CVE-2018-12199

Name of the Vulnerable Software and Affected Versions Intel Converged Security and Manageability Engine (CSME) versions prior to 11.8.60, 11.11.60, 11.22.60, or 12.0.20 Intel Trusted Execution Engine (TXE) versions prior to 3.1.60 or 4.0.10

Description The issue is related to a buffer overflow in memory, which may allow an attacker to execute arbitrary code. This can potentially be exploited by a privileged user with physical access to the system.

Recommendations For Intel Converged Security and Manageability Engine (CSME) versions prior to 11.8.60, 11.11.60, 11.22.60, or 12.0.20, update to version 11.8.60, 11.11.60, 11.22.60, or 12.0.20 or later. For Intel Trusted Execution Engine (TXE) versions prior to 3.1.60 or 4.0.10, update to version 3.1.60, 4.0.10 or later. As a temporary workaround, consider restricting physical access to the system to minimize the risk of exploitation.