Converged Security Management Engine Firmware
Approved changes feed: RSS · Atom
cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*
part: o version: * update: *
| Vendor | Intel (929cab12-ac81-57b7-8a87-14c6f331cefb) |
|---|---|
| Product | Converged Security Management Engine Firmware (62b97d09-8d2c-5eea-8094-040d63a90a3b) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-38102 |
vulnerable | 2026-06-08 05:47:15.728411 |
Details available
HIGH (7.2)
Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.
Published: 2023-08-11T02:36:56.232Z
Updated: 2025-02-13T16:32:58.515Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-0545 |
vulnerable | 2026-06-08 05:14:35.874969 |
Details available
Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0, SPS_E3_04.01.04.109.0, SPS_E3_04.08.04.070.0 may allow a privileged user to potentially enable denial of service via local access.
Published: 2020-06-15T14:00:40.000Z
Updated: 2024-08-04T06:02:52.340Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-0542 |
vulnerable | 2026-06-08 05:14:35.457909 |
Details available
Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.
Published: 2020-06-15T13:57:47.000Z
Updated: 2024-08-04T06:02:52.336Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-0541 |
vulnerable | 2026-06-08 05:14:35.457535 |
Details available
Out-of-bounds write in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow a privileged user to potentially enable escalation of privilege via local access.
Published: 2020-06-15T13:59:31.000Z
Updated: 2024-08-04T06:02:52.246Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-0539 |
vulnerable | 2026-06-08 05:14:35.456454 |
Details available
Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access.
Published: 2020-06-15T14:01:05.000Z
Updated: 2024-08-04T06:02:52.348Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-0536 |
vulnerable | 2026-06-08 05:14:35.451668 |
Details available
Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and Intel(R) TXE versions before 3.1.75 and 4.0.25 may allow an unauthenticated user to potentially enable information disclosure via network access.
Published: 2020-06-15T14:00:25.000Z
Updated: 2024-08-04T06:02:52.338Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-0534 |
vulnerable | 2026-06-08 05:14:35.449699 |
Details available
Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an unauthenticated user to potentially enable denial of service via network access.
Published: 2020-06-15T13:58:41.000Z
Updated: 2024-08-04T06:02:52.301Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-0533 |
vulnerable | 2026-06-08 05:14:35.448389 |
Details available
Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
Published: 2020-06-15T13:58:52.000Z
Updated: 2024-08-04T06:02:52.295Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-11147 |
vulnerable | 2026-06-08 05:12:35.835954 |
Details available
Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL-SA-00125 Detection Tool version 1.0.45.0 or before may allow an authenticated user to potentially enable escalation of privilege via local access.
Published: 2019-12-18T21:07:52.000Z
Updated: 2024-08-04T22:48:08.828Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-11110 |
vulnerable | 2026-06-08 05:12:35.083109 |
Details available
Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.
Published: 2019-12-18T21:10:03.000Z
Updated: 2024-08-04T22:48:07.449Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-11108 |
vulnerable | 2026-06-08 05:12:35.050172 |
Details available
Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access.
Published: 2019-12-18T21:10:20.000Z
Updated: 2024-08-04T22:48:08.111Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-11106 |
vulnerable | 2026-06-08 05:12:35.049466 |
Details available
Insufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.
Published: 2019-12-18T21:09:36.000Z
Updated: 2024-08-04T22:48:08.645Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-11105 |
vulnerable | 2026-06-08 05:12:35.049129 |
Details available
Logic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13.0.10 and 14.0.10 may allow a privileged user to potentially enable escalation of privilege and information disclosure via local access.
Published: 2019-12-18T21:07:58.000Z
Updated: 2024-08-04T22:48:08.334Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-11104 |
vulnerable | 2026-06-08 05:12:35.048774 |
Details available
Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.
Published: 2019-12-18T21:08:17.000Z
Updated: 2024-08-04T22:48:07.456Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-11103 |
vulnerable | 2026-06-08 05:12:35.048223 |
Details available
Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.
