Trusted Execution Engine Firmware Security Vulnerabilities and Issues — Trusted Execution Engine Firmware CVE List

Lucene search

IntelTrusted Execution Engine Firmware

11 matches found

CVE•added 2019/12/18 10:15 p.m.•89 views

CVE-2019-11090

Cryptographic timing conditions in the subsystem for Intel(R) PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; Intel(R) TXE 3.1.70 and 4.0.20; Intel(R) SPS before versions SPS_E5_04.01.04.305.0, SPS_SoC-X_04.00.04.108.0, SPS_SoC-A_04.00.04.191.0, SPS_E3_04.01.04.086.0, ...

5.9CVSS5.7AI score0.0078EPSS

CVE•added 2019/12/18 10:15 p.m.•81 views

CVE-2019-0169

Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access.

8.8CVSS8.8AI score0.0028EPSS

CVE•added 2019/12/18 10:15 p.m.•81 views

CVE-2019-11102

Insufficient input validation in Intel(R) DAL software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.

4.4CVSS4.9AI score0.00141EPSS

CVE•added 2019/12/18 10:15 p.m.•81 views

CVE-2019-11147

Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL...

7.8CVSS8.1AI score0.00391EPSS

CVE•added 2019/12/18 10:15 p.m.•80 views

CVE-2019-0168

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.

4.4CVSS4.9AI score0.00141EPSS

CVE•added 2019/12/18 10:15 p.m.•80 views

CVE-2019-11106

Insufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.

6.7CVSS7AI score0.00127EPSS

CVE•added 2019/12/18 10:15 p.m.•78 views

CVE-2019-11097

Improper directory permissions in the installer for Intel(R) Management Engine Consumer Driver for Windows before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45,13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of pri...

7.8CVSS8.1AI score0.00089EPSS

CVE•added 2019/12/18 10:15 p.m.•76 views

CVE-2019-11104

Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8CVSS8.1AI score0.00148EPSS

CVE•added 2019/12/18 10:15 p.m.•75 views

CVE-2019-11101

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.

4.4CVSS4.9AI score0.00147EPSS

CVE•added 2019/12/18 10:15 p.m.•69 views

CVE-2019-11087

6.7CVSS6.7AI score0.00147EPSS

CVE•added 2019/12/18 10:15 p.m.•69 views

CVE-2019-11110

Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.

6.7CVSS7.1AI score0.00072EPSS