cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-34424,https://securityvulnerability.io/vulnerability/CVE-2023-34424,Potential Local Access Denial of Service Vulnerability in Intel CSME Firmware,"A vulnerability exists in the firmware of certain Intel CSME versions due to improper input validation. This flaw may allow a privileged user to potentially execute a denial of service attack with local access, impacting the system's functionality. Maintaining robust security practices and applying firmware updates is essential for mitigating associated risks.",Intel(R),Intel(r) Csme,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-14T13:45:42.453Z,0
CVE-2024-21844,https://securityvulnerability.io/vulnerability/CVE-2024-21844,Unauthenticated Denial of Service Vulnerability in Intel(R) CSME Firmware,Integer overflow in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable denial of service via adjacent access.,Intel(R),Intel(r) Csme,4.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-14T13:45:41.918Z,0
CVE-2023-48361,https://securityvulnerability.io/vulnerability/CVE-2023-48361,Potential Firmware Vulnerability Allows Privileged User to Disclose Information via Local Access,Improper initialization in firmware for some Intel(R) CSME may allow a privileged user to potentially enable information disclosure via local access.,Intel(R),Intel(r) Csme,2.3,LOW,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-14T13:45:41.346Z,0
CVE-2023-40067,https://securityvulnerability.io/vulnerability/CVE-2023-40067,Physical Access Vulnerability Affects Intel CSME Firmware,"A flaw in the firmware of Intel's Converged Security Management Engine (CSME) poses a significant risk, as it allows for unchecked return values. This vulnerability can potentially enable an unauthenticated user to exploit physical access to escalate privileges within the affected systems. As the attacker may initiate unauthorized actions, immediate updates and security measures are advisable for users of impacted Intel CSME firmware to safeguard their systems against potential threats. For detailed information, refer to the Intel security advisory.",Intel,Intel(r) Csme,5.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-14T13:45:40.037Z,0
CVE-2023-32633,https://securityvulnerability.io/vulnerability/CVE-2023-32633,Potential Escalation of Privilege Vulnerability in Intel CSME Installer Software,A vulnerability exists in Intel CSME installer software prior to version 2328.5.5.0 due to improper input validation. This flaw may allow an authenticated user to exploit the issue and potentially escalate privileges through local access. System administrators and users should review affected versions and consider applying necessary updates to mitigate risks associated with this vulnerability.,Intel,Intel(r) Csme Installer Software,6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-14T16:45:49.120Z,0
CVE-2023-28389,https://securityvulnerability.io/vulnerability/CVE-2023-28389,Potential Escalation of Privilege Vulnerability in Intel CSME Installer Software,"A security vulnerability exists in Intel CSME installer software versions prior to 2328.5.5.0 due to incorrect default permissions. This flaw allows an authenticated user to potentially escalate privileges through local access. If exploited, it could grant unauthorized access to sensitive system resources, thereby undermining the security posture of affected systems. Users are advised to update to the latest version to mitigate the risk associated with this vulnerability. For additional information, please refer to Intel's advisory.",Intel,Intel(r) Csme Installer Software,6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-14T16:45:48.448Z,0
CVE-2022-29871,https://securityvulnerability.io/vulnerability/CVE-2022-29871,Improper Access Control in Intel CSME Software Installer,"The CSME software installer from Intel contains an improper access control vulnerability which may permit an authenticated user to escalate privileges through local access. This weakness affects versions prior to 2239.3.7.0, potentially leading to unauthorized actions within the system. It's essential for users to update to the latest version to mitigate this risk.",Intel,Intel(r) Csme Software Installer,6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-08-11T02:36:56.839Z,0
CVE-2022-36392,https://securityvulnerability.io/vulnerability/CVE-2022-36392,Improper Input Validation in Intel AMT and Standard Manageability Firmware,"The vulnerability arises from improper input validation present in specific firmware versions for Intel(R) AMT and Intel(R) Standard Manageability. This flaw may allow an unauthenticated user to perform actions that could result in a denial of service via network access, potentially disrupting the functionality of affected systems. Users and administrators should ensure their firmware is updated to the latest versions to mitigate this risk and maintain secure operations.",Intel,Intel(r) Amt And Intel(r) Standard Manageability In Intel (r) Csme,8.6,HIGH,0.001069999998435378,false,,false,false,false,,,false,false,,2023-08-11T02:36:55.653Z,0
CVE-2022-26047,https://securityvulnerability.io/vulnerability/CVE-2022-26047,Improper Input Validation in Intel Wireless Products,"An improper input validation flaw exists in certain Intel wireless products, including Intel PROSet/Wireless WiFi, Intel vPro CSME WiFi, and Killer WiFi. This vulnerability could potentially allow an unauthenticated user to trigger a denial of service condition by gaining local access. Users of the affected products are advised to implement necessary mitigations as outlined in Intel's security advisory.",Intel,"Intel(r) Proset/wireless Wifi, Intel Vpro(r) Csme Wifi And Killer(tm) Wifi Products",6.5,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-11-11T15:49:13.792Z,0
