12 matches found
CVE-2020-12297
CVE-2020-12297 is an Intel CSME/AMT/TXE-related vulnerability described as improper access control in the Installer for Windows drivers, which may allow an authenticated local user to escalate privileges. Affected components include Intel CSME/AMT, TXE, SPS and related DLLs, with affected Windows...
CVE-2022-26047
CVE-2022-26047 affects Intel® PROSet/Wireless WiFi firmware prior to 22.140, Killer™ WiFi firmware prior to 3.1122.3158, and the associated UEFI 2.2.14.22176.2. The root cause is improper input validation in certain Intel PROSet/Wireless WiFi, Intel vPro® CSME WiFi, and Killer™ WiFi components, w...
CVE-2020-12303
The CVE-2020-12303 entry concerns a use-after-free in the Intel CSME/DAL subsystem. Affected components include Intel CSME, TXE and DAL (and related SPS/ISM) with versions before 11.8.80/11.12.80/11.22.80/12.0.70/13.0.40/13.30.10/14.0.45/14.5.25 (CSME), and TXE before 3.1.80 or 4.0.30. The issue ...
CVE-2020-8745
CVE-2020-8745 is a vulnerability in Intel CSME/TXE subsystems with insufficient control flow management in the subsystem, affecting Intel CSME/AMT/SPS firmware before specific versions (e.g., 11.8.x/11.12.x/11.22.x/12.0.x/13.0.x/14.x branches and TXE before 3.1.80 and 4.0.30). The issue could all...
CVE-2020-24506
CVE-2020-24506 is an Intel CSME subsystem vulnerability involving an out-of-bounds read that can lead to information disclosure when exploited locally. Intel advisories describe affected CSME versions as pre-12.0.81, pre-13.0.47, pre-13.30.17, pre-14.1.53, and pre-14.5.32, with escalation of priv...
CVE-2020-8705
CVE-2020-8705 concerns insecure default initialization of a resource in Intel CSME, affecting Intel CSME/AMT/TXE/SPS components. The vulnerability may allow an unauthenticated user to escalate privileges via physical access. Affected versions include Intel CSME before 11.8.82/11.12.82/11.22.82, S...
CVE-2020-8761
CVE-2020-8761 : Multiple sources confirm an issue in Intel CSME where inadequate encryption strength in CSME versions before 13.0.40 and 13.30.10 can lead to information disclosure if an attacker has physical access. The vulnerability is described in Intel’s INTEL-SA-00391 advisory and related Re...
CVE-2020-8756
CVE-2020-8756 affects Intel CSME subsystem: improper input validation in CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may enable privilege escalation for a local, privileged user. The issue is documented in multiple sources (Intel INTEL-SA-00391 advisory and NVD entry). I...
CVE-2020-8751
CVE-2020-8751 is an Intel CSME/TXE/AMT family issue due to insufficient control flow management in subsystems, potentially enabling information disclosure or privilege escalation with physical/local access. Affected are Intel CSME/AMT/SPS/ISM/DAL components prior to updated firmware versions (e.g...
CVE-2020-24507
CVE-2020-24507 is an information-disclosure vulnerability due to improper initialization in the Intel CSME subsystem. Reports in connected docs (Intel advisory INTEL-SA-00459) state it affects Intel CSME versions prior to: 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32,...
CVE-2020-24516
CVE-2020-24516 involves Intel® CSME where a modification of assumed-immutable data in subsystems may allow an unauthenticated user to escalate privileges via physical access. The cited affected CSME versions are before 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22. Root cause: modification of d...
CVE-2020-8703
The CVE-2020-8703 issue is an Intel CSME subsystem vulnerability caused by improper buffer restrictions. Affected firmwares include Intel CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22, potentially allowing a privileged user to escalate ...