cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-38102,https://securityvulnerability.io/vulnerability/CVE-2022-38102,Improper Input Validation in Intel Converged Security and Management Engine Affects User Access,"A flaw in the firmware of Intel Converged Security and Management Engine allows improperly validated inputs, enabling a privileged user to potentially induce a denial of service scenario through local access. This could result in operational disruptions if exploited, impacting system integrity and availability.",Intel,Intel(r) Converged Security And Management Engine,7.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-08-11T02:36:56.232Z,0
CVE-2021-33087,https://securityvulnerability.io/vulnerability/CVE-2021-33087,Improper Authentication in Intel NUC M15 Laptop Kit Management Engine Driver Pack,"The installer for the Intel NUC M15 Laptop Kit Management Engine Driver Pack prior to version 15.0.10.1508 contains a flaw that may allow an authenticated user to exploit local access, potentially leading to a denial of service condition. This issue underscores the importance of securing installation processes and highlights the need for timely updates to mitigate such risks.",Intel,Intel(r) Nuc M15 Laptop Kit Management Engine Driver Pack,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-11-17T18:53:57.000Z,0
CVE-2019-11097,https://securityvulnerability.io/vulnerability/CVE-2019-11097,Improper Directory Permissions in Intel Management Engine Driver,"The vulnerability involves improper directory permissions in the installer for Intel Management Engine Consumer Driver and TXE, potentially allowing an authenticated user to escalate privileges through local access. This can lead to unauthorized access and manipulation of system functionalities. Users are encouraged to update to the latest versions to mitigate potential risks.",Intel,Intel(r) Management Engine,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-12-18T21:08:22.000Z,0
CVE-2019-0093,https://securityvulnerability.io/vulnerability/CVE-2019-0093,Insufficient Data Sanitization Vulnerability in Intel CSME and SPS Systems,"A significant vulnerability in the Intel HECI subsystem affects the CSME and SPS products, due to insufficient data sanitization. This flaw allows a privileged user to potentially disclose sensitive information through local access. Users operating under these affected versions are urged to evaluate their systems and apply necessary updates to safeguard against potential exploits.",Intel,"Intel(r) Converged Security & Management Engine (csme), Intel(r) Server Platform Services (sps)",4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2019-0091,https://securityvulnerability.io/vulnerability/CVE-2019-0091,Code Injection Vulnerability in Intel CSME and TXE Products,"A code injection vulnerability exists in the installer for Intel CSME and Intel TXE, which may enable an unprivileged user to escalate their privileges through local access. Affected versions include CSME versions earlier than 11.8.65, 11.11.65, 11.22.65, and 12.0.35, as well as TXE versions prior to 3.1.65 and 4.0.15. Users are advised to update to the latest versions to mitigate this risk.",Intel,"Intel(r) Converged Security & Management Engine (csme), Intel (r) Trusted Execution Engine Interface (txe)",7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2019-0090,https://securityvulnerability.io/vulnerability/CVE-2019-0090,Insufficient Access Control in Intel(R) CSME and Server Platform Services,"An insufficient access control vulnerability exists in the Intel(R) CSME, TXE, and Server Platform Services prior to specific versions. This flaw could allow an unauthenticated user with physical access to exploit the vulnerability and potentially escalate privileges, posing significant security risks to affected systems.",Intel,"Intel(r) Converged Security & Management Engine (csme), Intel(r) Server Platform Services (sps)",7.1,HIGH,0.0007699999841861427,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2019-0153,https://securityvulnerability.io/vulnerability/CVE-2019-0153,Buffer Overflow Vulnerability in Intel CSME Products,"A buffer overflow vulnerability exists within the Intel CSME subsystem, present in versions 12.0.0 through 12.0.34. This flaw may allow an unauthenticated user to exploit the vulnerability remotely, potentially leading to privilege escalation. It is crucial for users of affected products to apply the recommended updates to mitigate associated risks.",Intel,Intel(r) Converged Security & Management Engine (csme),9.8,CRITICAL,0.0024399999529123306,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2019-0086,https://securityvulnerability.io/vulnerability/CVE-2019-0086,Insufficient Access Control in Intel Dynamic Application Loader Software,"An insufficient access control vulnerability exists in the Dynamic Application Loader for Intel software. Unprivileged users may exploit this vulnerability to escalate their privileges through