Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.
2019-05-17T16:29:01.017
2024-11-21T04:16:12.890
Modified
CVSSv3.0: 7.8 (HIGH)
AV:L/AC:L/Au:N/C:C/I:C/A:C
3.9
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | intel | converged_security_and_management_engine | < 11.8.65 | Yes |
| Application | intel | converged_security_and_management_engine | < 11.11.65 | Yes |
| Application | intel | converged_security_and_management_engine | < 11.22.65 | Yes |
| Application | intel | converged_security_and_management_engine | < 12.0.35 | Yes |
| Application | intel | trusted_execution_technology | < 3.1.65 | Yes |
| Application | intel | trusted_execution_technology | < 4.0.15 | Yes |