CVE-2018-12189

Name of the Vulnerable Software and Affected Versions Intel CSME versions prior to 11.8.60 Intel CSME versions prior to 11.11.60 Intel CSME versions prior to 11.22.60 Intel CSME versions prior to 12.0.20 Intel TXE versions prior to 3.1.60 Intel TXE versions prior to 4.0.10

Description The issue is related to an unhandled exception in the Content Protection subsystem and insufficient input validation in the Intel Converged Security and Manageability Engine (CSME) and Intel Trusted Execution Engine (TXE) firmware. This may allow a privileged user to modify data via local access, potentially leading to unauthorized access to protected information.

Recommendations For Intel CSME versions prior to 11.8.60, update to version 11.8.60 or later. For Intel CSME versions prior to 11.11.60, update to version 11.11.60 or later. For Intel CSME versions prior to 11.22.60, update to version 11.22.60 or later. For Intel CSME versions prior to 12.0.20, update to version 12.0.20 or later. For Intel TXE versions prior to 3.1.60, update to version 3.1.60 or later. For Intel TXE versions prior to 4.0.10, update to version 4.0.10 or later.