Use after free in Kernel Mode Driver for Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an authenticated user to potentially enable escalation of privilege via local access.
oryginał ENCVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HIntel Trusted Execution Engine
OSIntel< 3.1.804.0 – 4.0.30 (bez)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Memory
CWE
Powiązane podatności
CVE-2020-8744HIGH7.8ten sam produkt
Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and ...
CVE-2020-12355MEDIUM6.8ten sam produkt
Authentication bypass by capture-replay in RPMB protocol message authentication subsystem in Intel(R) TXE vers...
CVE-2020-0545MEDIUM4.4ten sam produkt
Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE v...
CVE-2021-45046CRITICAL9.0⚠ KEVten sam vendor
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-defau...
CVE-2021-44228CRITICAL10.0⚠ KEVten sam vendor
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features u...