HIGH✓ PATCH🇬🇧 English

CVE-2020-0534

CVSS 7.5v3.1pub. 2020-06-15upd. 2024-11-21

Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an unauthenticated user to potentially enable denial of service via network access.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Intel Converged Security Management Engine Firmware

    OS
    Intel
    14.5.1112.0 – 12.0.64 (bez)13.0 – 13.0.32 (bez)14.0 – 14.0.33 (bez)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
DoS
CWE
Referencje

Powiązane podatności

CVE-2019-0153CRITICAL9.8ten sam produkt

Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to pote...

CVE-2022-38102HIGH7.2ten sam produkt

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versio...

CVE-2022-36392HIGH8.6ten sam produkt

Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before version...

CVE-2020-0542HIGH7.8ten sam produkt

Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5...

CVE-2020-0536HIGH7.5ten sam produkt

Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, ...