Vulnerabilities > CVE-2019-0169 - Out-of-bounds Write vulnerability in Intel products

CVSS 8.8 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

intel

CWE-787

NVD

Published: 2019-12-18

Updated: 2024-11-21

Summary

Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access.

Vulnerable Configurations

Part	Description	Count
OS	Intel Intel Trusted Execution Engine Firmware 4.0 Intel Trusted Execution Engine Firmware 4.0.5 Intel Trusted Execution Engine Firmware 4.0.10 Intel Trusted Execution Engine Firmware 4.0.15 Intel Trusted Execution Engine Firmware 4.0.20 Intel Trusted Execution Engine Firmware 3.0 Intel Trusted Execution Engine Firmware 3.1.50 Intel Trusted Execution Engine Firmware 3.1.60 Intel Trusted Execution Engine Firmware 3.1.65 Intel Trusted Execution Engine Firmware 3.1.70 Intel Converged Security Management Engine Firmware 12.0 Intel Converged Security Management Engine Firmware 12.0.0 Intel Converged Security Management Engine Firmware 12.0.5 Intel Converged Security Management Engine Firmware 12.0.10 Intel Converged Security Management Engine Firmware 12.0.20 Intel Converged Security Management Engine Firmware 12.0.35 Intel Converged Security Management Engine Firmware 11.20 Intel Converged Security Management Engine Firmware 11.21.51 Intel Converged Security Management Engine Firmware 11.22.0 Intel Converged Security Management Engine Firmware 11.22.60 Intel Converged Security Management Engine Firmware 11.22.65 Intel Converged Security Management Engine Firmware 11.10 Intel Converged Security Management Engine Firmware 11.11.50 Intel Converged Security Management Engine Firmware 11.11.55 Intel Converged Security Management Engine Firmware 11.11.60 Intel Converged Security Management Engine Firmware 11.11.65 Intel Converged Security Management Engine Firmware 11.0 Intel Converged Security Management Engine Firmware 11.8.50 Intel Converged Security Management Engine Firmware 11.8.55 Intel Converged Security Management Engine Firmware 11.8.60 Intel Converged Security Management Engine Firmware 11.8.65	33

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References