CVE-2019-0098

Name of the Vulnerable Software and Affected Versions Intel(R) CSME versions prior to 12.0.35 Intel(R) TXE versions prior to 3.1.65 Intel(R) TXE version 4.0.15

Description The issue is related to a logic bug in the subsystem, which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. It is associated with insufficient access control in the Intel Converged Security and Manageability Engine and Intel Trusted Execution Engine, allowing an attacker to potentially elevate their privileges.

Recommendations For Intel(R) CSME versions prior to 12.0.35, update to version 12.0.35 or later. For Intel(R) TXE versions prior to 3.1.65, update to version 3.1.65 or later. For Intel(R) TXE version 4.0.15, update to a version later than 4.0.15.