HIGH✓ PATCH🇬🇧 English

CVE-2020-0536

CVSS 7.5v3.1pub. 2020-06-15upd. 2024-11-21

Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and Intel(R) TXE versions before 3.1.75 and 4.0.25 may allow an unauthenticated user to potentially enable information disclosure via network access.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Intel Converged Security Management Engine Firmware

    OS
    Intel
    11.0 – 11.8.77 (bez)11.10 – 11.12.77 (bez)11.20 – 11.22.77 (bez)12.0 – 12.0.64 (bez)13.0 – 13.0.32 (bez)14.0 – 14.0.33 (bez)
  • Intel Trusted Execution Engine Firmware

    OS
    Intel
    3.0 – 3.1.75 (bez)4.0 – 4.0.25 (bez)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2019-0153CRITICAL9.8ten sam produkt

Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to pote...

CVE-2022-38102HIGH7.2ten sam produkt

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versio...

CVE-2022-36392HIGH8.6ten sam produkt

Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before version...

CVE-2020-0542HIGH7.8ten sam produkt

Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5...

CVE-2020-0534HIGH7.5ten sam produkt

Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and...