Intel Trusted Execution Technology vulnerabilities
7 known vulnerabilities affecting intel/trusted_execution_technology.
Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2020-12303HIGHCVSS 7.8v3.1.80v4.0.302020-11-12
CVE-2020-12303 [HIGH] CWE-416 CVE-2020-12303: Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.
Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access.
nvd
CVE-2020-12297HIGHCVSS 7.8v3.1.80v4.0.302020-11-12
CVE-2020-12297 [HIGH] CVE-2020-12297: Improper access control in Installer for Intel(R) CSME Driver for Windows versions before 11.8.80, 1
Improper access control in Installer for Intel(R) CSME Driver for Windows versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access.
nvd
CVE-2020-8745MEDIUMCVSS 6.8fixed in 3.1.80≥ 4.0, < 4.0.302020-11-12
CVE-2020-8745 [MEDIUM] CVE-2020-8745: Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.8
Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
nvd
CVE-2020-8751MEDIUMCVSS 4.6fixed in 3.1.802020-11-12
CVE-2020-8751 [MEDIUM] CVE-2020-8751: Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, Intel(R
Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, Intel(R) TXE versions before 3.1.80 may allow an unauthenticated user to potentially enable information disclosure via physical access.
nvd
CVE-2020-8705MEDIUMCVSS 6.8v3.1.80v4.0.302020-11-12
CVE-2020-8705 [MEDIUM] CWE-1188 CVE-2020-8705: Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before
Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30, Intel(R) SPS versions before E5_04.01.04.400, E3_04.01.04.200, SoC-X_04.00.04.200 and SoC-A_04.00.04.300 may allow an unauthent
nvd
CVE-2019-0091HIGHCVSS 7.8≥ 3.1.0, < 3.1.65≥ 4.0, < 4.0.152019-05-17
CVE-2019-0091 [HIGH] CWE-94 CVE-2019-0091: Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22
Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.
nvd
CVE-2009-0066HIGHCVSS 7.6v_nil_2009-01-07
CVE-2009-0066 [HIGH] CVE-2009-0066: Multiple unspecified vulnerabilities in Intel system software for Trusted Execution Technology (TXT)
Multiple unspecified vulnerabilities in Intel system software for Trusted Execution Technology (TXT) allow attackers to bypass intended loader integrity protections, as demonstrated by exploitation of tboot. NOTE: as of 20090107, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it i
nvd