker to execute arbitrary code...

7.2CVSS7.1AI score0.0027EPSS
Exploits0References3
OSV
OSV
added 2021/06/09 7:15 p.m.3 views

CVE-2020-8703

Improper buffer restrictions in a subsystem in the IntelR CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access...

6.7CVSS6AI score0.00346EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2021/06/09 7:15 p.m.4 views

CVE-2020-24507

Improper initialization in a subsystem in the IntelR CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access...

4.4CVSS5.3AI score0.00284EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/06/09 12:0 a.m.7 views

Intel CSME 安全漏洞

CSME is known as the Intel Management Engine BIOS Extension. A security vulnerability exists in Intel CSME that stems from a modification in the subsystem that assumes immutable data may allow an unauthenticated user to potentially enable privilege escalation through physical access. The followin...

6.8CVSS6.5AI score0.00267EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.5 views

CSME 缓冲区错误漏洞

CSME is known as Intel Management Engine BIOS Extension IntelR CSME suffers from a buffer error vulnerability that originates from an out-of-bounds read in a subsystem, which could allow a privileged user to locally access sensitive information, resulting in an information disclosure. The followi...

4.4CVSS6.8AI score0.00284EPSS
Exploits0References9
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.6 views

CSME 信息泄露漏洞

CSME is known as the Intel Management Engine BIOS Extension. An information disclosure vulnerability exists in IntelR CSME that stems from improper subsystem initialization in CSME, which could allow a privileged user to locally access sensitive information, resulting in an information disclosure...

4.4CVSS6.5AI score0.00284EPSS
Exploits0References9
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.3 views

CSME安全漏洞

CSME is known as the Intel Management Engine BIOS Extension. A security vulnerability exists in CSME that stems from insufficient control flow management in the subsystem, which could allow an attacker to escalate privileges via local access. The following products and versions are affected:...

6.7CVSS6.6AI score0.00251EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.4 views

CSME 缓冲区错误漏洞

CSME is known as Intel Management Engine BIOS Extension A buffer error vulnerability exists in IntelR CSME that stems from improper buffer limitations in the subsystem, which could allow an attacker to escalate privileges via local access. The following products and versions are affected: 11.8.86...

6.7CVSS7.3AI score0.00346EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2021/05/20 12:0 a.m.8 views

The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, lies in the lack of protection against Cross-Site Request Forgery attacks (CSRF). This allows attackers to perform arbitrary actions within the context of the current user.

The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, is related to the lack of protection against Cross-Site Request Forgery attacks CSRF. Exploiting this vulnerability allows a malicious actor to perform arbitrary actions on behalf of the...

7.5CVSS6.6AI score0.00335EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2021/04/15 12:0 a.m.5 views

Logic Flaw Vulnerability in Riptide Networks ASME Access Sharing Management Engine

ASME Access Sharing Management Engine is an anti-proxy product based on DPI application layer detection. A logic flaw vulnerability exists in the ASME Access Sharing Management Engine of Ruijie Network. Attackers can view and modify the return packets by capturing packets, fill in passwords at...

6.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/12/24 12:0 a.m.8 views

The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, stems from insufficient validation of input data. This allows attackers to escalate their privileges and execute arbitrary code.

The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to elevate their privileges to root and execute arbitrary code...

9CVSS7.5AI score0.04078EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/12/18 12:0 a.m.31 views

RHEL 8 : CloudForms 5.0.10 (RHSA-2020:5554)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:5554 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments...

8.3CVSS7.7AI score0.01EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2020/12/15 9:19 p.m.61 views

Important: Red Hat Security Advisory: CloudForms 5.0.10 security, bug fix and enhancement update

An update is now available for CloudForms Management Engine 5.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

8.3CVSS7.3AI score0.01EPSS
Exploits0References9
Rows per page
Query Builder