MEDIUM✓ PATCH🇬🇧 English

CVE-2020-0545

CVSS 4.4v3.1pub. 2020-06-15upd. 2024-11-21

Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0, SPS_E3_04.01.04.109.0, SPS_E3_04.08.04.070.0 may allow a privileged user to potentially enable denial of service via local access.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • Intel Converged Security Management Engine Firmware

    OS
    Intel
    11.0 – 11.8.77 (bez)11.10 – 11.12.77 (bez)11.20 – 11.22.77 (bez)
  • Intel Server Platform Services

    APP
    Intel
    sps_e3_04.00.00.000.0 – sps_e3_04.01.04.109.0 (bez)sps_e3_04.08.00.000.0 – sps_e3_04.08.04.070.0 (bez)sps_e5_04.00.00.000.0 – sps_e5_04.01.04.380.0 (bez)sps_soc-a_04.00.00.000.0 – sps_soc-a_04.00.04.211.0 (bez)sps_soc-x_04.00.00.000.0 – sps_soc-x_04.00.04.128.0 (bez)
  • Intel Trusted Execution Engine

    OS
    Intel
    3.0 – 3.1.75 (bez)4.0 – 4.0.25 (bez)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
DoS
CWE
Referencje

Powiązane podatności

CVE-2019-0153CRITICAL9.8ten sam produkt

Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to pote...

CVE-2022-38102HIGH7.2ten sam produkt

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versio...

CVE-2022-36392HIGH8.6ten sam produkt

Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before version...

CVE-2022-36348HIGH8.8ten sam produkt

Active debug code in some Intel (R) SPS firmware before version SPS_E5_04.04.04.300.0 may allow an authenticat...

CVE-2020-8744HIGH7.8ten sam produkt

Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and ...