K12445504 : Intel CSME vulnerabilities CVE-2020-0541, CVE-2020-0542, CVE-2020-0545

2020-06-1800:00:00

my.f5.com

AI Score

6.3

Confidence

High

EPSS

Percentile

14.2%

JSON

Security Advisory Description

CVE-2020-0541

Out-of-bounds write in subsystem for Intel® CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow a privileged user to potentially enable escalation of privilege via local access.

CVE-2020-0542

Improper buffer restrictions in subsystem for Intel® CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.

CVE-2020-0545

Integer overflow in subsystem for Intel® CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel® TXE versions before 3.1.75, 4.0.25 and Intel® Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0, SPS_E3_04.01.04.109.0, SPS_E3_04.08.04.070.0 may allow a privileged user to potentially enable denial of service via local access.

Impact

There is no impact; F5 products are not affected by this vulnerability.