CVE-2018-12208 (converged_security_management_engine_firmware, server_platform_services_firmware, trusted_execution_engine_firmware)

Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version may allow an unauthenticated user to potentially execute arbitrary code via physical access.
Source: NIST

Leave a Reply

Your email address will not be published. Required fields are marked *