Latest intel converged security management engine firmware Vulnerabilities

CVE-2022-38102
Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of servic...
Intel Converged Security Management Engine Firmware<16.1.27
Intel B660
Intel H610
Intel H610e
Intel H670
Intel Hm670
and 93 more
CVE-2022-36392
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME ma...
Intel Converged Security Management Engine Firmware<11.12.94
Intel C232
Intel C236
Intel C420
Intel C422
Intel Cm236
and 134 more
CVE-2022-29871
Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Converged Security Management Engine Firmware<11.12.94
Intel C232
Intel C236
Intel C420
Intel C422
Intel Cm236
and 437 more
CVE-2020-0545
Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before ...
Intel Converged Security Management Engine Firmware>=11.0<11.8.77
Intel Converged Security Management Engine Firmware>=11.10<11.12.77
Intel Converged Security Management Engine Firmware>=11.20<11.22.77
Intel Server Platform Services>=sps_e3_04.00.00.000.0<sps_e3_04.01.04.109.0
Intel Server Platform Services>=sps_e3_04.08.00.000.0<sps_e3_04.08.04.070.0
Intel Server Platform Services>=sps_e5_04.00.00.000.0<sps_e5_04.01.04.380.0
and 4 more
CVE-2020-0541
Out-of-bounds write in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow a privileged user to potentially enable escalation of privilege via local access.
Intel Converged Security Management Engine Firmware>=12.0<12.0.64
Intel Converged Security Management Engine Firmware>=13.0<13.0.32
Intel Converged Security Management Engine Firmware>=14.0<14.0.33
Intel Converged Security Management Engine Firmware=14.5.11
CVE-2020-0539
Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow...
Intel Converged Security Management Engine Firmware>=11.0<11.8.77
Intel Converged Security Management Engine Firmware>=11.10<11.12.77
Intel Converged Security Management Engine Firmware>=11.20<11.22.77
Intel Converged Security Management Engine Firmware>=12.0<12.0.64
Intel Converged Security Management Engine Firmware>=13.0<13.0.32
Intel Converged Security Management Engine Firmware>=14.0<14.0.33
and 2 more
CVE-2020-0536
Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and Intel(R) TXE versions before 3.1.75 and 4.0.25 may allow an u...
Intel Converged Security Management Engine Firmware>=11.0<11.8.77
Intel Converged Security Management Engine Firmware>=11.10<11.12.77
Intel Converged Security Management Engine Firmware>=11.20<11.22.77
Intel Converged Security Management Engine Firmware>=12.0<12.0.64
Intel Converged Security Management Engine Firmware>=13.0<13.0.32
Intel Converged Security Management Engine Firmware>=14.0<14.0.33
and 2 more
CVE-2020-0534
Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an unauthenticated user to potentially enable denial of service via net...
Intel Converged Security Management Engine Firmware>=12.0<12.0.64
Intel Converged Security Management Engine Firmware>=13.0<13.0.32
Intel Converged Security Management Engine Firmware>=14.0<14.0.33
Intel Converged Security Management Engine Firmware=14.5.11
CVE-2020-0533
Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disc...
Intel Converged Security Management Engine Firmware>=11.0<11.8.77
Intel Converged Security Management Engine Firmware>=11.10<11.12.77
Intel Converged Security Management Engine Firmware>=11.20<11.22.77
CVE-2019-14598
Improper Authentication in subsystem in Intel(R) CSME versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10 may allow a privileged user to pot...
Intel Converged Security Management Engine Firmware>=12.0<12.0.48
Intel Converged Security Management Engine Firmware>=12.0<12.0.56
Intel Converged Security Management Engine Firmware>=13.0<13.0.20
Intel Converged Security Management Engine Firmware>=14.0<14.0.10
Netapp Steelstore Cloud Integrated Storage
CVE-2019-11108
Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access.
Intel Converged Security Management Engine Firmware>=12.0<12.0.45
Intel Converged Security Management Engine Firmware>=13.0<13.0.10
CVE-2019-11110
Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privilege...
