CVE-2019-0093

Name of the Vulnerable Software and Affected Versions Intel Converged Security and Manageability Engine versions prior to 11.8.65 Intel Converged Security and Manageability Engine versions prior to 11.11.65 Intel Converged Security and Manageability Engine versions prior to 11.22.65 Intel Converged Security and Manageability Engine versions prior to 12.0.35 Intel Server Platform Services versions prior to SPS E3 05.00.04.027.0

Description The issue is related to insufficient protection of service data in the HECI subsystem, which may allow a privileged user to potentially enable information disclosure via local access.

Recommendations For Intel Converged Security and Manageability Engine versions prior to 11.8.65, update to version 11.8.65 or later. For Intel Converged Security and Manageability Engine versions prior to 11.11.65, update to version 11.11.65 or later. For Intel Converged Security and Manageability Engine versions prior to 11.22.65, update to version 11.22.65 or later. For Intel Converged Security and Manageability Engine versions prior to 12.0.35, update to version 12.0.35 or later. For Intel Server Platform Services versions prior to SPS E3 05.00.04.027.0, update to version SPS E3 05.00.04.027.0 or later.