Server Platform Services@* Security Vulnerabilities and Issues — Server Platform Services@* CVE List

IntelServer Platform Services*

9 matches found

CVE•added 2019/05/17 3:41 p.m.•172 views

CVE-2019-0090

Intel CVE-2019-0090 describes an insufficient access control vulnerability in Intel CSME, SPS, TXE, and related components. Affected: Intel CSME before 11.x and 12.0.35; Intel SPS before SPS_E3_05.00.04.027.0; Intel TXE 3.x, 4.x; Intel Server Platform Services 3.x, 4.x. Root cause: insufficient a...

7.1CVSS7.3AI score0.00362EPSS

CVE•added 2019/05/17 3:41 p.m.•116 views

CVE-2019-0089

CVE-2019-0089 affects Intel Server Platform Services (SPS) and related Intel CSME/SPS components. The issue is an improper data sanitization vulnerability in SPS subsystems prior to SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 that may allow...

6.7CVSS6.9AI score0.00382EPSS

CVE•added 2020/11/12 6:6 p.m.•93 views

CVE-2020-8744

CVE-2020-8744 covers an improper initialization weakness in the Intel® CSME subsystem (and related Intel® TXE and SPS components) that may permit a privileged user to escalate privileges via local access. Affected are Intel® CSME versions before 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25; In...

7.8CVSS7.5AI score0.00357EPSS

CVE•added 2020/11/12 6:9 p.m.•82 views

CVE-2020-8755

CVE-2020-8755 describes a race condition in Intel CSME subsystem that may permit privilege escalation via physical access. Affected are Intel CSME versions before 12.0.70 and 14.0.45, and Intel SPS versions before SPS_E5_04.01.04.400 and SPS_E3_05.01.04.200. The exploitation context in the connec...

6.4CVSS6.6AI score0.00275EPSS

CVE•added 2021/06/09 7:2 p.m.•61 views

CVE-2021-0051

Intel SPS (Server Platform Services) contains an input-validation flaw that can allow a local, privileged user to cause a denial of service. Affected versions are SPS_E5_04.04.04.023.0 and SPS_E5_04.04.03.228.0 for Intel C620A-series chipsets, and SPS_SoC-A_05.00.03.098.0 for the Atom P5000 serie...

4.4CVSS4.4AI score0.0023EPSS

CVE•added 2023/02/16 8:0 p.m.•60 views

CVE-2022-36794

Intel SPS firmware CVE-2022-36794: a root cause is an improper condition check in Intel SPS firmware prior to SPS_E3_06.00.03.300.0, which could allow a privileged user to cause a local denial of service. Affected versions are affected before the stated SPS_E3_06.00.03.300.0, and mitigation is to...

6CVSS4.5AI score0.00188EPSS

CVE•added 2021/06/09 6:47 p.m.•56 views

CVE-2020-24509

Intel CSMe/SPS/LMS vulnerability CVE-2020-24509: Insufficient control flow management in the SPS subsystem can allow a privileged user to escalate privileges via local access. Affected SPS versions include SPS_E3_05.01.04.300.0, SPS_SoC-A_05.00.03.091.0, SPS_E5_04.04.04.023.0, and SPS_E5_04.04.03...

6.7CVSS6.5AI score0.00251EPSS

CVE•added 2023/02/16 7:59 p.m.•52 views

CVE-2022-36348

Summary: CVE-2022-36348 affects Intel® Server Platform Services (SPS) firmware. The issue is caused by active debug code present in SPS firmware before version SPS_E5_04.04.04.300.0, which could allow an authenticated user to potentially escalate privileges via local access. Affected scope: Intel...

8.8CVSS7.7AI score0.00203EPSS

CVE•added 2024/02/14 1:38 p.m.•47 views

CVE-2023-29153

Intel SPS firmware CVE-2023-29153 affects Intel Server Platform Services prior to SPS_E5_06.01.04.002.0. The issue is uncontrolled resource consumption that may allow a privileged user to cause a denial of service over the network. CVSS 3.1 vector: AV:N/AC:L/PR:H/UI:N/S:U/I:N/A:H (base score 4.9,...

4.9CVSS5AI score0.0069EPSS