Intel Converged Security Management Engine Firmware>=11.0<11.8.70
Intel Converged Security Management Engine Firmware>=11.10<11.11.70
Intel Converged Security Management Engine Firmware>=11.20<11.22.70
Intel Converged Security Management Engine Firmware>=12.0<12.0.45
Intel Converged Security Management Engine Firmware>=13.0<13.0.10
Intel Converged Security Management Engine Firmware>=14.0.0<14.0.10
and 2 more
CVE-2019-11147
Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TX...
Intel Intel-sa-00125 Detection Tool<=1.0.45.0
Intel Sa-00086 Detection Tool<=1.2.7.0
Intel Converged Security Management Engine Firmware>=11.0<11.8.70
Intel Converged Security Management Engine Firmware>=11.10<11.11.70
Intel Converged Security Management Engine Firmware>=11.20<11.22.70
Intel Converged Security Management Engine Firmware>=12.0<12.0.45
and 4 more
CVE-2019-11103
Intel Converged Security Management Engine Firmware>=12.0<12.0.45
Intel Converged Security Management Engine Firmware>=13.0<13.0.10
Intel Converged Security Management Engine Firmware>=14.0.0<14.0.10
CVE-2019-11104
Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a...
Intel Converged Security Management Engine Firmware>=11.0<11.8.70
Intel Converged Security Management Engine Firmware>=11.10<11.11.70
Intel Converged Security Management Engine Firmware>=11.20<11.22.70
Intel Converged Security Management Engine Firmware>=12.0<12.0.45
Intel Converged Security Management Engine Firmware>=13.0<13.0.10
Intel Converged Security Management Engine Firmware>=14.0.0<14.0.10
and 2 more
CVE-2019-11101
Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a p...
Intel Converged Security Management Engine Firmware>=11.0<11.8.70
Intel Converged Security Management Engine Firmware>=11.10<11.11.70
Intel Converged Security Management Engine Firmware>=11.20<11.22.70
Intel Converged Security Management Engine Firmware>=12.0<12.0.45
Intel Converged Security Management Engine Firmware>=13.0<13.0.10
Intel Converged Security Management Engine Firmware>=14.0.0<14.0.10
and 2 more
CVE-2019-11105
Logic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13.0.10 and 14.0.10 may allow a privileged user to potentially enable escalation of privilege and information disclosure via local a...
Intel Converged Security Management Engine Firmware>=12.0<12.0.45
Intel Converged Security Management Engine Firmware>=13.0<13.0.10
Intel Converged Security Management Engine Firmware>=14.0.0<14.0.10
CVE-2019-11106
Insufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to ...
Intel Converged Security Management Engine Firmware>=11.0<11.8.70
Intel Converged Security Management Engine Firmware>=12.0<12.0.45
Intel Converged Security Management Engine Firmware>=13.0<13.0.10
Intel Converged Security Management Engine Firmware>=14.0.0<14.0.10
Intel Trusted Execution Engine Firmware>=3.0<3.1.70
Intel Trusted Execution Engine Firmware>=4.0<4.0.20
CVE-2019-0169
Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable...
Intel Converged Security Management Engine Firmware>=11.0<11.8.70
Intel Converged Security Management Engine Firmware>=11.10<11.11.70
Intel Converged Security Management Engine Firmware>=11.20<11.22.70
Intel Converged Security Management Engine Firmware>=12.0<12.0.45
Intel Trusted Execution Engine Firmware>=3.0<3.1.70
Intel Trusted Execution Engine Firmware>=4.0<4.0.20
CVE-2019-0168
Intel Converged Security Management Engine Firmware>=11.0<11.8.70
Intel Converged Security Management Engine Firmware>=12.0<12.0.45
Intel Converged Security Management Engine Firmware>=13.0<13.0.10
Intel Trusted Execution Engine Firmware>=3.0<3.1.70
Intel Trusted Execution Engine Firmware>=4.0<4.0.20
CVE-2019-0165
Intel Converged Security Management Engine Firmware>=12.0<12.0.45
Intel Converged Security Management Engine Firmware>=13.0<13.0.10
Intel Converged Security Management Engine Firmware>=14.0.0<14.0.10
CVE-2018-12147
Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version...
