Buffer Overflow Vulnerability in Intel CSME Products
CVE-2019-0153
9.8CRITICAL
Key Information:
- Vendor
- Intel
- Vendor
- CVE Published:
- 17 May 2019
Summary
A buffer overflow vulnerability exists within the Intel CSME subsystem, present in versions 12.0.0 through 12.0.34. This flaw may allow an unauthenticated user to exploit the vulnerability remotely, potentially leading to privilege escalation. It is crucial for users of affected products to apply the recommended updates to mitigate associated risks.
Affected Version(s)
Intel(R) Converged Security & Management Engine (CSME) Versions before 12.0.35.
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved