136 matches found
CVE-2018-12192
Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or IntelR Server Platform Services before version SPSE504.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access...
CVE-2018-12191
Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or IntelR Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or IntelR TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrar...
CVE-2018-12191
The CVE-2018-12191 issue affects Intel CSME, Intel Server Platform Services (SPS), and Intel TXE/AMT. It is a bounds-check vulnerability in the Kernel subsystem that could allow an unauthenticated user with physical access to potentially execute arbitrary code. Affected versions are: Intel CSME b...
CVE-2018-12198
Insufficient input validation in IntelR Server Platform Services HECI subsystem before version SPSE504.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access...
CVE-2018-12208
Intel CVE-2018-12208 is a buffer overflow in the HECI subsystem affecting Intel CSME, TXE, and SPS prior to specified fixed versions. The Intel advisory INTEL-SA-00185 documents the issue, listing affected products and firmware families (CSME before 11.8.60/11.11.60/11.22.60 or 12.0.20; TXE befor...
CVE-2018-12192
The CVE-2018-12192 issue is a logic bug in the Kernel subsystem of Intel CSME and related components (SPS, TXE, AMT) that may allow an unauthenticated user to bypass MEBx authentication via physical access. Affected products include Intel CSME, SPS, TXE, and AMT with affected firmware ranges cite...
Intel CSME, Server Platform Services, Trusted Execution Engine and Intel Active Management Technology Vulnerabilities - Lenovo Support US
No description provided...
Power Management Controller (PMC) Security Advisory
Summary: A potential security vulnerability in power management controller firmware may allow escalation of privilege and/ or information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details CVEID: CVE-2018-3643 Description: A vulnerabili...
Missing System x Flash Memory Write Protection Lock Bit
A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services SPS and the system Flash Descriptors...
CVE-2018-9085
A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services SPS and the system Flash Descriptors...
CVE-2018-9085 Missing System x Flash Memory Write Protection Lock Bit
A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services SPS and the system Flash Descriptors...
Missing System x Flash Memory Write Protection Lock Bit - Lenovo Support US
No description provided...
Missing System x Flash Memory Write Protection Lock Bit - US
Lenovo Security Advisory: LEN-24477 Potential Impact: Denial of service Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2018-9085 Summary Description: A write protection lock bit was left unset after boot on an older generation of System x server, potentially allowing an...
The vulnerability of Microprogramming Software, including Intel Converged Security and Manageability Engine (CSME), Intel Server Platform Services (SPS), and Intel Trusted Execution Engine (TXE), arises due to privilege management errors, allowing attackers to disclose or modify protected information.
The vulnerabilities of Intel CSME, Intel SPS, and Intel TXE are caused by privilege management errors. Exploiting these vulnerabilities can allow attackers to disclose or modify protected information...
Power Management Controller (PMC) Security Vulnerability in Systems using specific Intel® CSME or SPS firmware versions - Lenovo Support US
No description provided...
CVE-2018-3643
A vulnerability in Power Management Controller firmware in systems using specific IntelR Converged Security and Management Engine CSME before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or IntelR Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative...
CVE-2018-3655
A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access...
CVE-2018-3655
A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access...
Design/Logic Flaw
A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access...
CVE-2018-3655
The CVE-2018-3655 issue affects Intel CSME firmware before 11.21.55, Intel SPS before 4.0, and Intel TXE firmware before 3.1.55. The vulnerability allows an unauthenticated user with physical access to potentially modify or disclose information stored in the CSME/SPS/TXE subsystems. Exploitation ...