Skip to main content

Server Platform Services Firmware

10 CVEs product

Monthly

CVE-2022-29515 MEDIUM This Month

Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Server Platform Services Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-29466 MEDIUM This Month

Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700.0 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Server Platform Services Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-26074 MEDIUM This Month

Incomplete cleanup in a firmware subsystem for Intel(R) SPS before versions SPS_E3_04.08.04.330.0 and SPS_E3_04.01.04.530.0 may allow a privileged user to potentially enable denial of service via. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Server Platform Services Firmware
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2019-11109 MEDIUM This Month

Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0 may allow a privileged user to potentially enable denial of. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Server Platform Services Firmware Big Ip B2250 Firmware Big Ip B4300 Firmware +31
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-11090 MEDIUM This Month

Cryptographic timing conditions in the subsystem for Intel(R) PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; Intel(R) TXE 3.1.70 and 4.0.20; Intel(R) SPS before. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Intel Information Disclosure Platform Trust Technology Firmware Server Platform Services Firmware +1
NVD
CVSS 3.1
5.9
EPSS
2.3%
CVE-2019-0099 MEDIUM This Month

Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Server Platform Services Firmware
NVD
CVSS 3.0
6.8
EPSS
0.4%
CVE-2018-3655 HIGH PATCH This Week

A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity.

Intel Information Disclosure Converged Security Management Engine Firmware Server Platform Services Firmware Trusted Execution Engine Firmware
NVD
CVSS 3.0
7.3
EPSS
0.4%
CVE-2018-3643 HIGH PATCH This Week

A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Intel RCE Converged Security Management Engine Firmware Server Platform Services Firmware
NVD
CVSS 3.0
8.2
EPSS
0.5%
CVE-2017-5709 HIGH PATCH This Week

Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unauthorized process to access privileged content via unspecified vector. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Authentication Bypass Server Platform Services Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-5706 HIGH PATCH This Week

Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Intel Server Platform Services Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
EPSS 0% CVSS 5.5
MEDIUM This Month

Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Server Platform Services Firmware
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700.0 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Server Platform Services Firmware
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Incomplete cleanup in a firmware subsystem for Intel(R) SPS before versions SPS_E3_04.08.04.330.0 and SPS_E3_04.01.04.530.0 may allow a privileged user to potentially enable denial of service via. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Server Platform Services Firmware
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0 may allow a privileged user to potentially enable denial of. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Server Platform Services Firmware +33
NVD
EPSS 2% CVSS 5.9
MEDIUM This Month

Cryptographic timing conditions in the subsystem for Intel(R) PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; Intel(R) TXE 3.1.70 and 4.0.20; Intel(R) SPS before. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Intel Information Disclosure +3
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Server Platform Services Firmware
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity.

Intel Information Disclosure Converged Security Management Engine Firmware +2
NVD
EPSS 1% CVSS 8.2
HIGH PATCH This Week

A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Intel RCE Converged Security Management Engine Firmware +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unauthorized process to access privileged content via unspecified vector. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Authentication Bypass Server Platform Services Firmware
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Intel +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy