Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL-SA-00125 Detection Tool version 1.0.45.0 or before may allow an authenticated user to potentially enable escalation of privilege via local access.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Intel-sa-00125_detection_tool | Intel | * | 1.0.45.0 (including) |
| Sa-00086_detection_tool | Intel | * | 1.2.7.0 (including) |
| Converged_security_management_engine_firmware | Intel | 11.0 (including) | 11.8.70 (excluding) |
| Converged_security_management_engine_firmware | Intel | 11.10 (including) | 11.11.70 (excluding) |
| Converged_security_management_engine_firmware | Intel | 11.20 (including) | 11.22.70 (excluding) |
| Converged_security_management_engine_firmware | Intel | 12.0 (including) | 12.0.45 (excluding) |
| Converged_security_management_engine_firmware | Intel | 13.0 (including) | 13.0.0 (excluding) |
| Converged_security_management_engine_firmware | Intel | 14.0.0 (including) | 14.0.10 (excluding) |
| Trusted_execution_engine_firmware | Intel | 3.0 (including) | 3.1.70 (excluding) |
| Trusted_execution_engine_firmware | Intel | 4.0 (including) | 4.0.20 (excluding) |