Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Converged_security_management_engine_firmware
(Intel)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 44 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-12-18 | CVE-2019-11104 | Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access. | Converged_security_management_engine_firmware, Trusted_execution_engine_firmware | N/A | ||
| 2019-12-18 | CVE-2019-11103 | Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access. | Converged_security_management_engine_firmware | N/A | ||
| 2019-12-18 | CVE-2019-11101 | Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access. | Converged_security_management_engine_firmware, Trusted_execution_engine_firmware | N/A | ||
| 2019-12-18 | CVE-2019-11087 | Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access. | Converged_security_management_engine_firmware, Trusted_execution_engine_firmware | N/A | ||
| 2019-12-18 | CVE-2019-0168 | Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access. | Converged_security_management_engine_firmware, Trusted_execution_engine_firmware | N/A | ||
| 2019-12-18 | CVE-2019-0165 | Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access. | Converged_security_management_engine_firmware | N/A | ||
| 2019-12-18 | CVE-2019-11110 | Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access. | Converged_security_management_engine_firmware, Trusted_execution_engine_firmware | N/A | ||
| 2019-12-18 | CVE-2019-11108 | Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access. | Converged_security_management_engine_firmware | N/A | ||
| 2019-12-18 | CVE-2019-11106 | Insufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access. | Converged_security_management_engine_firmware, Trusted_execution_engine_firmware | N/A | ||
| 2019-05-17 | CVE-2019-0170 | Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access. | Converged_security_management_engine_firmware | 6.7 |