CVE-2018-12191
published 2019-03-14CVE-2018-12191: Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions…
high7.6CVSS 3.1
AVPACLPRNUINSCCHIHAH
Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| intel | converged_security_management_engine_firmware | >= 11.0 < 11.8.60 | 11.8.60 |
| intel | converged_security_management_engine_firmware | >= 11.10 < 11.11.60 | 11.11.60 |
| intel | converged_security_management_engine_firmware | >= 11.20 < 11.22.60 | 11.22.60 |
| intel | converged_security_management_engine_firmware | >= 12.0.0 < 12.0.20 | 12.0.20 |
| intel | server_platform_services_firmware | >= 4.00.04.367 < 4.00.04.383 | 4.00.04.383 |
| intel | server_platform_services_firmware | >= 4.01.00.152.0 < 4.01.02.174 | 4.01.02.174 |
| intel | trusted_execution_engine_firmware | >= 3.0 < 3.1.60 | 3.1.60 |
| intel | trusted_execution_engine_firmware | >= 4.0 < 4.0.10 | 4.0.10 |