local access, potentially compromising system integrity. The affected versions include Intel CSME prior to 11.8.65 and certain releases thereafter, as well as specific versions of Intel TXE.",Intel,"Intel(r) Converged Security & Management Engine (csme) Dynamic Application Loader, Intel (r) Trusted Execution Engine Interface (txe)",7.8,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2019-0098,https://securityvulnerability.io/vulnerability/CVE-2019-0098,Logic Bug Vulnerability in Intel CSME and TXE Products,"A logic bug has been identified in the Intel CSME before version 12.0.35 and Intel TXE before versions 3.1.65 and 4.0.15. This vulnerability allows an unauthenticated user with physical access to potentially escalate privileges, posing a significant security threat. Organizations using affected products should consider mitigations and updates to safeguard their systems from unauthorized access.",Intel,"Intel(r) Converged Security & Management Engine (csme), Intel (r) Trusted Execution Engine Interface (txe)",6.8,MEDIUM,0.0007399999885819852,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2018-12189,https://securityvulnerability.io/vulnerability/CVE-2018-12189,,"Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12199,https://securityvulnerability.io/vulnerability/CVE-2018-12199,,"Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",6.2,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12190,https://securityvulnerability.io/vulnerability/CVE-2018-12190,,"Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12200,https://securityvulnerability.io/vulnerability/CVE-2018-12200,,Insufficient access control in Intel(R) Capability Licensing Service before version 1.50.638.1 may allow an unprivileged user to potentially escalate privileges via local access.,Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12208,https://securityvulnerability.io/vulnerability/CVE-2018-12208,,"Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",7.6,HIGH,0.003539999946951866,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12191,https://securityvulnerability.io/vulnerability/CVE-2018-12191,,"Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",7.6,HIGH,0.003539999946951866,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12198,https://securityvulnerability.io/vulnerability/CVE-2018-12198,,Insufficient input validation in Intel(R) Server Platform Services HECI subsystem before version SPS_E5_04.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access.,Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",6,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12185,https://securityvulnerability.io/vulnerability/CVE-2018-12185,,"Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physical access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",6.8,MEDIUM,0.0009899999713525176,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12187,https://securityvulnerability.io/vulnerability/CVE-2018-12187,,"Insufficient input validation in Intel(R) Active Management Technology (Intel(R) AMT) before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially cause a denial of service via network access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",7.5,HIGH,0.0010999999940395355,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12188,https://securityvulnerability.io/vulnerability/CVE-2018-12188,,"Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",4.6,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12192,https://securityvulnerability.io/vulnerability/CVE-2018-12192,,"Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",6.8,MEDIUM,0.0012600000482052565,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12196,https://securityvulnerability.io/vulnerability/CVE-2018-12196,,"Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-3643,https://securityvulnerability.io/vulnerability/CVE-2018-3643,,"A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.",Intel,Intel(r) Converged Security And Management Engine (csme) And Intel(r) Server Platform Services Firmware,8.2,HIGH,0.0007699999841861427,false,,false,false,false,,,false,false,,2018-09-12T19:29:00.000Z,0
CVE-2018-3627,https://securityvulnerability.io/vulnerability/CVE-2018-3627,,Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.,Intel,Intel Converged Security Management Engine (intel Csme),8.2,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2018-07-10T21:00:00.000Z,0
CVE-2017-5708,https://securityvulnerability.io/vulnerability/CVE-2017-5708,,Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow unauthorized process to access privileged content via unspecified vector.,Intel,Manageability Engine,7.8,HIGH,0.0006200000061653554,false,,false,false,false,,,false,false,,2017-11-21T14:29:00.000Z,0
CVE-2017-5705,https://securityvulnerability.io/vulnerability/CVE-2017-5705,,Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code.,Intel,Manageability Engine,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-11-21T14:29:00.000Z,0