CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2019-0153

CVSS 9.8v3.0pub. 2019-05-17upd. 2024-11-21

Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Intel Converged Security Management Engine Firmware

    APP
    Intel
    < 12.0.35
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2022-38102HIGH7.2ten sam produkt

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versio...

CVE-2022-36392HIGH8.6ten sam produkt

Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before version...

CVE-2020-0534HIGH7.5ten sam produkt

Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and...

CVE-2020-0536HIGH7.5ten sam produkt

Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, ...

CVE-2020-0542HIGH7.8ten sam produkt

Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5...