Insufficient Access Control in Intel(R) CSME and Server Platform Services
CVE-2019-0090
7.1HIGH
Key Information:
- Vendor
Intel
- Status
- Vendor
- CVE Published:
- 17 May 2019
What is CVE-2019-0090?
An insufficient access control vulnerability exists in the Intel(R) CSME, TXE, and Server Platform Services prior to specific versions. This flaw could allow an unauthenticated user with physical access to exploit the vulnerability and potentially escalate privileges, posing significant security risks to affected systems.
Affected Version(s)
Intel(R) Converged Security & Management Engine (CSME), Intel(R) Server Platform Services (SPS) CSME before version 12.0.35, Intel(R) SPS before version SPS_E3_05.00.04.027.0