PT-2019-1626 · Intel · Intel Server Platform Services+2
Publicado
2019-03-12
·
Atualizado
2020-09-10
·
CVE-2018-12191
CVSS v3.1
7.6
Alta
| Vetor | AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Intel Converged Security and Manageability Engine (CSME) versions prior to 11.8.60, 11.11.60, 11.22.60 or 12.0.20
Intel Trusted Execution Engine (TXE) versions prior to 3.1.60 or 4.0.10
Intel Server Platform Services (SPS) versions prior to 4.00.04.383 or SPS 4.01.02.174
Description
The issue is related to a buffer overflow in memory, which can be exploited to execute arbitrary code. An unauthenticated user with physical access may potentially exploit this issue.
Recommendations
For Intel Converged Security and Manageability Engine (CSME) versions prior to 11.8.60, 11.11.60, 11.22.60 or 12.0.20, update to version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or later.
For Intel Trusted Execution Engine (TXE) versions prior to 3.1.60 or 4.0.10, update to version 3.1.60 or 4.0.10 or later.
For Intel Server Platform Services (SPS) versions prior to 4.00.04.383 or SPS 4.01.02.174, update to version 4.00.04.383 or SPS 4.01.02.174 or later.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Intel Converged Security/Manageability Engine
Intel Server Platform Services
Intel Trusted Execution Engine