CVE-2018-12208
https://notcve.org/view.php?id=CVE-2018-12208
Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access. Desbordamiento de búfer en el subsistema HECI de Intel(R) CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20; o Intel (R) TXE, en versiones anteriores a la 3.1.60 o 4.0.10; o Intel(R) Server Platform Services en versiones anteriores a la 5.00.04.012 podría permitir que un usuario no autenticado pueda ejecutar código arbitrario mediante acceso físico. • https://security.netapp.com/advisory/ntap-20190318-0001 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-12198
https://notcve.org/view.php?id=CVE-2018-12198
Insufficient input validation in Intel(R) Server Platform Services HECI subsystem before version SPS_E5_04.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access. Validación de entradas insuficiente en el subsistema de Intel(R) Server Platform Services HECI, en versiones anteriores a la SPS_E5_04.00.04.393.0, podría permitir que usuarios privilegiados puedan provocar una denegación de servicio (DoS) mediante acceso local. • https://security.netapp.com/advisory/ntap-20190318-0001 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html • CWE-20: Improper Input Validation •
CVE-2018-12191
https://notcve.org/view.php?id=CVE-2018-12191
Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access. La comprobación de límites en el subsistema del kernel en Intel CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20; o Intel(R) Server Platform Services, en versiones anteriores a la 4.00.04.383 o SPS 4.01.02.174; o Intel(R) TXE, en versiones anteriores a la 3.1.60 o 4.0.10, podría permitir que un usuario no autenticado pueda ejecutar código arbitrario mediante acceso físico. • https://security.netapp.com/advisory/ntap-20190318-0001 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •