Lucene search
K
IntelConverged Security And Manageability Engine

12 matches found

CVE
CVE
added 2020/11/12 6:5 p.m.107 views

CVE-2020-12297

CVE-2020-12297 is an Intel CSME/AMT/TXE-related vulnerability described as improper access control in the Installer for Windows drivers, which may allow an authenticated local user to escalate privileges. Affected components include Intel CSME/AMT, TXE, SPS and related DLLs, with affected Windows...

7.8CVSS7.6AI score0.00444EPSS
CVE
CVE
added 2022/11/11 3:49 p.m.104 views

CVE-2022-26047

CVE-2022-26047 affects Intel® PROSet/Wireless WiFi firmware prior to 22.140, Killer™ WiFi firmware prior to 3.1122.3158, and the associated UEFI 2.2.14.22176.2. The root cause is improper input validation in certain Intel PROSet/Wireless WiFi, Intel vPro® CSME WiFi, and Killer™ WiFi components, w...

6.5CVSS6.3AI score0.00407EPSS
CVE
CVE
added 2020/11/12 6:7 p.m.94 views

CVE-2020-12303

The CVE-2020-12303 entry concerns a use-after-free in the Intel CSME/DAL subsystem. Affected components include Intel CSME, TXE and DAL (and related SPS/ISM) with versions before 11.8.80/11.12.80/11.22.80/12.0.70/13.0.40/13.30.10/14.0.45/14.5.25 (CSME), and TXE before 3.1.80 or 4.0.30. The issue ...

7.8CVSS7.9AI score0.00364EPSS
CVE
CVE
added 2020/11/12 6:6 p.m.93 views

CVE-2020-8745

CVE-2020-8745 is a vulnerability in Intel CSME/TXE subsystems with insufficient control flow management in the subsystem, affecting Intel CSME/AMT/SPS firmware before specific versions (e.g., 11.8.x/11.12.x/11.22.x/12.0.x/13.0.x/14.x branches and TXE before 3.1.80 and 4.0.30). The issue could all...

6.8CVSS6.8AI score0.00378EPSS
CVE
CVE
added 2021/06/09 6:48 p.m.89 views

CVE-2020-24506

CVE-2020-24506 is an Intel CSME subsystem vulnerability involving an out-of-bounds read that can lead to information disclosure when exploited locally. Intel advisories describe affected CSME versions as pre-12.0.81, pre-13.0.47, pre-13.30.17, pre-14.1.53, and pre-14.5.32, with escalation of priv...

4.4CVSS4.5AI score0.00284EPSS
CVE
CVE
added 2020/11/12 6:6 p.m.88 views

CVE-2020-8705

CVE-2020-8705 concerns insecure default initialization of a resource in Intel CSME, affecting Intel CSME/AMT/TXE/SPS components. The vulnerability may allow an unauthenticated user to escalate privileges via physical access. Affected versions include Intel CSME before 11.8.82/11.12.82/11.22.82, S...

6.8CVSS6.9AI score0.00518EPSS
CVE
CVE
added 2020/11/12 6:8 p.m.86 views

CVE-2020-8761

CVE-2020-8761 : Multiple sources confirm an issue in Intel CSME where inadequate encryption strength in CSME versions before 13.0.40 and 13.30.10 can lead to information disclosure if an attacker has physical access. The vulnerability is described in Intel’s INTEL-SA-00391 advisory and related Re...

4.6CVSS5AI score0.00153EPSS
CVE
CVE
added 2020/11/12 6:7 p.m.84 views

CVE-2020-8756

CVE-2020-8756 affects Intel CSME subsystem: improper input validation in CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may enable privilege escalation for a local, privileged user. The issue is documented in multiple sources (Intel INTEL-SA-00391 advisory and NVD entry). I...

6.7CVSS6.7AI score0.00347EPSS
CVE
CVE
added 2020/11/12 6:8 p.m.83 views

CVE-2020-8751

CVE-2020-8751 is an Intel CSME/TXE/AMT family issue due to insufficient control flow management in subsystems, potentially enabling information disclosure or privilege escalation with physical/local access. Affected are Intel CSME/AMT/SPS/ISM/DAL components prior to updated firmware versions (e.g...

4.6CVSS5AI score0.00408EPSS
CVE
CVE
added 2021/06/09 6:47 p.m.77 views

CVE-2020-24507

CVE-2020-24507 is an information-disclosure vulnerability due to improper initialization in the Intel CSME subsystem. Reports in connected docs (Intel advisory INTEL-SA-00459) state it affects Intel CSME versions prior to: 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32,...

4.4CVSS4.6AI score0.00284EPSS
CVE
CVE
added 2021/06/09 6:47 p.m.70 views

CVE-2020-24516

CVE-2020-24516 involves Intel® CSME where a modification of assumed-immutable data in subsystems may allow an unauthenticated user to escalate privileges via physical access. The cited affected CSME versions are before 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22. Root cause: modification of d...

6.8CVSS6.7AI score0.00267EPSS
CVE
CVE
added 2021/06/09 6:48 p.m.66 views

CVE-2020-8703

The CVE-2020-8703 issue is an Intel CSME subsystem vulnerability caused by improper buffer restrictions. Affected firmwares include Intel CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22, potentially allowing a privileged user to escalate ...

6.7CVSS6.6AI score0.00346EPSS