Intel Converged Security And Manageability Engine — known CVE vulnerabilities
Every CVE whose affected-product data names Intel Converged Security And Manageability Engine, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2020-12297 — CVSS 7.8 (high): Improper access control in Installer for Intel(R) CSME Driver for Windows versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40…
CVE-2020-12303 — CVSS 7.8 (high): Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and…
CVE-2020-8705 — CVSS 6.8 (medium): Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70…
CVE-2020-24516 — CVSS 6.8 (medium): Modification of assumed-immutable data in subsystem in Intel(R) CSME versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22 may allow…
CVE-2020-8745 — CVSS 6.8 (medium): Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40…
CVE-2020-8703 — CVSS 6.7 (medium): Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17…
CVE-2020-8756 — CVSS 6.7 (medium): Improper input validation in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a…
CVE-2020-8751 — CVSS 4.6 (medium): Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, Intel(R) TXE versions before 3.1.80 may allow…
CVE-2020-8761 — CVSS 4.6 (medium): Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30.10 may allow an unauthenticated user to…
CVE-2020-24506 — CVSS 4.4 (medium): Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a…
CVE-2020-24507 — CVSS 4.4 (medium): Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17…
CVE-2022-26047 — CVSS 4.3 (medium): Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow…