CVE-2019-0086
Summary
| CVE | CVE-2019-0086 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-05-17 16:29:00 UTC |
| Updated | 2020-08-24 17:37:00 UTC |
| Description | Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access. |
Risk And Classification
Problem Types: CWE-59 | CWE-732
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Intel | Converged Security Management Engine Firmware | All | All | All | All |
| Application | Intel | Converged Security Management Engine Firmware | All | All | All | All |
| Operating System | Intel | Trusted Execution Engine Firmware | All | All | All | All |
| Operating System | Intel | Trusted Execution Engine Firmware | All | All | All | All |
| Operating System | Intel | Trusted Execution Engine Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| INTEL-SA-00213 | MISC | www.intel.com | Vendor Advisory |
| support.f5.com/csp/article/K35815741 | CONFIRM | support.f5.com | |
| Danish Cyber Defence | MISC | danishcyberdefence.dk | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.