Published: 2019-12-18T21:08:27.000Z
Updated: 2024-08-04T22:40:16.327Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-11101 |
vulnerable | 2026-06-08 05:12:35.044790 |
Details available
Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.
Published: 2019-12-18T21:09:13.000Z
Updated: 2024-08-04T22:40:16.376Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-11087 |
vulnerable | 2026-06-08 05:12:35.001089 |
Details available
Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege, information disclosure or denial of service via local access.
Published: 2019-12-18T21:09:04.000Z
Updated: 2024-08-04T22:40:16.318Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-0169 |
vulnerable | 2026-06-08 05:12:18.843244 |
Details available
Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access.
Published: 2019-12-18T21:07:38.000Z
Updated: 2024-08-04T17:44:14.755Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-0168 |
vulnerable | 2026-06-08 05:12:18.841801 |
Details available
Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access.
Published: 2019-12-18T21:08:56.000Z
Updated: 2024-08-04T17:44:14.648Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-0165 |
vulnerable | 2026-06-08 05:12:18.839969 |
Details available
Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access.
Published: 2019-12-18T21:08:44.000Z
Updated: 2024-08-04T17:44:14.681Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-0098 |
vulnerable | 2026-06-08 05:12:17.332012 |
Details available
Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Published: 2019-05-17T15:41:38.000Z
Updated: 2024-08-04T17:37:07.822Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-3659 |
vulnerable | 2026-06-08 05:11:40.744520 |
Details available
A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may allow an unauthenticated user to potentially disclose information via physical access.
Published: 2018-09-12T19:00:00.000Z
Updated: 2024-09-17T02:20:51.669Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-3655 |
vulnerable | 2026-06-08 05:11:40.732360 |
Details available
A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.
Published: 2018-09-12T19:00:00.000Z
Updated: 2024-09-17T02:41:44.716Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-3643 |
vulnerable | 2026-06-08 05:11:40.603827 |
Details available
A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.
Published: 2018-09-12T19:00:00.000Z
Updated: 2024-09-16T23:56:06.333Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-12208 |
vulnerable | 2026-06-08 05:10:41.193323 |
Details available
Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access.
Published: 2019-03-14T20:00:00.000Z
Updated: 2024-09-17T00:16:21.349Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-12199 |
vulnerable | 2026-06-08 05:10:40.209549 |
Details available
Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access.
Published: 2019-03-14T20:00:00.000Z
Updated: 2024-09-16T23:51:24.944Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-12196 |
vulnerable | 2026-06-08 05:10:40.208818 |
Details available
Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.
Published: 2019-03-14T20:00:00.000Z
Updated: 2024-09-16T17:04:17.378Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-12192 |
vulnerable | 2026-06-08 05:10:40.205252 |
Details available
Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.
Published: 2019-03-14T20:00:00.000Z
Updated: 2024-09-16T18:49:38.184Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-12191 |
vulnerable | 2026-06-08 05:10:40.204874 |
Details available
Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.
Published: 2019-03-14T20:00:00.000Z
Updated: 2024-09-16T22:09:10.253Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-12190 |
vulnerable | 2026-06-08 05:10:40.204492 |
Details available
Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access.
Published: 2019-03-14T20:00:00.000Z
Updated: 2024-09-16T17:54:51.459Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-12189 |
vulnerable | 2026-06-08 05:10:40.204006 |
Details available
Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access.
Published: 2019-03-14T20:00:00.000Z
Updated: 2024-09-16T18:24:24.087Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-12188 |
vulnerable | 2026-06-08 05:10:40.203411 |
Details available
Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access.
Published: 2019-03-14T20:00:00.000Z
Updated: 2024-09-17T02:06:05.157Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-12185 |
vulnerable | 2026-06-08 05:10:40.201349 |
Details available
Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physical access.
Published: 2019-03-14T20:00:00.000Z
Updated: 2024-09-16T22:25:36.918Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-12147 |
vulnerable | 2026-06-08 05:10:39.880809 |
Details available
Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of privileges via local access.
Published: 2019-06-13T15:36:24.000Z
Updated: 2024-08-05T08:30:57.475Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.