Lucene search
K
IntelTrusted Execution Engine Firmware

27 matches found

CVE
CVE
added 2019/05/17 3:41 p.m.131 views

CVE-2019-0086

CVE-2019-0086 is an insufficient access control vulnerability in Intel CSME/DAL and TXE that could let an unprivileged local user escalate privileges. Affected: Intel CSME before 11.8.65/11.11.65/11.22.65, 12.0.35 and Intel TXE 3.1.65, 4.0.15. Impact: local privilege escalation; exploitation requ...

7.8CVSS7.7AI score0.00358EPSS
CVE
CVE
added 2019/05/17 3:41 p.m.102 views

CVE-2019-0098

CVE-2019-0098 is a logic bug in Intel CSME (before 12.0.35) and TXE (before 3.1.65, 4.0.15) that may allow an unauthenticated user to escalate privileges via physical access. Connected docs corroborate affected Intel subsystems (CSME, SPS, TXE, DAL, AMT) and note mitigation paths: Intel’s advisor...

7.2CVSS7.2AI score0.00472EPSS
CVE
CVE
added 2019/12/18 9:8 p.m.101 views

CVE-2019-11090

CVE-2019-11090 relates to cryptographic timing conditions in Intel components (CSME, SPS, TXE, AMT, PTT and DAL) that may allow an unauthenticated attacker to disclose information over the network. Affected are Intel CSME before 11.8.70/11.11.70/11.22.70 and 12.0.45; 13.0.0 and 14.0.10; Intel TXE...

5.9CVSS5.7AI score0.02342EPSS
CVE
CVE
added 2019/12/18 9:9 p.m.100 views

CVE-2019-11102

CVE-2019-11102 involves insufficient input validation in Intel DAL software for Intel CSME/AMT/TXE; a privileged/local attacker could potentially trigger information disclosure. Affected products span Intel CSME, Intel AMT, Intel TXE, and Intel DAL, with vulnerable Intel CSME/TXE/DAL versions pri...

4.4CVSS4.9AI score0.00346EPSS
CVE
CVE
added 2019/12/18 9:8 p.m.99 views

CVE-2019-0168

CVE-2019-0168 affects Intel CSME and TXE subsystems (also involving AMT/SPS/DAL) due to insufficient input validation in the subsystem. The issue potentially allows a privileged user to escalate privileges or disclose information via local access. Fixes exist: Intel/partners list updated firmware...

4.4CVSS4.9AI score0.00346EPSS
CVE
CVE
added 2019/12/18 9:7 p.m.97 views

CVE-2019-11147

CVE-2019-11147 involvesInsufficient access control in the Intel CSME hardware abstraction driver (MEInfo) and related TXE/Detection Tool components, potentially allowing an authenticated user to escalate privileges via local access. Red Hat and CVE records describe the same issue and list affecte...

7.8CVSS8.1AI score0.00377EPSS
CVE
CVE
added 2019/12/18 9:9 p.m.96 views

CVE-2019-11106

CVE-2019-11106 affects Intel CSME, TXE, AMT and related components. The issue is insufficient session validation in Intel CSME subsystems (and related TXE/AMT subsystems), potentially allowing a local attacker to escalate privileges. Affects CSME versions prior to 11.8.70, 12.0.45, 13.0.10 and 14...

6.7CVSS7AI score0.00335EPSS
CVE
CVE
added 2019/12/18 9:7 p.m.95 views

CVE-2019-0169

CVE-2019-0169 is a hardware/firmware vulnerability affecting Intel CSME and TXE subsystems (and related Intel AMT/SPS/DAL components). The issue is a heap overflow in the CSME/TXE subsystems that may allow an unauthenticated user to escalate privileges, disclose information, or cause a denial of ...

8.8CVSS8.8AI score0.00759EPSS
CVE
CVE
added 2019/12/18 9:8 p.m.92 views

CVE-2019-11097

CVE-2019-11097 records improper directory permissions in the installer for Intel® Management Engine Consumer Driver for Windows (pre-11.8.70/11.11.70/11.22.70/12.0.45/13.0.10/14.0.10) and Intel® TXE (pre-3.1.70/4.0.20). This may allow an authenticated local user to escalate privileges. Affected c...

