Intel Trusted Execution Engine Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Intel Trusted Execution Engine Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (27)
CVE-2019-0169 — CVSS 8.8 (high): Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and…
CVE-2017-5707 — CVSS 7.8 (high): Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to…
CVE-2017-5710 — CVSS 7.8 (high): Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged…
CVE-2019-11147 — CVSS 7.8 (high): Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70…
CVE-2019-11104 — CVSS 7.8 (high): Insufficient input validation in MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and…
CVE-2019-11097 — CVSS 7.8 (high): Improper directory permissions in the installer for Intel(R) Management Engine Consumer Driver for Windows before versions 11.8.70…
CVE-2019-0086 — CVSS 7.8 (high): Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65…
CVE-2018-12208 — CVSS 7.6 (high): Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before…
CVE-2018-12191 — CVSS 7.6 (high): Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services…
CVE-2020-0536 — CVSS 7.5 (high): Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and…
CVE-2018-3655 — CVSS 7.3 (high): A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted…
CVE-2020-0566 — CVSS 6.8 (medium): Improper Access Control in subsystem for Intel(R) TXE versions before 3.175 and 4.0.25 may allow an unauthenticated user to potentially…
CVE-2018-3659 — CVSS 6.8 (medium): A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may allow an…
CVE-2019-0098 — CVSS 6.8 (medium): Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an…
CVE-2018-12147 — CVSS 6.7 (medium): Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version…
CVE-2019-11087 — CVSS 6.7 (medium): Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10…
CVE-2018-12190 — CVSS 6.7 (medium): Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before…
CVE-2019-11106 — CVSS 6.7 (medium): Insufficient session validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE…
CVE-2019-11110 — CVSS 6.7 (medium): Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10…
CVE-2018-12199 — CVSS 6.2 (medium): Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60…
CVE-2019-11090 — CVSS 5.9 (medium): Cryptographic timing conditions in the subsystem for Intel(R) PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10…
CVE-2020-0539 — CVSS 5.5 (medium): Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32…
CVE-2018-12188 — CVSS 4.6 (medium): Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or…
CVE-2019-11101 — CVSS 4.4 (medium): Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10…
CVE-2019-0168 — CVSS 4.4 (medium): Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions…
CVE-2018-12189 — CVSS 4.4 (medium): Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE…
CVE-2019-11102 — CVSS 4.4 (medium): Insufficient input validation in Intel(R) DAL software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and…