Use after free in Kernel Mode Driver for Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HIntel Trusted Execution Engine
OSIntel< 3.1.804.0 – 4.0.30 (bez)
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Memory
CWE
Related vulnerabilities
CVE-2020-8744HIGH7.8ten sam produkt
Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and ...
CVE-2020-12355MEDIUM6.8ten sam produkt
Authentication bypass by capture-replay in RPMB protocol message authentication subsystem in Intel(R) TXE vers...
CVE-2020-0545MEDIUM4.4ten sam produkt
Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE v...
CVE-2021-45046CRITICAL9.0⚠ KEVten sam vendor
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-defau...
CVE-2021-44228CRITICAL10.0⚠ KEVten sam vendor
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features u...