CVE-2020-0545

CVE Database · CVE-2020-0545

CVE-2020-0545

· MEDIUMModified

CVSS v3.1

4.4

EPSS

0.39%

Published

Jun 15, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0, SPS_E3_04.01.04.109.0, SPS_E3_04.08.04.070.0 may allow a privileged user to potentially enable denial of service via local access.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Weaknesses (CWE)

CWE-190

Affected Products (10)

intel · converged_security_management_engine_firmware (up to 11.8.77)vulnerable

intel · converged_security_management_engine_firmware (up to 11.12.77)vulnerable

intel · converged_security_management_engine_firmware (up to 11.22.77)vulnerable

intel · server_platform_services (up to sps_e3_04.01.04.109.0)vulnerable

intel · server_platform_services (up to sps_e3_04.08.04.070.0)vulnerable

intel · server_platform_services (up to sps_e5_04.01.04.380.0)vulnerable

intel · server_platform_services (up to sps_soc-a_04.00.04.211.0)vulnerable