PT-2020-4052 · Intel · Intel Csme
Published
2020-06-09
·
Updated
2020-07-22
·
CVE-2020-0534
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions:
Intel(R) CSME versions prior to 12.0.64
Intel(R) CSME versions prior to 13.0.32
Intel(R) CSME versions prior to 14.0.33
Intel(R) CSME versions prior to 14.5.12
Description:
The issue is caused by insufficient input validation in the DAL subsystem, which may allow an unauthenticated user to potentially enable denial of service via network access. This could be exploited by a remote attacker to cause a denial of service.
Recommendations:
For Intel(R) CSME versions prior to 12.0.64, update to version 12.0.64 or later.
For Intel(R) CSME versions prior to 13.0.32, update to version 13.0.32 or later.
For Intel(R) CSME versions prior to 14.0.33, update to version 14.0.33 or later.
For Intel(R) CSME versions prior to 14.5.12, update to version 14.5.12 or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel Csme