CVE-2020-24506,https://securityvulnerability.io/vulnerability/CVE-2020-24506,Out of Bound Read in Intel CSME Affecting Multiple Versions,"An out-of-bounds read vulnerability exists in Intel's CSME subsystem that may allow a privileged user to access sensitive information through local access. This flaw affects multiple Intel CSME versions prior to specified updates, potentially leading to information disclosure if exploited. For detailed information and mitigation steps, refer to Intel's advisory and related security documents.",Intel,Intel(r) Csme Versions,4.4,MEDIUM,0.00046999999904073775,false,,false,false,false,,,false,false,,2021-06-09T18:48:44.000Z,0
CVE-2020-8703,https://securityvulnerability.io/vulnerability/CVE-2020-8703,Buffer Restriction Flaw in Intel CSME Products,"An improper buffer restriction issue exists within the Intel CSME subsystem, affecting multiple versions prior to 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, and 15.0.22. This flaw allows a privileged user with local access to potentially escalate their privileges, posing serious security risks to system integrity. Users are encouraged to update to the latest versions to mitigate the risk associated with this vulnerability.",Intel,Intel(r) Csme Versions,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-09T18:48:39.000Z,0
CVE-2020-24516,https://securityvulnerability.io/vulnerability/CVE-2020-24516,Privilege Escalation Vulnerability in Intel CSME Software,"A vulnerability exists in Intel's CSME software that may allow an unauthenticated user to modify data that is assumed to be immutable. This could potentially lead to privilege escalation through physical access to the affected systems. To mitigate the risks associated with this issue, it is essential for users to apply the latest firmware updates provided by Intel, which address this security flaw and improve overall system integrity.",Intel,Intel(r) Csme Versions,6.8,MEDIUM,0.0007699999841861427,false,,false,false,false,,,false,false,,2021-06-09T18:47:56.000Z,0
CVE-2020-24507,https://securityvulnerability.io/vulnerability/CVE-2020-24507,Information Disclosure Vulnerability in Intel CSME Products,"Improper initialization in a subsystem of Intel CSME could allow a privileged user to potentially exploit local access, leading to potential information disclosure. This vulnerability exists in multiple versions of Intel CSME, permitting unauthorized users to access sensitive information if exploited. It highlights the importance of maintaining updated security practices to mitigate such risks.",Intel,Intel(r) Csme Versions,4.4,MEDIUM,0.00046999999904073775,false,,false,false,false,,,false,false,,2021-06-09T18:47:46.000Z,0
CVE-2020-8755,https://securityvulnerability.io/vulnerability/CVE-2020-8755,Race Condition Vulnerability in Intel CSME and SPS Products,"A race condition exists in the Intel CSME and SPS subsystems that may allow an unauthenticated user with physical access to escalate their privileges. Affected versions of these products could potentially be exploited, resulting in significant security risks. Organizations should review the Intel security advisories for mitigation strategies and updates to prevent exploitation.",Intel,"Intel(r) Csme, Intel(r) Sps",6.4,MEDIUM,0.0012100000167265534,false,,false,false,false,,,false,false,,2020-11-12T18:09:17.000Z,0
CVE-2020-8761,https://securityvulnerability.io/vulnerability/CVE-2020-8761,Inadequate Encryption in Intel CSME Versions Prior to 13.0.40,"A vulnerability exists in the subsystem for Intel CSME, specifically in versions before 13.0.40 and 13.30.10. This flaw allows an unauthenticated user with physical access to the system to exploit weak encryption mechanisms. As a result, there is potential for unauthorized information disclosure, raising concerns about data protection and system integrity. Organizations using affected versions must take immediate action to mitigate risks associated with this vulnerability.",Intel,Intel(r) Csme,4.6,MEDIUM,0.0006399999838322401,false,,false,false,false,,,false,false,,2020-11-12T18:08:46.000Z,0
CVE-2020-8751,https://securityvulnerability.io/vulnerability/CVE-2020-8751,Insufficient Control Flow Management in Intel CSME and TXE Products,"The vulnerability arises from insufficient control flow management in the Intel CSME and TXE subsystems. This flaw potentially allows an unauthenticated user to gain access to sensitive information through physical access, posing a security risk for systems utilizing affected versions of these technologies. It is essential for users and organizations to ensure they are running the latest firmware updates to mitigate any potential risks.",Intel,"Intel(r) Csme, Intel(r) Txe",4.6,MEDIUM,0.0010600000387057662,false,,false,false,false,,,false,false,,2020-11-12T18:08:23.000Z,0
CVE-2020-8756,https://securityvulnerability.io/vulnerability/CVE-2020-8756,Improper Input Validation in Intel(R) CSME Products,"Improper input validation in the Intel(R) CSME subsystem across specific versions allows a privileged user to potentially escalate privileges through local access. This raises concerns regarding the security of systems utilizing affected CSME versions, making it essential for users to update to the latest versions to mitigate potential risks. The vulnerability highlights the importance of rigorous input validation mechanisms in maintaining system integrity and security.",Intel,Intel(r) Csme,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-11-12T18:07:46.000Z,0
