CVE-2020-0542

CVE Database · CVE-2020-0542

CVE-2020-0542

· HIGHModified

CVSS v3.1

7.8

EPSS

0.40%

Published

Jun 15, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products (7)

intel · converged_security_management_engine_firmware (up to 11.8.77)vulnerable

intel · converged_security_management_engine_firmware (up to 11.12.77)vulnerable

intel · converged_security_management_engine_firmware (up to 11.22.77)vulnerable

intel · converged_security_management_engine_firmware (up to 12.0.64)vulnerable

intel · converged_security_management_engine_firmware (up to 13.0.32)vulnerable

intel · converged_security_management_engine_firmware (up to 14.0.33)vulnerable

intel · converged_security_management_engine_firmwarevulnerable

References (8)

https://security.netapp.com/advisory/ntap-20200611-0006/