Lucene search
K

136 matches found

NVD
NVD
added 2019/03/14 8:29 p.m.22 views

CVE-2018-12192

Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or IntelR Server Platform Services before version SPSE504.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access...

7.2CVSS6.6AI score0.00467EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/03/14 8:0 p.m.27 views

CVE-2018-12191

Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or IntelR Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or IntelR TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrar...

7.6AI score0.00482EPSS
Exploits0References3
CVE
CVE
added 2019/03/14 8:0 p.m.58 views

CVE-2018-12191

The CVE-2018-12191 issue affects Intel CSME, Intel Server Platform Services (SPS), and Intel TXE/AMT. It is a bounds-check vulnerability in the Kernel subsystem that could allow an unauthenticated user with physical access to potentially execute arbitrary code. Affected versions are: Intel CSME b...

7.6CVSS7.4AI score0.00482EPSS
Exploits0References3Affected Software3
Cvelist
Cvelist
added 2019/03/14 8:0 p.m.26 views

CVE-2018-12198

Insufficient input validation in IntelR Server Platform Services HECI subsystem before version SPSE504.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access...

5.6AI score0.0034EPSS
Exploits0References3
CVE
CVE
added 2019/03/14 8:0 p.m.50 views

CVE-2018-12208

Intel CVE-2018-12208 is a buffer overflow in the HECI subsystem affecting Intel CSME, TXE, and SPS prior to specified fixed versions. The Intel advisory INTEL-SA-00185 documents the issue, listing affected products and firmware families (CSME before 11.8.60/11.11.60/11.22.60 or 12.0.20; TXE befor...

7.6CVSS7.7AI score0.00511EPSS
Exploits0References3Affected Software3
CVE
CVE
added 2019/03/14 8:0 p.m.57 views

CVE-2018-12192

The CVE-2018-12192 issue is a logic bug in the Kernel subsystem of Intel CSME and related components (SPS, TXE, AMT) that may allow an unauthenticated user to bypass MEBx authentication via physical access. Affected products include Intel CSME, SPS, TXE, and AMT with affected firmware ranges cite...

7.2CVSS6.8AI score0.00467EPSS
Exploits0References3Affected Software2
Lenovo
Lenovo
added 2019/03/14 2:33 p.m.4 views

Intel CSME, Server Platform Services, Trusted Execution Engine and Intel Active Management Technology Vulnerabilities - Lenovo Support US

No description provided...

7.6CVSS5.4AI score0.01113EPSS
Exploits0
Intel
Intel
added 2018/12/18 12:0 a.m.28 views

Power Management Controller (PMC) Security Advisory

Summary: A potential security vulnerability in power management controller firmware may allow escalation of privilege and/ or information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details CVEID: CVE-2018-3643 Description: A vulnerabili...

8.2CVSS8.3AI score0.00501EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2018/11/16 2:29 p.m.4 views

Missing System x Flash Memory Write Protection Lock Bit

A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services SPS and the system Flash Descriptors...

4.9CVSS5.5AI score0.00664EPSS
Exploits0References2
OSV
OSV
added 2018/11/16 2:29 p.m.4 views

CVE-2018-9085

A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services SPS and the system Flash Descriptors...

4.9CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added 2018/11/16 2:0 p.m.25 views

CVE-2018-9085 Missing System x Flash Memory Write Protection Lock Bit

A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services SPS and the system Flash Descriptors...

4.9AI score0.00664EPSS
Exploits0References1
Lenovo
Lenovo
added 2018/11/14 2:28 a.m.15 views

Missing System x Flash Memory Write Protection Lock Bit - Lenovo Support US

No description provided...

4.9CVSS5.1AI score0.00664EPSS
Exploits0
Lenovo
Lenovo
added 2018/11/14 2:28 a.m.366 views

Missing System x Flash Memory Write Protection Lock Bit - US

Lenovo Security Advisory: LEN-24477 Potential Impact: Denial of service Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2018-9085 Summary Description: A write protection lock bit was left unset after boot on an older generation of System x server, potentially allowing an...

4CVSS2.7AI score0.00664EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/10/05 12:0 a.m.6 views

The vulnerability of Microprogramming Software, including Intel Converged Security and Manageability Engine (CSME), Intel Server Platform Services (SPS), and Intel Trusted Execution Engine (TXE), arises due to privilege management errors, allowing attackers to disclose or modify protected information.

The vulnerabilities of Intel CSME, Intel SPS, and Intel TXE are caused by privilege management errors. Exploiting these vulnerabilities can allow attackers to disclose or modify protected information...

7.3CVSS5.5AI score0.00433EPSS
Exploits0References4Affected Software3
Lenovo
Lenovo
added 2018/10/01 7:11 p.m.3 views

Power Management Controller (PMC) Security Vulnerability in Systems using specific Intel® CSME or SPS firmware versions - Lenovo Support US

No description provided...

8.1AI score
Exploits0
OSV
OSV
added 2018/09/12 7:29 p.m.3 views

CVE-2018-3643

A vulnerability in Power Management Controller firmware in systems using specific IntelR Converged Security and Management Engine CSME before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or IntelR Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative...

8.2CVSS6AI score0.00501EPSS
Exploits0References3
NVD
NVD
added 2018/09/12 7:29 p.m.29 views

CVE-2018-3655

A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access...

7.3CVSS7AI score0.00433EPSS
Exploits0References3
OSV
OSV
added 2018/09/12 7:29 p.m.2 views

CVE-2018-3655

A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access...

7.3CVSS5.8AI score0.00433EPSS
Exploits0References3
Prion
Prion
added 2018/09/12 7:29 p.m.25 views

Design/Logic Flaw

A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access...

3.6CVSS6.9AI score0.00433EPSS
Exploits0References3Affected Software3
CVE
CVE
added 2018/09/12 7:0 p.m.54 views

CVE-2018-3655

The CVE-2018-3655 issue affects Intel CSME firmware before 11.21.55, Intel SPS before 4.0, and Intel TXE firmware before 3.1.55. The vulnerability allows an unauthenticated user with physical access to potentially modify or disclose information stored in the CSME/SPS/TXE subsystems. Exploitation ...

7.3CVSS6.4AI score0.00433EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder