Intel(R) CSME before versions 11.8.70 Improper Input Validation Vulnerability

Summary

Intel(R) CSME before versions 11.8.70 suffers from improper input validation vulnerability

Credit:

The information has been provided by Daniel Moghimi 

The original article can be found at:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html


Details

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.

 

Vulnerable Systems:

Intel(R) CSME before versions 11.8.70

Intel(R) CSME before versions 12.0.45

Intel(R) CSME before versions 13.0.10

Intel(R) TXE before versions 3.1.70

Intel(R) TXE before versions 4.0.20

 

CVE Information:

CVE-2019-0168

 

Disclosure Timeline:
Published Date:12/18/2019

Categories: News