CVE-2018-12190 (converged_security_management_engine_firmware, trusted_execution_engine_firmware)

Insufficient input validation in Intel CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially execute arbitrary code via local access.
Source: NIST

Leave a Reply

Your email address will not be published. Required fields are marked *