CVE-2022-38102

< 16.1.27

Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1

7.2HIGH

CVE-2022-36392

< 11.12.94

Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94,

8.6HIGH

CVE-2022-29871

< 11.12.94

Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to poten

6.7MEDIUM

CVE-2020-0545

>= 11.0 and < 11.8.77

Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.7

4.4MEDIUM

CVE-2020-0542

>= 11.0 and < 11.8.77

Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an aut

7.8HIGH

CVE-2020-0541

>= 13.0 and < 13.0.32

Out-of-bounds write in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow a privileged us

6.7MEDIUM

CVE-2020-0539

>= 11.0 and < 11.8.77

Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0

5.5MEDIUM

CVE-2020-0536

>= 11.0 and < 11.8.77

Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.

7.5HIGH

CVE-2020-0534

>= 13.0 and < 13.0.32

Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow a

7.5HIGH

CVE-2020-0533

>= 11.0 and < 11.8.77

Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially

6.7MEDIUM

CVE-2019-14598

>= 12.0 and < 12.0.48

Improper Authentication in subsystem in Intel(R) CSME versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.

6.7MEDIUM

CVE-2019-11147

>= 11.0 and < 11.8.70

Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70

7.8HIGH

CVE-2019-11110

>= 11.0 and < 11.8.70

Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10

6.7MEDIUM

CVE-2019-11108

>= 12.0 and < 12.0.45

Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to po

6.7MEDIUM

CVE-2019-11106

>= 11.0 and < 11.8.70

Insufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R)

6.7MEDIUM

CVE-2019-11105

>= 12.0 and < 12.0.45

Logic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13.0.10 and 14.0.10 may allow a privileged user to potentially

6.7MEDIUM

CVE-2019-11104

>= 11.0 and < 11.8.70

Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 a

7.8HIGH

CVE-2019-11103

>= 12.0 and < 12.0.45

Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow

7.8HIGH

CVE-2019-11101

>= 11.0 and < 11.8.70

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and

4.4MEDIUM

CVE-2019-11087

>= 11.0 and < 11.8.70

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and

6.7MEDIUM

CVE-2019-0169

>= 11.0 and < 11.8.70

Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1

8.8HIGH

CVE-2019-0168

>= 11.0 and < 11.8.70

Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before

4.4MEDIUM

CVE-2019-0165

>= 12.0 and < 12.0.45

Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privilege

4.4MEDIUM

CVE-2018-12147

>= 11.0 and <= 11.8.50

Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before

6.7MEDIUM

CVE-2019-0170

< 12.0.35

Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation o

6.7MEDIUM

CVE-2019-0153

< 12.0.35

Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escal

9.8CRITICAL

CVE-2019-0098

>= 11.0 and < 11.8.65

Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an una

6.8MEDIUM

CVE-2019-0086

>= 11.0 and < 11.8.65

Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.

7.8HIGH

CVE-2018-12208

>= 11.0 and < 11.8.60

Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version

7.6HIGH

CVE-2018-12199

>= 11.0 and < 11.8.60

Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version befo

6.2MEDIUM

CVE-2018-12196

>= 11.0 and < 11.8.60

Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a p

6.7MEDIUM

CVE-2018-12192

>= 11.0 and < 11.8.60

Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Ser

6.8MEDIUM

CVE-2018-12191

>= 11.0 and < 11.8.60

Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform

7.6HIGH

CVE-2018-12190

>= 11.0 and < 11.8.60

Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE be

6.7MEDIUM

CVE-2018-12189

>= 11.0 and < 11.8.60

Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel

4.4MEDIUM

CVE-2018-12188

>= 11.0 and < 11.8.60

Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1

4.6MEDIUM

CVE-2018-12185

>= 11.0 and < 11.8.60

Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an

6.8MEDIUM

CVE-2018-3659

< 12.0.5

A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may all

6.8MEDIUM

CVE-2018-3658

>= 11.0.0 and < 12.0.5

Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT

5.3MEDIUM

CVE-2018-3657

>= 11.0.0 and < 12.0.5

Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potent

6.7MEDIUM

CVE-2018-3655

>= 11.0 and <= 11.8.50

A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel

7.3HIGH

CVE-2018-3643

< 12.0.6

A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engin

8.2HIGH

CVE-2018-3616

>= 11.0.0 and < 12.0.5

Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allo

5.9MEDIUM

CVE-2018-3627

all versions

Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged

8.2HIGH