Intel Converged_security_and_manageability_engine
12 CVEs affecting Intel Converged_security_and_manageability_engine. Latest disclosed: 2022-11-11. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-12303 | High | 7.8 | 2020-11-12 | Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE 3… |
CVE-2020-12297 | High | 7.8 | 2020-11-12 | Improper access control in Installer for Intel(R) CSME Driver for Windows versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and… |
CVE-2020-24516 | Medium | 6.8 | 2021-06-09 | Modification of assumed-immutable data in subsystem in Intel(R) CSME versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22 may allow an unauthenticated… |
CVE-2020-8745 | Medium | 6.8 | 2020-11-12 | Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.2… |
CVE-2020-8705 | Medium | 6.8 | 2020-11-12 | Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14… |
CVE-2020-8703 | Medium | 6.7 | 2021-06-09 | Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and… |
CVE-2020-8756 | Medium | 6.7 | 2020-11-12 | Improper input validation in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potent… |
CVE-2020-8761 | Medium | 4.6 | 2020-11-12 | Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30.10 may allow an unauthenticated user to potentially enable info… |
CVE-2020-8751 | Medium | 4.6 | 2020-11-12 | Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, Intel(R) TXE versions before 3.1.80 may allow an unauthenticated u… |
CVE-2020-24507 | Medium | 4.4 | 2021-06-09 | Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11… |
CVE-2020-24506 | Medium | 4.4 | 2021-06-09 | Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentiall… |
CVE-2022-26047 | Medium | 4.3 | 2022-11-11 | Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potent… |