Vulnerabilities > CVE-2020-0541 - Out-of-bounds Write vulnerability in Intel Converged Security Management Engine Firmware
Attack vector
LOCAL Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Out-of-bounds write in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow a privileged user to potentially enable escalation of privilege via local access.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://security.netapp.com/advisory/ntap-20200611-0006/
- https://support.lenovo.com/de/en/product_security/len-30041
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html
- https://security.netapp.com/advisory/ntap-20200611-0006/
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html
- https://support.lenovo.com/de/en/product_security/len-30041