HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2020-0542

CVSS 7.8v3.1pub. 2020-06-15upd. 2024-11-21

Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Intel Converged Security Management Engine Firmware

    OS
    Intel
    14.5.1111.10 – 11.12.77 (bez)11.20 – 11.22.77 (bez)11.0 – 11.8.77 (bez)13.0 – 13.0.32 (bez)14.0 – 14.0.33 (bez)12.0 – 12.0.64 (bez)
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2019-0153CRITICAL9.8ten sam produkt

Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to pote...

CVE-2022-38102HIGH7.2ten sam produkt

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versio...

CVE-2022-36392HIGH8.6ten sam produkt

Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before version...

CVE-2020-0536HIGH7.5ten sam produkt

Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, ...

CVE-2020-0534HIGH7.5ten sam produkt

Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and...