155 matches found
CVE-2019-0086
Insufficient access control vulnerability in Dynamic Application Loader software for IntelR CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and IntelR TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access...
CVE-2019-0090
Insufficient access control vulnerability in subsystem for IntelR CSME before versions 11.x, 12.0.35 IntelR TXE 3.x, 4.x, IntelR Server Platform Services 3.x, 4.x, IntelR SPS before version SPSE305.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via...
CVE-2019-0091
Code injection vulnerability in installer for IntelR CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and IntelR TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access...
CVE-2019-0098
CVE-2019-0098 is a logic bug in Intel CSME (before 12.0.35) and TXE (before 3.1.65, 4.0.15) that may allow an unauthenticated user to escalate privileges via physical access. Connected docs corroborate affected Intel subsystems (CSME, SPS, TXE, DAL, AMT) and note mitigation paths: Intel’s advisor...
CVE-2019-0086
Insufficient access control vulnerability in Dynamic Application Loader software for IntelR CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and IntelR TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access...
CVE-2019-0086
CVE-2019-0086 is an insufficient access control vulnerability in Intel CSME/DAL and TXE that could let an unprivileged local user escalate privileges. Affected: Intel CSME before 11.8.65/11.11.65/11.22.65, 12.0.35 and Intel TXE 3.1.65, 4.0.15. Impact: local privilege escalation; exploitation requ...
CVE-2019-0090
Intel CVE-2019-0090 describes an insufficient access control vulnerability in Intel CSME, SPS, TXE, and related components. Affected: Intel CSME before 11.x and 12.0.35; Intel SPS before SPS_E3_05.00.04.027.0; Intel TXE 3.x, 4.x; Intel Server Platform Services 3.x, 4.x. Root cause: insufficient a...
Input validation
Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access...
CVE-2018-12188
Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access...
CVE-2018-12189
Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access...
CVE-2018-12188
Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access...
CVE-2018-12208
Buffer overflow in HECI subsystem in IntelR CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and IntelR TXE version before 3.1.60 or 4.0.10, or IntelR Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physica...
Input validation
Insufficient input validation in Intelr CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intelr TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access...
Code injection
Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access...
Buffer overflow
Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access...
CVE-2018-12190
Insufficient input validation in Intelr CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intelr TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access...
Buffer overflow
Buffer overflow in HECI subsystem in IntelR CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and IntelR TXE version before 3.1.60 or 4.0.10, or IntelR Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physica...
CVE-2018-12199
Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access...
CVE-2018-12188
Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access...
CVE-2018-12208
Intel CVE-2018-12208 is a buffer overflow in the HECI subsystem affecting Intel CSME, TXE, and SPS prior to specified fixed versions. The Intel advisory INTEL-SA-00185 documents the issue, listing affected products and firmware families (CSME before 11.8.60/11.11.60/11.22.60 or 12.0.20; TXE befor...