Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HIntel Converged Security Management Engine Firmware
APPIntel< 12.0.35
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Memory
CWE
Related vulnerabilities
CVE-2022-38102HIGH7.2ten sam produkt
Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versio...
CVE-2022-36392HIGH8.6ten sam produkt
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before version...
CVE-2020-0534HIGH7.5ten sam produkt
Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and...
CVE-2020-0536HIGH7.5ten sam produkt
Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, ...
CVE-2020-0542HIGH7.8ten sam produkt
Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5...