7.8CVSS8.1AI score0.0031EPSS
CVE
CVE
added 2019/12/18 9:8 p.m.90 views

CVE-2019-11104

CVE-2019-11104 concerns Intel CSME MEInfo and Intel TXE. Insufficient input validation in MEInfo before 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; and in TXE before 3.1.70 and 4.0.20, may allow an authenticated user to escalate privileges via local access. Related Red Hat/Lenovo e...

7.8CVSS8.1AI score0.00355EPSS
CVE
CVE
added 2019/12/18 9:9 p.m.89 views

CVE-2019-11101

CVE-2019-11101 involves insufficient input validation in the Intel CSME and TXE subsystems (and related AMT/DAL components). Affected are Intel CSME before 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10, 14.0.10 and Intel TXE before 3.1.70 and 4.0.20. The issue may allow a privileged user to discl...

4.4CVSS4.9AI score0.00349EPSS
CVE
CVE
added 2019/12/18 9:9 p.m.82 views

CVE-2019-11087

This CVE affects Intel CSME, AMT, SPS, TXE and related DAL components. Root cause: insufficient input validation in the Intel CSME/TXE subsystems. Affected versions include Intel CSME before 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel TXE before 3.1.70 and 4.0.20. Conditions ...

6.7CVSS6.7AI score0.0036EPSS
CVE
CVE
added 2019/12/18 9:10 p.m.81 views

CVE-2019-11110

CVE-2019-11110 is an authentication bypass affecting Intel CSME and TXE subsystems. Public sources (Intel advisory and Red Hat/Lenovo summaries) describe: Affects Intel CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10, 14.0.10 and Intel TXE before versions 3.1.70 and 4.0.20. Pri...

6.7CVSS7.1AI score0.00366EPSS
CVE
CVE
added 2017/11/21 2:0 p.m.74 views

CVE-2017-5707

CVE-2017-5707 corresponds to multiple kernel-level buffer overflows in Intel Trusted Execution Engine Firmware 3.0 that allow a local attacker to execute arbitrary code. The vulnerability is rooted in buffer overflow issues within the TXE kernel, with exploitation requiring local system access. T...

7.8CVSS7.2AI score0.00649EPSS
CVE
CVE
added 2020/06/15 2:1 p.m.71 views

CVE-2020-0539

CVE-2020-0539 describes a path traversal vulnerability in Intel CSME/DAL subsystems (and related TXE) that may allow an unprivileged local user to cause denial of service. Affected are Intel CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel TXE versions before ...

5.5CVSS6AI score0.0035EPSS
CVE
CVE
added 2020/06/15 1:59 p.m.71 views

CVE-2020-0566

CVE-2020-0566 concerns Intel TXE (Trusted Execution Engine) with improper access control in the subsystem. The provided documents identify affected TXE versions prior to 3.175 and 4.0.25, enabling an unauthenticated user to potentially escalate privileges via physical access. The Intel INTEL-SA-0...

6.8CVSS7.2AI score0.00452EPSS
CVE
CVE
added 2019/06/13 3:36 p.m.68 views

CVE-2018-12147

CVE-2018-12147 affects Intel CSME (HECI) subsystem, Intel SPS, and TXE firmware. The issue is insufficient input validation that may allow a privileged user to escalate local privileges. Vulnerable states are Intel CSME before 11.21.55, SPS before 4.0 (Purley/Bakerville), and TXE firmware before ...

7.2CVSS6.6AI score0.00458EPSS
CVE
CVE
added 2020/06/15 2:0 p.m.68 views

CVE-2020-0536

CVE-2020-0536 affects Intel CSME DAL subsystem and Intel TXE: improper input validation may allow an unauthenticated network-access information disclosure. Affected versions are CSME before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and TXE before 3.1.75 and 4.0.25. Intel and Lenovo a...

