Vulnerability Details CVE-2019-0165
Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.5%
CVSS Severity
CVSS v3 Score 4.4
CVSS v2 Score 2.1
References
Products affected by CVE-2019-0165
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:12.0
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:12.0.0
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:12.0.10
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:12.0.20
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:12.0.35
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:12.0.5
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:13.0
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:13.0.0
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:14.0.0