PT-2019-3844 · Intel · Intel Txe+1
Publicado
2019-11-12
·
Atualizado
2020-08-24
·
CVE-2019-11110
CVSS v3.1
6.7
Média
| Vetor | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Intel CSME versions prior to 11.8.70
Intel CSME versions prior to 11.11.70
Intel CSME versions prior to 11.22.70
Intel CSME versions prior to 12.0.45
Intel CSME versions prior to 13.0.10
Intel CSME versions prior to 14.0.10
Intel TXE versions prior to 3.1.70
Intel TXE versions prior to 4.0.20
Description
The issue is related to authentication bypass in the Intel Converged Security and Manageability Engine (CSME) and Intel Trusted Execution Engine (TXE) subsystems, which may allow a privileged user to potentially enable escalation of privilege via local access. This is due to errors in authentication.
Recommendations
For Intel CSME versions prior to 11.8.70, update to version 11.8.70 or later.
For Intel CSME versions prior to 11.11.70, update to version 11.11.70 or later.
For Intel CSME versions prior to 11.22.70, update to version 11.22.70 or later.
For Intel CSME versions prior to 12.0.45, update to version 12.0.45 or later.
For Intel CSME versions prior to 13.0.10, update to version 13.0.10 or later.
For Intel CSME versions prior to 14.0.10, update to version 14.0.10 or later.
For Intel TXE versions prior to 3.1.70, update to version 3.1.70 or later.
For Intel TXE versions prior to 4.0.20, update to version 4.0.20 or later.
Correção
Improper Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Intel Csme
Intel Txe