Skip to main content

Converged Security And Management Engine

5 CVEs product

Monthly

CVE-2020-8755 MEDIUM This Month

Race condition in subsystem for Intel(R) CSME versions before 12.0.70 and 14.0.45, Intel(R) SPS versions before E5_04.01.04.400 and E3_05.01.04.200 may allow an unauthenticated user to potentially. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Race Condition Privilege Escalation Intel Converged Security And Management Engine Server Platform Services
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2020-8744 HIGH PATCH This Week

Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 4.0.30 Intel(R) SPS versions before E3_05.01.04.200. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Converged Security And Management Engine Server Platform Services Trusted Execution Engine +3
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-0093 MEDIUM This Month

Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Converged Security And Management Engine
NVD
CVSS 3.0
4.4
EPSS
0.4%
CVE-2019-0091 HIGH This Week

Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Code Injection Privilege Escalation Intel RCE Converged Security And Management Engine +1
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2019-0090 HIGH This Week

Insufficient access control vulnerability in subsystem for Intel(R) CSME before versions 11.x, 12.0.35 Intel(R) TXE 3.x, 4.x, Intel(R) Server Platform Services 3.x, 4.x, Intel(R) SPS before version. Rated high severity (CVSS 7.1), this vulnerability is no authentication required. No vendor patch available.

Privilege Escalation Intel Converged Security And Management Engine Server Platform Services
NVD
CVSS 3.1
7.1
EPSS
0.4%
EPSS 0% CVSS 6.4
MEDIUM This Month

Race condition in subsystem for Intel(R) CSME versions before 12.0.70 and 14.0.45, Intel(R) SPS versions before E5_04.01.04.400 and E3_05.01.04.200 may allow an unauthenticated user to potentially. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Race Condition Privilege Escalation Intel +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 4.0.30 Intel(R) SPS versions before E3_05.01.04.200. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Converged Security And Management Engine +5
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Converged Security And Management Engine
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Code Injection Privilege Escalation Intel +3
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Insufficient access control vulnerability in subsystem for Intel(R) CSME before versions 11.x, 12.0.35 Intel(R) TXE 3.x, 4.x, Intel(R) Server Platform Services 3.x, 4.x, Intel(R) SPS before version. Rated high severity (CVSS 7.1), this vulnerability is no authentication required. No vendor patch available.

Privilege Escalation Intel Converged Security And Management Engine +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy