CVE-2019-11102

Name of the Vulnerable Software and Affected Versions Intel(R) DAL software for Intel(R) CSME versions prior to 11.8.70 Intel(R) DAL software for Intel(R) CSME versions prior to 11.11.70 Intel(R) DAL software for Intel(R) CSME versions prior to 11.22.70 Intel(R) DAL software for Intel(R) CSME versions prior to 12.0.45 Intel(R) DAL software for Intel(R) CSME versions prior to 13.0.10 Intel(R) DAL software for Intel(R) CSME versions prior to 14.0.10 Intel(R) TXE versions prior to 3.1.70 Intel(R) TXE versions prior to 4.0.20

Description The issue is related to insufficient input validation in the Intel(R) DAL software for Intel(R) CSME and Intel(R) TXE, which may allow a privileged user to potentially enable information disclosure via local access. This could allow an attacker to disclose protected information.

Recommendations For Intel(R) DAL software for Intel(R) CSME versions prior to 11.8.70, update to version 11.8.70 or later. For Intel(R) DAL software for Intel(R) CSME versions prior to 11.11.70, update to version 11.11.70 or later. For Intel(R) DAL software for Intel(R) CSME versions prior to 11.22.70, update to version 11.22.70 or later. For Intel(R) DAL software for Intel(R) CSME versions prior to 12.0.45, update to version 12.0.45 or later. For Intel(R) DAL software for Intel(R) CSME versions prior to 13.0.10, update to version 13.0.10 or later. For Intel(R) DAL software for Intel(R) CSME versions prior to 14.0.10, update to version 14.0.10 or later. For Intel(R) TXE versions prior to 3.1.70, update to version 3.1.70 or later. For Intel(R) TXE versions prior to 4.0.20, update to version 4.0.20 or later.