CVE-2020-24506

Out of bound read in a subsystem in the IntelR CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentially enable information disclosure via local access...

The vulnerability of microprogramming software, including Intel Converged Security and Manageability Engine (CSME), Intel Trusted Execution Engine (TXE), and Intel Server Platform Services (SPS), arises from insecure resource initialization, allowing attackers to escalate their privileges.

The vulnerabilities of Microprogramming Software, including Intel Converged Security and Manageability Engine CSME, Intel Trusted Execution Engine TXE, and Intel Server Platform Services SPS, are related to insecure resource initialization. Exploiting these vulnerabilities can allow attackers to...

Vulnerability in the Microprogramming Software of the Intel Converged Security and Manageability Engine (CSME) and the Intel Server Platform Services (SPS) allows attackers to enhance their privileges.

The vulnerability in the Microprogramming Software of the Intel Converged Security and Manageability Engine CSME and the Microprogramming Software of the Intel Server Platform Services SPS is caused by synchronization errors when using a shared resource. Exploiting this vulnerability can allow an...

Multiple vulnerabilities fixed in Intel systems

Intel has fixed several vulnerabilities in Converged Security and Manageability Engine CSME, Server Platform Services SPS, Trusted Execution Engine TXE, Dynamic Application Loader DAL, Active Management Technology AMT and Standard Manageability ISM. Malicious parties can exploit the vulnerabiliti...

CVE-2020-8756

Improper input validation in subsystem for IntelR CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access...

The vulnerability of the Intel Dynamic Application Loader (DAL) subsystem of the Intel Converged Security and Manageability Engine (CSME) and Intel Trusted Execution Engine (TXE) allows a attacker to trigger a service failure.

The vulnerability of the Intel Dynamic Application Loader DAL subsystem within the Intel Converged Security and Manageability Engine CSME and Intel Trusted Execution Engine TXE is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could...

The vulnerability relates to the implementation of the Intel Converged Security and Manageability Engine, the microsoftware of the Intel Server Platform Services, and the Intel Trusted Execution Engine. It stems from a numerical overflow in data structures, allowing an attacker to trigger a service failure.

The vulnerability of the Intel Converged Security and Manageability Engine, the microsoftware of the Intel Server Platform Services, and the Intel Trusted Execution Engine is related to a count-based overflow in data structures. Exploiting this vulnerability can allow an attacker to trigger a...

The vulnerability of the Intel Converged Security and Manageability Engine implementation arises from the possibility of operations occurring outside the buffer in memory. This allows attackers to escalate their privileges, disclose sensitive information, or cause system failures.

The vulnerability of the Intel Converged Security and Manageability Engine implementation lies in the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow attackers to enhance their privileges, expose sensitive information, or cause service failures...

Intel CSME, TXE and SPS Input Validation Error Vulnerability

Intel Converged Security and Management Engine CSME, etc. are products of Intel Corporation, USA. Intel Converged Security and Management Engine is a security management engine. Intel Server Platform Services SPS is a server platform service program. Intel Converged Security and Management Engine...

The vulnerability of Intel Converged Security and Manageability Engine’s microprogramming software, related to authentication deficiencies, allows attackers to escalate their privileges, cause service failures, or disclose sensitive information.

The vulnerability of Intel Converged Security and Manageability Engine CSME is related to authentication deficiencies. Exploiting this vulnerability can allow attackers to enhance their privileges, cause service failures, or expose sensitive information...

Intel Patches High-Severity Flaw in Security Engine

Intel is warning of a high-severity flaw in the firmware of its converged security and management engine CSME, which if exploited could allow privilege escalation, denial of service and information disclosure. CSME powers Intel’s Active Management System hardware and firmware technology, used for...

CVE-2019-11104

Insufficient input validation in MEInfo software for IntelR CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; IntelR TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access...

The vulnerability of Intel Converged Security and Manageability Engine’s microprogramming software, related to a logical error, allows attackers to escalate their privileges and expose sensitive information.

The vulnerability of Intel Converged Security and Manageability Engine CSME is related to a logical error. Exploiting this vulnerability can allow attackers to enhance their privileges and expose sensitive information...

The vulnerability of Intel Converged Security and Manageability Engine’s microprogramming software arises from insufficient validation of input data. This allows attackers to escalate their privileges.

The vulnerability of Intel Converged Security and Manageability Engine CSME exists due to insufficient testing of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the driver for the hardware abstraction layer of the MEinfo utility lies in the Microprogramming Software Intel Converged Security and Manageability Engine (CSME), the Microprogramming Software Intel Trusted Execution Engine (TXE), the Intel-SA-00086 Detection Tool, and the INTEL-SA-00125 Detection Tool. This vulnerability allows attackers to enhance their privileges.

The vulnerability of the MEinfo driver for hardware abstraction in Intel Converged Security and Manageability Engine CSME microprogramming software, Intel Trusted Execution Engine TXE microprogramming software, Intel-SA-00086 Detection Tool, and INTEL-SA-00125 Detection Tool is related to...

Unspecified Vulnerability in Multiple Intel Products

Intel Converged Security and Management Engine CSME, etc. are products of Intel Corporation.Intel Converged Security and Management Engine is a security management engine.Intel TXE is a Trust Execution Engine TEE with hardware verification in CPU Central Processing Unit.INTEL-SA-00086 Detection...

Intel TXE and Intel Converged Security and Management Engine Input Validation Error Vulnerability (CNVD-2020-18614)

Intel Converged Security and Management Engine CSME and Intel TXE are both products of Intel Corporation.Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trust execution engine with hardware validation capabilities for use in CPUs Central Processing...

Intel TXE and Intel Converged Security and Management Engine Input Validation Error Vulnerability (CNVD-2020-18615)

Intel Converged Security and Management Engine CSME and Intel TXE are both products of Intel Corporation, U.S.A. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trust execution engine with hardware authentication capabilities for use in CPUs central...

The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine (CSME), Intel Trusted Execution Engine (TXE), and Intel Dynamic Application Loader (DAL) arises from insufficient session verification, allowing attackers to exploit their privileges.

The vulnerability of the Intel Active Management Technology AMT implementation of the Intel Converged Security and Manageability Engine CSME software is related to insufficient session verification. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine (CSME), Intel Trusted Execution Engine (TXE), and Intel Dynamic Application Loader (DAL) arises from insufficient validation of input data, allowing attackers to disclose protected information.

The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine CSME, Intel Trusted Execution Engine TXE, and Intel Dynamic Application Loader DAL is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to disclose...