What is CVE-2020-0545?

CVE-2020-0545 is a medium-severity vulnerability in Intel Converged_security_management_engine_firmware, classified under Integer Overflow or Wraparound. CVSS score: 4.4/10. Published 2020-06-15.

How severe is CVE-2020-0545?

Medium severity. CVSS v3 base score is 4.4 out of 10.

Integer overflow in Intel Converged_security_management_engine_firmware

CVE-2020-0545

Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00…

Vulnerability class: Integer Overflow

EPSS: 0.004 (30.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.4 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H.

Affected products

Intel Converged_security_management_engine_firmware
Intel Server_platform_services
Intel Trusted_execution_engine
N/a Intel(r) Csme, Txe, And Sps — versions See provided reference

Weakness classification (CWE)

CWE-190 — Integer Overflow or Wraparound

References

secure@intel.com (x_refsource_CONFIRM, x_refsource_MISC, Vendor Advisory)
secure@intel.com (x_refsource_CONFIRM)
secure@intel.com (x_refsource_CONFIRM)
secure@intel.com (x_refsource_CONFIRM)
secure@intel.com (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-0545?: CVE-2020-0545 is a medium-severity vulnerability in Intel Converged_security_management_engine_firmware, classified under Integer Overflow or Wraparound. CVSS score: 4.4/10. Published 2020-06-15.
How severe is CVE-2020-0545?: Medium severity. CVSS v3 base score is 4.4 out of 10.