exploitDog

GHSA-2vhx-cw73-6rc9

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.6

Описание

Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access.

Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access.

Ссылки

EPSS

Процентиль: 56%

0.00332

Низкий

7.6 High

CVSS3

CVE ID

Дефекты

CWE-119

Связанные уязвимости

CVE-2018-12208

CVSS3: 7.6

nvd

почти 7 лет назад

Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access.

BDU:2019-01177

CVSS3: 7.1

fstec

почти 7 лет назад

Уязвимость подсистемы HECI микропрограммного обеспечения Intel Converged Security and Manageability Engine, Intel Trusted Execution Engine и Intel Server Platform Services, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 56%

0.00332

Низкий

7.6 High

CVSS3

CVE ID

Дефекты

CWE-119