Vulnerabilities > Intel > Converged Security Management Engine Firmware > 11.11.65
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-18 | CVE-2019-11104 | Improper Input Validation vulnerability in Intel products Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2019-12-18 | CVE-2019-11101 | Improper Input Validation vulnerability in Intel products Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access. | 4.4 |
| 2019-12-18 | CVE-2019-11087 | Improper Input Validation vulnerability in Intel products Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access. | 6.7 |
| 2019-12-18 | CVE-2019-0169 | Out-of-bounds Write vulnerability in Intel products Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access. | 8.8 |
| 2019-05-17 | CVE-2019-0170 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Converged Security Management Engine Firmware Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access. | 6.7 |
| 2019-05-17 | CVE-2019-0153 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Converged Security Management Engine Firmware Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | 9.8 |
| 2018-09-12 | CVE-2018-3659 | Unspecified vulnerability in Intel products A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may allow an unauthenticated user to potentially disclose information via physical access. low complexity intel | 6.8 |
| 2018-09-12 | CVE-2018-3658 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access. | 5.3 |
| 2018-09-12 | CVE-2018-3657 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access. | 6.7 |
| 2018-09-12 | CVE-2018-3643 | Unspecified vulnerability in Intel products A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code. | 8.2 |