CVE-2019-0170 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Intel Converged Security Management Engine Firmware

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
6.7MEDIUMNVD
EPSS
0.1%
top 78.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Converged Security Management Engine Firmware
Timeline
PublishedMay 17
Latest updateMay 24

Description

Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-wj7f-g5mv-8r59: Buffer overflow in subsystem in Intel(R) DAL before version 12↗2022-05-24
â–¶
CVEList
CVE-2019-0170: Buffer overflow in subsystem in Intel(R) DAL before version 12↗2019-05-17
â–¶
CVE-2019-0170 — Intel vulnerability | cvebase