CVE-2018-12191 (converged_security_management_engine_firmware, server_platform_services_firmware, trusted_execution_engine_firmware)

Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions or SPS, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.
Source: NIST

Leave a Reply

Your email address will not be published. Required fields are marked *