HIGH✓ PATCH🇬🇧 English

CVE-2020-0542

CVSS 7.8v3.1pub. 2020-06-15upd. 2024-11-21

Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Intel Converged Security Management Engine Firmware

    OS
    Intel
    14.5.1111.10 – 11.12.77 (bez)11.20 – 11.22.77 (bez)11.0 – 11.8.77 (bez)13.0 – 13.0.32 (bez)14.0 – 14.0.33 (bez)12.0 – 12.0.64 (bez)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
DoS
CWE
Referencje

Powiązane podatności

CVE-2019-0153CRITICAL9.8ten sam produkt

Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to pote...

CVE-2022-38102HIGH7.2ten sam produkt

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versio...

CVE-2022-36392HIGH8.6ten sam produkt

Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before version...

CVE-2020-0536HIGH7.5ten sam produkt

Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, ...

CVE-2020-0534HIGH7.5ten sam produkt

Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and...