Vulnerabilities > Intel > Server Platform Services Firmware > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-11 | CVE-2022-29466 | Improper Input Validation vulnerability in Intel Server Platform Services Firmware Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700.0 may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
2022-11-11 | CVE-2022-29515 | Memory Leak vulnerability in Intel Server Platform Services Firmware Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local access. | 5.5 |
2022-08-18 | CVE-2022-26074 | Incomplete Cleanup vulnerability in Intel Server Platform Services Firmware Incomplete cleanup in a firmware subsystem for Intel(R) SPS before versions SPS_E3_04.08.04.330.0 and SPS_E3_04.01.04.530.0 may allow a privileged user to potentially enable denial of service via local access. | 4.4 |
2019-12-18 | CVE-2019-11109 | Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0 may allow a privileged user to potentially enable denial of service via local access. | 4.4 |
2019-12-18 | CVE-2019-11090 | Race Condition vulnerability in Intel products Cryptographic timing conditions in the subsystem for Intel(R) PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; Intel(R) TXE 3.1.70 and 4.0.20; Intel(R) SPS before versions SPS_E5_04.01.04.305.0, SPS_SoC-X_04.00.04.108.0, SPS_SoC-A_04.00.04.191.0, SPS_E3_04.01.04.086.0, SPS_E3_04.08.04.047.0 may allow an unauthenticated user to potentially enable information disclosure via network access. | 5.9 |
2019-06-13 | CVE-2018-12147 | Improper Input Validation vulnerability in Intel products Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of privileges via local access. | 6.7 |
2019-05-17 | CVE-2019-0099 | Unspecified vulnerability in Intel Server Platform Services Firmware Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. low complexity intel | 6.8 |
2019-03-14 | CVE-2018-12198 | Improper Input Validation vulnerability in Intel Server Platform Services Firmware Insufficient input validation in Intel(R) Server Platform Services HECI subsystem before version SPS_E5_04.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access. | 6.0 |
2019-03-14 | CVE-2018-12192 | Improper Authentication vulnerability in Intel products Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access. | 6.8 |