CVE Vulnerabilities

CVE-2019-11110

Published: Dec 18, 2019 | Modified: Aug 24, 2020
CVSS 3.x
6.7
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access.

Affected Software

Name Vendor Start Version End Version
Converged_security_management_engine_firmware Intel 11.0 *
Converged_security_management_engine_firmware Intel 11.10 *
Converged_security_management_engine_firmware Intel 11.20 *
Converged_security_management_engine_firmware Intel 12.0 *
Converged_security_management_engine_firmware Intel 13.0 *
Converged_security_management_engine_firmware Intel 14.0.0 *
Trusted_execution_engine_firmware Intel 3.0 *
Trusted_execution_engine_firmware Intel 4.0 *

References