CVE Vulnerabilities

CVE-2020-12297

Published: Nov 12, 2020 | Modified: Jul 21, 2021
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Improper access control in Installer for Intel(R) CSME Driver for Windows versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access.

Affected Software

Name Vendor Start Version End Version
Converged_security_and_manageability_engine Intel * 11.8.80 (excluding)
Converged_security_and_manageability_engine Intel 11.12.0 (including) 11.12.80 (excluding)
Converged_security_and_manageability_engine Intel 11.22.0 (including) 11.22.80 (excluding)
Converged_security_and_manageability_engine Intel 12.0 (including) 12.0.70 (excluding)
Converged_security_and_manageability_engine Intel 14.0 (including) 14.0.45 (excluding)
Converged_security_and_manageability_engine Intel 14.5.0 (including) 14.5.25 (excluding)

References