CVE-2020-0534
Summary
| CVE | CVE-2020-0534 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-06-15 14:15:00 UTC |
| Updated | 2020-07-22 14:15:00 UTC |
| Description | Improper input validation in the DAL subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an unauthenticated user to potentially enable denial of service via network access. |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Intel | Converged Security Management Engine Firmware | All | All | All | All |
| Operating System | Intel | Converged Security Management Engine Firmware | All | All | All | All |
| Operating System | Intel | Converged Security Management Engine Firmware | 14.5.11 | All | All | All |
| Operating System | Intel | Converged Security Management Engine Firmware | All | All | All | All |
| Operating System | Intel | Converged Security Management Engine Firmware | All | All | All | All |
| Operating System | Intel | Converged Security Management Engine Firmware | 14.5.11 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| INTEL-SA-00295 | MISC | www.intel.com | Vendor Advisory |
| Intel SA-00295 CSME Vulnerabilities in NetApp Products | NetApp Product Security | CONFIRM | security.netapp.com | |
| Intel CSME, SPS, TXE, AMT and DAL Advisory - Lenovo Support DE | MISC | support.lenovo.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.