CVE-2019-0093

Summary

Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access.

Affected Software

VendorProductVersion RangeStatus
n/aIntel(R) Converged Security & Management Engine (CSME), Intel(R) Server Platform Services (SPS)Versions before 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0.affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References