CVE-2018-12196
https://notcve.org/view.php?id=CVE-2018-12196
Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access. Validación de entradas insuficiente en Intel(R) AMT en Intel(R) CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20, podría permitir que un usuario privilegiado pueda ejecutar código arbitrario mediante acceso local. • https://security.netapp.com/advisory/ntap-20190318-0001 https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html • CWE-20: Improper Input Validation •
CVE-2018-12188
https://notcve.org/view.php?id=CVE-2018-12188
Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access. Validación de entradas incorrecta en Intel CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20; o Intel TXE, en versiones anteriores a la 3.1.60 o 4.0.10, podría permitir que un usuario no autenticado pueda modificar datos mediante acceso físico. • https://security.netapp.com/advisory/ntap-20190318-0001 https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html • CWE-20: Improper Input Validation •
CVE-2018-12190
https://notcve.org/view.php?id=CVE-2018-12190
Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access. Una validación de entrada insuficiente en el subsistema Intel(r) CSME en las versiones anteriores a la 11.8.60, 11.11.60, 11.22.60 o 12.0.20 o Intel(r) TXE en las versiones anteriores a la 3.1.60 o 4.0.10 puede permitir a un usuario con privilegios una escalada de privilegios a través del acceso local. • https://security.netapp.com/advisory/ntap-20190318-0001 https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html • CWE-20: Improper Input Validation •
CVE-2018-3657
https://notcve.org/view.php?id=CVE-2018-3657
Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access. Múltiples desbordamientos de búfer en Intel AMT en el firmware Intel CSME en versiones anteriores a la 12.0.5 podrían permitir que un usuario privilegiado ejecute código arbitrario con privilegios de ejecución AMT mediante acceso local. • http://www.securityfocus.com/bid/106996 https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05 https://security.netapp.com/advisory/ntap-20180924-0003 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-3616
https://notcve.org/view.php?id=CVE-2018-3616
Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network. Vulnerabilidad de canal lateral estilo Bleichenbacher en la implementación TLS en Intel Active Management Technology en versiones anteriores a la 12.0.5 podría permitir que un usuario sin autenticar obtenga la clave de sesión TLS por red. • http://www.securityfocus.com/bid/106996 https://cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf https://ics-cert.us-cert.gov/advisories/ICSA-19-043-05 https://security.netapp.com/advisory/ntap-20180924-0003 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html •