Multiple vulnerabilities in Intel CSME, TXE and SPS



Published: 2020-11-26
Risk Low
Patch available YES
Number of vulnerabilities 5
CVE ID CVE-2020-12303
CVE-2020-8744
CVE-2020-8745
CVE-2020-12297
CVE-2020-8750
CWE ID CWE-416
CWE-665
CWE-269
CWE-284
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
Converged Security and Management Engine (CSME)
Hardware solutions / Firmware

Intel Trusted Execution Engine Firmware
Hardware solutions / Firmware

Intel Server Platform Services Firmware
Web applications / Other software

Vendor Intel

Security Advisory

1) Use-after-free

Risk: Low

CVSSv3: 6.1 [CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-12303

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in DAL subsystem. A local user can escalate privileges on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Converged Security and Management Engine (CSME): before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45, 14.5.25

Intel Trusted Execution Engine Firmware: before 3.1.80, 4.0.30

CPE External links

https://security.netapp.com/advisory/ntap-20201113-0002/
https://security.netapp.com/advisory/ntap-20201113-0005/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper Initialization

Risk: Low

CVSSv3: 6.3 [CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-8744

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper initialization in subsystem. A local administrator can run a specially crafted application to execute arbitrary code with escalated privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Converged Security and Management Engine (CSME): before 12.0.70, 13.0.40, 13.30.10, 14.0.45, 14.5.25

Intel Trusted Execution Engine Firmware: before 4.0.30

Intel Server Platform Services Firmware: before E3_05.01.04.200

CPE External links

https://security.netapp.com/advisory/ntap-20201113-0002/
https://security.netapp.com/advisory/ntap-20201113-0004/
https://security.netapp.com/advisory/ntap-20201113-0005/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper Privilege Management

Risk: Low

CVSSv3: 6.4 [CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-8745

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local attacker to escalate privileges.

The vulnerability exists due to insufficient control flow management. An attacker with physical access can escalate privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Converged Security and Management Engine (CSME): before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45, 14.5.25

Intel Trusted Execution Engine Firmware: before 3.1.80, 4.0.30

CPE External links

https://security.netapp.com/advisory/ntap-20201113-0002/
https://security.netapp.com/advisory/ntap-20201113-0005/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper access control

Risk: Low

CVSSv3: 7.1 [CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-12297

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in Installer. A local user can bypass implemented security restrictions and gain elevated privileges on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Converged Security and Management Engine (CSME): before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45, 14.5.25

Intel Trusted Execution Engine Firmware: before 3.1.80, 4.0.30

CPE External links

https://security.netapp.com/advisory/ntap-20201113-0002/
https://security.netapp.com/advisory/ntap-20201113-0005/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Use-after-free

Risk: Low

CVSSv3: 6.1 [CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-8750

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in Kernel Mode Driver. A local user can escalate privileges on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Intel Trusted Execution Engine Firmware: before 3.1.80, 4.0.30

CPE External links

https://security.netapp.com/advisory/ntap-20201113-0005/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###