cancel
Showing results for 
Search instead for 
Did you mean: 

Intel® CSME, Intel® SPS, Intel® TXE, Intel® DAL, and Intel® AMT 2019.1 QSR Advisory

raju2529
Level 7
Multiple potential security vulnerabilities in Intel® Converged Security & Management Engine (Intel® CSME), Intel® Server Platform Services (Intel® SPS), Intel® Trusted Execution Engine Interface (Intel® TXE), Intel® Dynamic Application Loader (Intel® DAL), and Intel® Active Management Technology (Intel® AMT) may allow escalation of privilege, information disclosure, and/or denial of service. Intel is releasing Intel® CSME, Intel® SPS, Intel® TXE, and Intel® AMT updates to mitigate these potential vulnerabilities.

Vulnerability Details:
CVEID: CVE-2019-0089
Description: Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow a privileged user to potentially enable escalation of privilege via local access.


CVEID: CVE-2019-0090
Description: Insufficient access control vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow unauthenticated user to potentially enable escalation of privilege via physical access.


CVEID: CVE-2019-0086
Description: Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.







CVEID: CVE-2019-0091
Description: Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.


CVEID: CVE-2019-0092
Description: Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.


CVEID: CVE-2019-0093
Description: Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access.


CVEID: CVE-2019-0094
Description: Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access.

CVEID: CVE-2019-0096
Description: Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an authenticated user to potentially enable escalation of privilege via adjacent network access.

CVEID: CVE-2019-0097
Description: Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access.


CVEID: CVE-2019-0098
Description: Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.


CVEID: CVE-2019-0099
Description: Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.


CVEID: CVE-2019-0153
Description: Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.


CVEID: CVE-2019-0170
Description: Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.


Intel® CSME, Intel® Active Management Technology, and Intel® DAL
Please update intel management firmware version with respective intel core processors
Updated Intel® CSME Firmware Version
11.8.65.xxxx
11.11.65.xxxx
11.22.65.xxxx
12.0.35.xxxx

Intel® Server Platform Services before versions
Please update Intel® Server Platform Services Firmware Version
SPS_E3_05.00.04.027.0.


Intel® Trusted Execution Engine
Please update Intel® Trusted Execution Engine
Updated Intel® Trusted Execution Engine Firmware Version

3.1.65.xxxx
4.0.15.xxxx

for more information visit intel security website
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html


download intel management firmware from win-riad official website
https://www.win-raid.com/t596f39-Intel-Management-Engine-Drivers-Firmware-amp-System-Tools.html
Intel i5 7200U_ Nvidia 940MX _Windows_11_Enterprise_64bit_22H2_buildno_22621.754
6,276 Views
1 REPLY 1

raju2529
Level 7
On 10-06-2019 , i installed latest Bios frmware X542UQ.309 to laptop which contains latest intel cpu microcode B4 . and almosyt many security flaws are fixed

.80682
Intel i5 7200U_ Nvidia 940MX _Windows_11_Enterprise_64bit_22H2_buildno_22621.754