7.5CVSS7.2AI score0.017EPSS
CVE
CVE
added 2017/11/21 2:0 p.m.59 views

CVE-2017-5710

CVE-2017-5710 describes multiple privilege escalations in Intel Trusted Execution Engine (TXE) Firmware 3.0 kernels that allow an unauthorized process to access privileged content via an unspecified vector. The incident is tied to TXE alongside other Intel ME/SPS vulnerabilities (Intel-SA-00086 f...

7.8CVSS6.9AI score0.00609EPSS
CVE
CVE
added 2019/03/14 8:0 p.m.58 views

CVE-2018-12190

CVE-2018-12190 affects Intel CSME, Server Platform Services, TXE and AMT. The issue is insufficient input validation in Intel CSME subsystem (before 11.8.60, 11.11.60, 11.22.60 or 12.0.20) or Intel TXE (before 3.1.60 or 4.0.10) that may allow a privileged user to escalate privileges via local acc...

6.7CVSS6.7AI score0.00381EPSS
CVE
CVE
added 2019/03/14 8:0 p.m.58 views

CVE-2018-12191

The CVE-2018-12191 issue affects Intel CSME, Intel Server Platform Services (SPS), and Intel TXE/AMT. It is a bounds-check vulnerability in the Kernel subsystem that could allow an unauthenticated user with physical access to potentially execute arbitrary code. Affected versions are: Intel CSME b...

7.6CVSS7.4AI score0.00482EPSS
CVE
CVE
added 2018/09/12 7:0 p.m.57 views

CVE-2018-3659

CVE-2018-3659 affects Intel PTT in Intel CSME firmware prior to 12.0.5 and TXE firmware prior to 4.0, allowing potential information disclosure with physical access. Affected products include Intel CSME and TXE implementations; root cause is in the PTT module itself. Mitigation is to update to th...

6.8CVSS6.2AI score0.00423EPSS
CVE
CVE
added 2019/03/14 8:0 p.m.54 views

CVE-2018-12189

The CVE-2018-12189 issue affects Intel CSME (and related TXE) with an unhandled exception in the Content Protection subsystem that may allow a privileged local user to modify data. Affected firmware ranges include CSME pre-11.8.60 / 11.11.60 / 11.22.60 / 12.0.20 and TXE before 3.1.60 or 4.0.10. I...

4.4CVSS5.2AI score0.00295EPSS
CVE
CVE
added 2018/09/12 7:0 p.m.54 views

CVE-2018-3655

The CVE-2018-3655 issue affects Intel CSME firmware before 11.21.55, Intel SPS before 4.0, and Intel TXE firmware before 3.1.55. The vulnerability allows an unauthenticated user with physical access to potentially modify or disclose information stored in the CSME/SPS/TXE subsystems. Exploitation ...

7.3CVSS6.4AI score0.00433EPSS
CVE
CVE
added 2019/03/14 8:0 p.m.51 views

CVE-2018-12188

CVE-2018-12188: In Intel CSME (and related TXE/AMS components) there is insufficient input validation prior to specific firmware versions (CSME <11.8.60/11.11.60/11.22.60/12.0.20; TXE

4.6CVSS5.5AI score0.00336EPSS
CVE
CVE
added 2019/03/14 8:0 p.m.50 views

CVE-2018-12199

CVE-2018-12199 is a buffer overflow in Intel CSME/TXE components that could let a privileged user execute arbitrary code with physical access. The affected software ranges include Intel CSME before 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE before 3.1.60 or 4.0.10. Intel’s advisory (INT...

7.2CVSS6.9AI score0.00493EPSS
CVE
CVE
added 2019/03/14 8:0 p.m.50 views

CVE-2018-12208

Intel CVE-2018-12208 is a buffer overflow in the HECI subsystem affecting Intel CSME, TXE, and SPS prior to specified fixed versions. The Intel advisory INTEL-SA-00185 documents the issue, listing affected products and firmware families (CSME before 11.8.60/11.11.60/11.22.60 or 12.0.20; TXE befor...

7.6CVSS7.7AI score0.00511EPSS