Vulnerabilities > Intel > Converged Security Management Engine Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-11 | CVE-2022-29871 | Unspecified vulnerability in Intel Converged Security Management Engine Firmware Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-08-11 | CVE-2022-36392 | Unspecified vulnerability in Intel Converged Security Management Engine Firmware Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access. | 7.5 |
| 2019-06-13 | CVE-2018-12147 | Improper Input Validation vulnerability in Intel products Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of privileges via local access. | 7.2 |
| 2019-05-17 | CVE-2019-0153 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Converged Security Management Engine Firmware 12.0.5 Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | 7.5 |
| 2019-05-17 | CVE-2019-0098 | Unspecified vulnerability in Intel products Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | 7.2 |
| 2019-03-14 | CVE-2018-12199 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel products Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access. | 7.2 |
| 2019-03-14 | CVE-2018-12192 | Improper Authentication vulnerability in Intel products Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access. | 7.2 |
| 2019-03-14 | CVE-2018-12191 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel products Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access. | 7.2 |