cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-38102,https://securityvulnerability.io/vulnerability/CVE-2022-38102,Improper Input Validation in Intel Converged Security and Management Engine Affects User Access,"A flaw in the firmware of Intel Converged Security and Management Engine allows improperly validated inputs, enabling a privileged user to potentially induce a denial of service scenario through local access. This could result in operational disruptions if exploited, impacting system integrity and availability.",Intel,Intel(r) Converged Security And Management Engine,7.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-08-11T02:36:56.232Z,0
CVE-2019-0086,https://securityvulnerability.io/vulnerability/CVE-2019-0086,Insufficient Access Control in Intel Dynamic Application Loader Software,"An insufficient access control vulnerability exists in the Dynamic Application Loader for Intel software. Unprivileged users may exploit this vulnerability to escalate their privileges through local access, potentially compromising system integrity. The affected versions include Intel CSME prior to 11.8.65 and certain releases thereafter, as well as specific versions of Intel TXE.",Intel,"Intel(r) Converged Security & Management Engine (csme) Dynamic Application Loader, Intel (r) Trusted Execution Engine Interface (txe)",7.8,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2019-0090,https://securityvulnerability.io/vulnerability/CVE-2019-0090,Insufficient Access Control in Intel(R) CSME and Server Platform Services,"An insufficient access control vulnerability exists in the Intel(R) CSME, TXE, and Server Platform Services prior to specific versions. This flaw could allow an unauthenticated user with physical access to exploit the vulnerability and potentially escalate privileges, posing significant security risks to affected systems.",Intel,"Intel(r) Converged Security & Management Engine (csme), Intel(r) Server Platform Services (sps)",7.1,HIGH,0.0007699999841861427,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2019-0098,https://securityvulnerability.io/vulnerability/CVE-2019-0098,Logic Bug Vulnerability in Intel CSME and TXE Products,"A logic bug has been identified in the Intel CSME before version 12.0.35 and Intel TXE before versions 3.1.65 and 4.0.15. This vulnerability allows an unauthenticated user with physical access to potentially escalate privileges, posing a significant security threat. Organizations using affected products should consider mitigations and updates to safeguard their systems from unauthorized access.",Intel,"Intel(r) Converged Security & Management Engine (csme), Intel (r) Trusted Execution Engine Interface (txe)",6.8,MEDIUM,0.0007399999885819852,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2019-0091,https://securityvulnerability.io/vulnerability/CVE-2019-0091,Code Injection Vulnerability in Intel CSME and TXE Products,"A code injection vulnerability exists in the installer for Intel CSME and Intel TXE, which may enable an unprivileged user to escalate their privileges through local access. Affected versions include CSME versions earlier than 11.8.65, 11.11.65, 11.22.65, and 12.0.35, as well as TXE versions prior to 3.1.65 and 4.0.15. Users are advised to update to the latest versions to mitigate this risk.",Intel,"Intel(r) Converged Security & Management Engine (csme), Intel (r) Trusted Execution Engine Interface (txe)",7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2019-0093,https://securityvulnerability.io/vulnerability/CVE-2019-0093,Insufficient Data Sanitization Vulnerability in Intel CSME and SPS Systems,"A significant vulnerability in the Intel HECI subsystem affects the CSME and SPS products, due to insufficient data sanitization. This flaw allows a privileged user to potentially disclose sensitive information through local access. Users operating under these affected versions are urged to evaluate their systems and apply necessary updates to safeguard against potential exploits.",Intel,"Intel(r) Converged Security & Management Engine (csme), Intel(r) Server Platform Services (sps)",4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2019-0153,https://securityvulnerability.io/vulnerability/CVE-2019-0153,Buffer Overflow Vulnerability in Intel CSME Products,"A buffer overflow vulnerability exists within the Intel CSME subsystem, present in versions 12.0.0 through 12.0.34. This flaw may allow an unauthenticated user to exploit the vulnerability remotely, potentially leading to privilege escalation. It is crucial for users of affected products to apply the recommended updates to mitigate associated risks.",Intel,Intel(r) Converged Security & Management Engine (csme),9.8,CRITICAL,0.0024399999529123306,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2018-3643,https://securityvulnerability.io/vulnerability/CVE-2018-3643,,"A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.",Intel,Intel(r) Converged Security And Management Engine (csme) And Intel(r) Server Platform Services Firmware,8.2,HIGH,0.0007699999841861427,false,,false,false,false,,,false,false,,2018-09-12T19:29:00.000Z,0