Intel Converged Security Management Engine Firmware>=11.0<=11.8.50
Intel Converged Security Management Engine Firmware>=11.10<=11.11.50
Intel Converged Security Management Engine Firmware>=11.20<=11.21.51
Intel Server Platform Services Firmware<4.0
Intel Trusted Execution Engine Firmware>=3.0<=3.1.50
CVE-2019-0153
Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Intel Converged Security Management Engine Firmware<12.0.35
CVE-2019-0170
Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.
Intel Converged Security Management Engine Firmware<12.0.35
CVE-2019-0098
Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via ph...
Intel Converged Security Management Engine Firmware>=11.0<11.8.65
Intel Converged Security Management Engine Firmware>=11.10<11.11.65
Intel Converged Security Management Engine Firmware>=11.20<11.22.65
Intel Converged Security Management Engine Firmware>=12.0<12.0.35
Intel Trusted Execution Engine Firmware>=3.0<3.1.65
Intel Trusted Execution Engine Firmware>=4.0<4.0.15
CVE-2019-0086
Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unp...
Intel Converged Security Management Engine Firmware>=11.0<11.8.65
Intel Converged Security Management Engine Firmware>=11.10<11.11.65
Intel Converged Security Management Engine Firmware>=11.20<11.22.65
Intel Converged Security Management Engine Firmware>=12.0<12.0.35
Intel Trusted Execution Engine Firmware>=3.0<3.1.65
Intel Trusted Execution Engine Firmware>=4.0<=4.0.15
CVE-2018-12189
Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially m...
Intel Converged Security Management Engine Firmware>=11.0<11.8.60
Intel Converged Security Management Engine Firmware>=11.10<11.11.60
Intel Converged Security Management Engine Firmware>=11.20<11.22.60
Intel Converged Security Management Engine Firmware>=12.0.0<12.0.20
Intel Trusted Execution Engine Firmware>=3.0<3.1.60
Intel Trusted Execution Engine Firmware>=4.0<4.0.10
CVE-2018-12191
Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) T...
Intel Converged Security Management Engine Firmware>=11.0<11.8.60
Intel Converged Security Management Engine Firmware>=11.10<11.11.60
Intel Converged Security Management Engine Firmware>=11.20<11.22.60
Intel Converged Security Management Engine Firmware>=12.0.0<12.0.20
Intel Server Platform Services Firmware>=4.00.04.367<4.00.04.383
Intel Server Platform Services Firmware>=4.01.00.152.0<4.01.02.174
and 2 more
CVE-2018-12192
Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticate...
Intel Converged Security Management Engine Firmware>=11.0<11.8.60
Intel Converged Security Management Engine Firmware>=11.10<11.11.60
Intel Converged Security Management Engine Firmware>=11.20<11.22.60
Intel Converged Security Management Engine Firmware>=12.0.0<12.0.20
Intel Server Platform Services Firmware<sps_e5_04.00.04.393.0
CVE-2018-12196
Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.
Intel Converged Security Management Engine Firmware>=11.0<11.8.60
Intel Converged Security Management Engine Firmware>=11.10<11.11.60
Intel Converged Security Management Engine Firmware>=11.20<11.22.60
Intel Converged Security Management Engine Firmware>=12.0.0<12.0.20
CVE-2018-12188
Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify ...
Intel Converged Security Management Engine Firmware>=11.0<11.8.60
Intel Converged Security Management Engine Firmware>=11.10<11.11.60
Intel Converged Security Management Engine Firmware>=11.20<11.22.60
Intel Converged Security Management Engine Firmware>=12.0.0<12.0.20
Intel Trusted Execution Engine Firmware>=3.0<3.1.60
Intel Trusted Execution Engine Firmware>=4.0<4.0.10
CVE-2018-12190
Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enabl...
