Security Vulnerabilities - CVEs Published In September 2018
A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.
CVSS Score
7.3
EPSS Score
0.002
Published
2018-09-12
Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.
CVSS Score
6.7
EPSS Score
0.003
Published
2018-09-12
Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.
CVSS Score
5.3
EPSS Score
0.011
Published
2018-09-12
Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially execute code or disclose information as administrator via local access.
CVSS Score
6.7
EPSS Score
0.001
Published
2018-09-12
Buffer overflow in installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially cause a buffer overflow potentially leading to a denial of service via local access.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-09-12
DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access.
CVSS Score
5.3
EPSS Score
0.0
Published
2018-09-12
Directory permissions in the Intel OpenVINO Toolkit for Windows before version 2018.1.265 may allow an authenticated user to potentially execute code using default directory permissions via local access.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-09-12
A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-09-12
Privilege escalation in file permissions in Intel Computing Improvement Program before version 2.2.0.03942 may allow an authenticated user to potentially execute code as administrator via local access.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-09-12
Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network.
CVSS Score
9.8
EPSS Score
0.007
Published
2018-09-12