Vulnerability Details CVE-2020-0545
Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0, SPS_E3_04.01.04.109.0, SPS_E3_04.08.04.070.0 may allow a privileged user to potentially enable denial of service via local access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.9%
CVSS Severity
CVSS v3 Score 4.4
CVSS v2 Score 2.1
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf
- https://kc.mcafee.com/corporate/index?page=content&id=SB10321
- https://security.netapp.com/advisory/ntap-20200611-0006/
- https://support.lenovo.com/de/en/product_security/len-30041
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html
- https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf
- https://kc.mcafee.com/corporate/index?page=content&id=SB10321
- https://security.netapp.com/advisory/ntap-20200611-0006/
- https://support.lenovo.com/de/en/product_security/len-30041
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html
Products affected by CVE-2020-0545
-
cpe:2.3:a:intel:server_platform_services:*
-
cpe:2.3:a:intel:server_platform_services:sps_e3_04.01.04.054.0
-
cpe:2.3:a:intel:server_platform_services:sps_e5_04.00.04.381.0
-
cpe:2.3:a:intel:server_platform_services:sps_soc-a_04.00.04.181.0
-
cpe:2.3:a:intel:server_platform_services:sps_soc-x_04.00.04.086.0
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.10
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.11.50
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.11.55
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.11.60
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.11.65
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.11.70
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.11.77
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.11.79
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.20
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.21.51
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.22.0
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.22.60
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.22.65
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.22.70
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.8.50
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.8.55
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.8.60
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.8.65
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.8.70
-
cpe:2.3:o:intel:trusted_execution_engine:*
-
cpe:2.3:o:intel:trusted_execution_engine:3.0