Vulnerabilities > Intel > Converged Security AND Manageability Engine
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-11 | CVE-2022-26047 | Improper Input Validation vulnerability in Intel products Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local access. | 6.5 |
| 2021-06-09 | CVE-2020-24506 | Out-of-bounds Read vulnerability in multiple products Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentially enable information disclosure via local access. | 2.1 |
| 2021-06-09 | CVE-2020-24507 | Improper Initialization vulnerability in multiple products Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access. | 2.1 |
| 2021-06-09 | CVE-2020-24516 | Unspecified vulnerability in Intel Converged Security and Manageability Engine Modification of assumed-immutable data in subsystem in Intel(R) CSME versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | 4.6 |
| 2021-06-09 | CVE-2020-8703 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access. | 4.6 |
| 2020-11-12 | CVE-2020-8761 | Inadequate Encryption Strength vulnerability in Intel Converged Security and Manageability Engine 13.30.0 Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30.10 may allow an unauthenticated user to potentially enable information disclosure via physical access. | 2.1 |
| 2020-11-12 | CVE-2020-8756 | Improper Input Validation vulnerability in Intel Converged Security and Manageability Engine Improper input validation in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access. | 4.6 |
| 2020-11-12 | CVE-2020-8751 | Information Exposure vulnerability in Intel products Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, Intel(R) TXE versions before 3.1.80 may allow an unauthenticated user to potentially enable information disclosure via physical access. | 2.1 |
| 2020-11-12 | CVE-2020-8745 | Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | 6.8 |
| 2020-11-12 | CVE-2020-8705 | Insecure Default Initialization of Resource vulnerability in Intel products Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30, Intel(R) SPS versions before E5_04.01.04.400, E3_04.01.04.200, SoC-X_04.00.04.200 and SoC-A_04.00.04.300 may allow an unauthenticated user to potentially enable escalation of privileges via physical access. | 4.6 |