Intel Manageability Engine Firmware 9.1.41.3024

CPE Details

Intel Manageability Engine Firmware 9.1.41.3024
intel
manageability_engine_firmware
9.1.41.3024
2017-12-05
17h47 +00:00
2021-05-25
19h28 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:o:intel:manageability_engine_firmware:9.1.41.3024:*:*:*:*:*:*:*

Informations

Vendor

intel

Product

manageability_engine_firmware

Version

9.1.41.3024

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2018-3616 2018-09-12 19h00 +00:00 Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.
5.9
Moyen
CVE-2018-3657 2018-09-12 19h00 +00:00 Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.
6.7
Moyen
CVE-2018-3658 2018-09-12 19h00 +00:00 Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.
5.3
Moyen
CVE-2017-5711 2017-11-21 14h00 +00:00 Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.
7.8
Haute
CVE-2017-5712 2017-11-21 14h00 +00:00 Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege.
7.2
Haute
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC) sont maintenues par MITRE Corporation, et les informations sur les configurations logicielles et matérielles (CPE) proviennent du NVD.