Vulnerabilities > Intel > Trusted Execution Technology

DATE CVE VULNERABILITY TITLE RISK
2020-11-12 CVE-2020-8751 Information Exposure vulnerability in Intel products
Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, Intel(R) TXE versions before 3.1.80 may allow an unauthenticated user to potentially enable information disclosure via physical access.
local
low complexity
intel CWE-200
2.1
2.1
2020-11-12 CVE-2020-8745 Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
low complexity
intel siemens
6.8
6.8
2020-11-12 CVE-2020-8705 Insecure Default Initialization of Resource vulnerability in Intel products
Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30, Intel(R) SPS versions before E5_04.01.04.400, E3_04.01.04.200, SoC-X_04.00.04.200 and SoC-A_04.00.04.300 may allow an unauthenticated user to potentially enable escalation of privileges via physical access.
local
low complexity
intel CWE-1188
4.6
4.6
2020-11-12 CVE-2020-12303 Use After Free vulnerability in Intel products
Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access.
local
low complexity
intel CWE-416
4.6
4.6
2020-11-12 CVE-2020-12297 Improper Privilege Management vulnerability in Intel products
Improper access control in Installer for Intel(R) CSME Driver for Windows versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access.
local
low complexity
intel CWE-269
4.6
4.6
2019-05-17 CVE-2019-0091 Code Injection vulnerability in Intel products
Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-94
7.2
7.2
2009-01-07 CVE-2009-0066 Security Bypass vulnerability in Intel Trusted Execution Technology NIL
Multiple unspecified vulnerabilities in Intel system software for Trusted Execution Technology (TXT) allow attackers to bypass intended loader integrity protections, as demonstrated by exploitation of tboot.
network
high complexity
intel
7.6
7.6