Intel(R) CSME before versions 12.0.45 Improper Input Validation Vulnerability

Summary

Intel(R) CSME before versions 12.0.45 suffers from improper input validation vulnerability

Credit:

The information has been provided by Daniel Moghimi 

The original article can be found at:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html


Details

Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access.

 

Vulnerable Systems:

Intel(R) CSME before versions 12.0.45

Intel(R) CSME before versions 13.0.10

Intel(R) CSME before versions 14.0.10

 

CVE Information:

CVE-2019-0165

 

Disclosure Timeline:
Published Date:12/18/2019

Categories: News