5 matches found
CVE-2019-0090
Intel CVE-2019-0090 describes an insufficient access control vulnerability in Intel CSME, SPS, TXE, and related components. Affected: Intel CSME before 11.x and 12.0.35; Intel SPS before SPS_E3_05.00.04.027.0; Intel TXE 3.x, 4.x; Intel Server Platform Services 3.x, 4.x. Root cause: insufficient a...
CVE-2019-0091
CVE-2019-0091 is a code-injection vulnerability in the installer component of Intel CSME (CSME) and TXE, allowing a locally logged-in unprivileged user to escalate privileges. Affected: Intel CSME before 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel TXE 3.1.65, 4.0.15. Exploitation context is lo...
CVE-2019-0093
CVE-2019-0093 is an information-disclosure vulnerability in Intel® CSME/HECI and Intel® SPS. The issue is caused by insufficient data sanitization in the HECI subsystem and affects Intel® CSME before 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel® SPS before SPS_E3_05.00.04.027.0, potentially all...
CVE-2020-8744
CVE-2020-8744 covers an improper initialization weakness in the Intel® CSME subsystem (and related Intel® TXE and SPS components) that may permit a privileged user to escalate privileges via local access. Affected are Intel® CSME versions before 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25; In...
CVE-2020-8755
CVE-2020-8755 describes a race condition in Intel CSME subsystem that may permit privilege escalation via physical access. Affected are Intel CSME versions before 12.0.70 and 14.0.45, and Intel SPS versions before SPS_E5_04.01.04.400 and SPS_E3_05.01.04.200. The exploitation context in the connec...