Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.
oryginał ENCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HIntel Converged Security And Management Engine
APPIntel11.8.0 – 11.8.65 (bez)11.11.0 – 11.11.65 (bez)11.22.0 – 11.22.65 (bez)12.0 – 12.0.35 (bez)Intel Trusted Execution Technology
APPIntel3.1.0 – 3.1.65 (bez)4.0 – 4.0.15 (bez)
Powiązane podatności
Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and ...
Improper access control in Installer for Intel(R) CSME Driver for Windows versions before 11.8.80, 11.12.80, 1...
Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.4...
Insufficient access control vulnerability in subsystem for Intel(R) CSME before versions 11.x, 12.0.35 Intel(R...
Multiple unspecified vulnerabilities in Intel system software for Trusted Execution Technology (TXT) allow att...