CVE-2020-12303,https://securityvulnerability.io/vulnerability/CVE-2020-12303,Use After Free Vulnerability in Intel CSME and TXE Products,"A use after free vulnerability in the Data Access Layer (DAL) subsystem of Intel's CSME and TXE products could potentially allow an authenticated user to escalate their privileges through local access. This issue affects multiple versions of CSME and TXE, making it crucial for users to ensure they are operating on supported and updated versions to mitigate the risks associated with this vulnerability.",Intel,"Intel(r) Csme, Intel(r) Txe",7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-11-12T18:07:22.000Z,0
CVE-2020-8705,https://securityvulnerability.io/vulnerability/CVE-2020-8705,Insecure Initialization in Intel Boot Guard and Management Engine,"This vulnerability involves insecure default initialization in Intel's Boot Guard and various CSME versions. It may allow an unauthenticated individual with physical access to potentially escalate privileges, posing a significant security risk. Versions prior to specified releases are at risk, underlining the importance of timely software updates to mitigate potential threats.",Intel,"Intel(r) Boot Guard, Intel(r) Csme, Intel(r) Txe, Intel(r) Sps",6.8,MEDIUM,0.0020000000949949026,false,,false,false,false,,,false,false,,2020-11-12T18:06:24.000Z,0
CVE-2020-8744,https://securityvulnerability.io/vulnerability/CVE-2020-8744,Improper Initialization in Intel CSME and TXE Products,"An improper initialization vulnerability exists in the Intel Common Smart Management Engine (CSME) and Intel Trusted Execution Engine (TXE) versions. This flaw may allow a privileged local user to potentially escalate their privileges, leading to unauthorized actions within the affected systems. It is crucial for users and administrators to understand the implications of this vulnerability and apply the necessary updates to mitigate risks. Reference links provide further details for remediation strategies.",Intel,"Intel(r) Csme Versions, Intel(r) Txe, Intel(r) Sps",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-11-12T18:06:17.000Z,0
CVE-2020-8745,https://securityvulnerability.io/vulnerability/CVE-2020-8745,Insufficient Control Flow Management in Intel CSME and TXE Products,"This vulnerability arises from insufficient control flow management in Intel's CSME and TXE subsystems. An unauthenticated user with physical access could potentially exploit this weakness to escalate privileges, thereby gaining unauthorized control over the system. Effective mitigation requires upgrading to the recommended versions specified by Intel to ensure protection against potential exploitation.",Intel,"Intel(r) Csme, Intel(r) Txe",6.8,MEDIUM,0.0011699999449774623,false,,false,false,false,,,false,false,,2020-11-12T18:06:09.000Z,0
CVE-2020-12297,https://securityvulnerability.io/vulnerability/CVE-2020-12297,Improper Access Control in Intel CSME Driver for Windows Software,"The vulnerability in the Installer for Intel CSME Driver for Windows stems from improper access control, allowing an authenticated user to potentially escalate privileges through local access. Affected versions span across various iterations of the driver, urging users to apply the recommended updates to mitigate potential local exploits. For further technical details, refer to Intel's security advisory.",Intel,"Intel(r) Csme, Intel Txe",7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-11-12T18:05:39.000Z,0
CVE-2020-0539,https://securityvulnerability.io/vulnerability/CVE-2020-0539,Path Traversal in Intel DAL and TXE Software,"The vulnerability allows an unprivileged user to exploit a path traversal issue within the Intel DAL and TXE software. This security flaw may result in the potential enablement of denial of service through local access, impacting system stability and performance. The affected software versions prior to specified thresholds must be updated to protect against this issue.",Intel,Intel(r) Amt And Intel(r) Csme,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-06-15T14:01:05.000Z,0
CVE-2020-0545,https://securityvulnerability.io/vulnerability/CVE-2020-0545,"Integer Overflow Vulnerability in Intel CSME, TXE, and Server Platform Services","An integer overflow vulnerability exists in the subsystem of Intel's CSME, TXE, and Server Platform Services. This flaw may be exploited by a privileged user with local access to potentially enable a denial of service condition, affecting the stability and performance of systems reliant on these products. Proper patching is crucial to mitigate the risk posed by this vulnerability.",Intel,"Intel(r) Csme, Intel(r) Txe, And Intel(r) Sps",4.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-06-15T14:00:40.000Z,0
CVE-2020-0536,https://securityvulnerability.io/vulnerability/CVE-2020-0536,Input Validation Flaw in Intel CSME and TXE Products,"An improper input validation vulnerability exists in the DAL subsystem of Intel's CSME and TXE products, which could allow an unauthenticated user to potentially exploit the flaw via network access. This could lead to unauthorized information disclosure, exposing sensitive data and creating additional security risks. Users of affected product versions should prioritize updates to mitigate the risk associated with this vulnerability.",Intel,Intel(r) Csme,7.5,HIGH,0.002240000059828162,false,,false,false,false,,,false,false,,2020-06-15T14:00:25.000Z,0