Privilege Escalation Vulnerability in Intel(R) CSME, Intel® Server Platform Services, and Intel® Trusted Execution Engine Firmware

Privilege Escalation Vulnerability in Intel(R) CSME, Intel® Server Platform Services, and Intel® Trusted Execution Engine Firmware

CVE-2018-12147 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of privileges via local access.

Learn more about our Cis Benchmark Audit For Server Software.