Multiple vulnerabilities in Intel CSME, TXE and SPS
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2020-12303 CVE-2020-8744 CVE-2020-8745 CVE-2020-12297 CVE-2020-8750 |
| CWE-ID | CWE-416 CWE-665 CWE-269 CWE-284 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Converged Security and Management Engine (CSME) Hardware solutions / Firmware Intel Trusted Execution Engine Firmware Hardware solutions / Firmware Intel Server Platform Services Firmware Web applications / Other software |
| Vendor | Intel |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Use-after-free
EUVDB-ID: #VU48682
Risk: Low
CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-12303
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in DAL subsystem. A local user can escalate privileges on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsConverged Security and Management Engine (CSME): before 14.5.25
Intel Trusted Execution Engine Firmware: before 4.0.30
External linkshttp://security.netapp.com/advisory/ntap-20201113-0002/
http://security.netapp.com/advisory/ntap-20201113-0005/
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper Initialization
EUVDB-ID: #VU48680
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-8744
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper initialization in subsystem. A local administrator can run a specially crafted application to execute arbitrary code with escalated privileges on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsConverged Security and Management Engine (CSME): before 14.5.25
Intel Trusted Execution Engine Firmware: before 4.0.30
Intel Server Platform Services Firmware: before E3_05.01.04.200
External linkshttp://security.netapp.com/advisory/ntap-20201113-0002/
http://security.netapp.com/advisory/ntap-20201113-0004/
http://security.netapp.com/advisory/ntap-20201113-0005/
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Privilege Management
EUVDB-ID: #VU48679
Risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-8745
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to escalate privileges.
The vulnerability exists due to insufficient control flow management. An attacker with physical access can escalate privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsConverged Security and Management Engine (CSME): before 14.5.25
Intel Trusted Execution Engine Firmware: before 4.0.30
External linkshttp://security.netapp.com/advisory/ntap-20201113-0002/
http://security.netapp.com/advisory/ntap-20201113-0005/
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper access control
EUVDB-ID: #VU48676
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-12297
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in Installer. A local user can bypass implemented security restrictions and gain elevated privileges on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsConverged Security and Management Engine (CSME): before 14.5.25
Intel Trusted Execution Engine Firmware: before 4.0.30
External linkshttp://security.netapp.com/advisory/ntap-20201113-0002/
http://security.netapp.com/advisory/ntap-20201113-0005/
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Use-after-free
EUVDB-ID: #VU48677
Risk: Low
CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-8750
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in Kernel Mode Driver. A local user can escalate privileges on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Trusted Execution Engine Firmware: before 4.0.30
External linkshttp://security.netapp.com/advisory/ntap-20201113-0005/
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
