Maksim Goryachiy

**Name of the Vulnerable Software and Affected Versions** Intel Management Engine Firmware versions 11.0 through 11.20 **Description** The issue is caused by multiple buffer overflows in the Intel Management Engine (ME) firmware, which can allow an attacker to execute arbitrary code. This can be exploited by an attacker with local access to the system. **Recommendations** For Intel Management Engine Firmware versions 11.0 through 11.20, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intel Compute Stick systems based on 6th Gen Intel Core processors versions prior to CC047 **Description** The issue allows an attacker with physical access to the system to gain access to personal information. **Recommendations** For versions prior to CC047, update the BIOS to version CC047 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel NUC systems based on 6th Gen Intel Core processors versions prior to KY0045 **Description** The issue may allow an attacker with physical access to the system to gain access to personal information. **Recommendations** For versions prior to KY0045, update the BIOS to version KY0045 or later to resolve the issue.