Insufficient input validation in HECI subsystem in Intel® CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of privileges via local access.
[
{
"product": "Intel(R) CSME Assets Advisory",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 11.21.55"
}
]
}
]