Intel Converged Security Management Engine Firmware>=11.0<11.8.60
Intel Converged Security Management Engine Firmware>=11.10<11.11.60
Intel Converged Security Management Engine Firmware>=11.20<11.22.60
Intel Converged Security Management Engine Firmware>=12.0.0<12.0.20
Intel Trusted Execution Engine Firmware>=3.0<3.1.60
Intel Trusted Execution Engine Firmware>=4.0<4.0.10
CVE-2018-12208
Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before ...
Intel Converged Security Management Engine Firmware>=11.0<11.8.60
Intel Converged Security Management Engine Firmware>=11.10<11.11.60
Intel Converged Security Management Engine Firmware>=11.20<11.22.60
Intel Converged Security Management Engine Firmware>=12.0.0<12.0.20
Intel Server Platform Services Firmware<5.00.04.012
Intel Trusted Execution Engine Firmware>=3.0<3.1.60
and 1 more
CVE-2018-12199
Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute...
Intel Converged Security Management Engine Firmware>=11.0<11.8.60
Intel Converged Security Management Engine Firmware>=11.10<11.11.60
Intel Converged Security Management Engine Firmware>=11.20<11.22.60
Intel Converged Security Management Engine Firmware>=12.0.0<12.0.20
Intel Trusted Execution Engine Firmware>=3.0<3.1.60
Intel Trusted Execution Engine Firmware>=4.0<4.0.10
CVE-2018-12185
Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physica...
Intel Converged Security Management Engine Firmware>=11.0<11.8.60
Intel Converged Security Management Engine Firmware>=11.10<11.11.60
Intel Converged Security Management Engine Firmware>=11.20<11.22.60
Intel Converged Security Management Engine Firmware>=12.0.0<12.0.20
CVE-2018-3659
A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may allow an unauthenticated user to potentially disclose information via phy...
Intel Converged Security Management Engine Firmware<12.0.5
Intel Trusted Execution Engine Firmware<4.0
CVE-2018-3655
A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an u...
Intel Converged Security Management Engine Firmware>=11.0<=11.8.50
Intel Converged Security Management Engine Firmware>=11.10<=11.11.50
Intel Converged Security Management Engine Firmware>=11.20<=11.21.51
Intel Server Platform Services Firmware<4.0
Intel Trusted Execution Engine Firmware>=3.0<=3.1.50
CVE-2018-3616
Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key vi...
Intel Converged Security Management Engine Firmware>=11.0.0<12.0.5
Intel Active Management Technology Firmware<12.0.5
Intel Manageability Engine Firmware>=9.0.0.0<11.0
Siemens Simatic Field Pg M5 Firmware<22.01.06
Siemens Simatic Field Pg M5
Siemens Simatic Ipc427e Firmware<21.01.09
and 19 more
CVE-2018-3658
Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via netwo...
Siemens Simatic Field Pg M5 Firmware<22.01.06
Siemens Simatic Field Pg M5
Siemens Simatic Ipc427e Firmware<21.01.09
Siemens Simatic Ipc427e
Siemens Simatic Ipc477e Firmware<21.01.09
Siemens Simatic Ipc477e
and 19 more
CVE-2018-3643
A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R...
Intel Converged Security Management Engine Firmware<12.0.6
Intel Server Platform Services Firmware<4.00.04
CVE-2018-3657
Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via lo...
Siemens Simatic Field Pg M5 Firmware<22.01.06
Siemens Simatic Field Pg M5
Siemens Simatic Ipc427e Firmware<21.01.09
Siemens Simatic Ipc427e
Siemens Simatic Ipc477e Firmware<21.01.09
Siemens Simatic Ipc477e
and 19 more
CVE-2018-3627
Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.
Intel Converged Security Management Engine Firmware=11.0
Intel Core I3=6006u
Intel Core I3=6098p
Intel Core I3=6100
Intel Core I3=6100e
Intel Core I3=6100h
and 171 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203