Arbitrary Code Execution Vulnerability in Intel CSME, Intel Server Platform Services, and Intel TXE

Arbitrary Code Execution Vulnerability in Intel CSME, Intel Server Platform Services, and Intel TXE

CVE-2018-12191 · HIGH Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.

Learn more about our Cis Benchmark Audit For Server Software.