Integer Overflow Vulnerability in Intel CSME, TXE, and Server Platform Services
CVE-2020-0545

4.4MEDIUM

Key Information:

Vendor

Intel
Status
Intel(r) Csme, Intel(r) Txe, And Intel(r) Sps
Vendor
CVE Published:
15 June 2020

What is CVE-2020-0545?

An integer overflow vulnerability exists in the subsystem of Intel's CSME, TXE, and Server Platform Services. This flaw may be exploited by a privileged user with local access to potentially enable a denial of service condition, affecting the stability and performance of systems reliant on these products. Proper patching is crucial to mitigate the risk posed by this vulnerability.

Affected Version(s)

Intel(R) CSME, Intel(R) TXE, and Intel(R) SPS See provided reference

References

https://www.intel.com/content/www/us/en/security-center/a...
x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20200611-0006/
x_refsource_CONFIRM
https://www.intel.com/content/www/us/en/security-center/a...
x_refsource_MISC

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.