Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL-SA-00125 Detection Tool version 1.0.45.0 or before may allow an authenticated user to potentially enable escalation of privilege via local access.
2019-12-18T22:15:13.457
2024-11-21T04:20:37.420
Modified
CVSSv3.1: 7.8 (HIGH)
AV:L/AC:L/Au:N/C:P/I:P/A:P
3.9
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | intel | intel-sa-00125_detection_tool | ≤ 1.0.45.0 | Yes |
| Application | intel | sa-00086_detection_tool | ≤ 1.2.7.0 | Yes |
| Operating System | intel | converged_security_management_engine_firmware | < 11.8.70 | Yes |
| Operating System | intel | converged_security_management_engine_firmware | < 11.11.70 | Yes |
| Operating System | intel | converged_security_management_engine_firmware | < 11.22.70 | Yes |
| Operating System | intel | converged_security_management_engine_firmware | < 12.0.45 | Yes |
| Operating System | intel | converged_security_management_engine_firmware | < 13.0.0 | Yes |
| Operating System | intel | converged_security_management_engine_firmware | < 14.0.10 | Yes |
| Operating System | intel | trusted_execution_engine_firmware | < 3.1.70 | Yes |
| Operating System | intel | trusted_execution_engine_firmware | < 4.0.20 | Yes |