Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manageability engine firmware vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-36392
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability prior to 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network acc...
Intel Converged Security Management Engine Firmware
6.5
CVSSv3
CVE-2022-26047
Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local access.
Intel Proset/wireless Wifi
Intel Killer Wifi Software
Intel Uefi Wifi Driver
Intel Killer Wi-fi 6 Ax1650 Firmware -
Intel Killer Wi-fi 6e Ax1675 Firmware -
Intel Killer Wi-fi 6e Ax1690 Firmware -
Intel Wi-fi 6 Ax200 Firmware -
Intel Wi-fi 6 Ax201 Firmware -
Intel Wi-fi 6 Ax210 Firmware -
Intel Wi-fi 6 Ax211 Firmware -
Intel Wi-fi 6 Ax411 Firmware -
Intel Converged Security And Manageability Engine
Intel Core I3-12100 Firmware -
Intel Core I3-12100f Firmware -
Intel Core I3-12100t Firmware -
Intel Core I3-1210u Firmware -
Intel Core I3-1215u Firmware -
Intel Core I3-1220p Firmware -
Intel Core I3-12300 Firmware -
Intel Core I3-12300t Firmware -
Intel Core I5-1230u Firmware -
Intel Core I5-1235u Firmware -
4.4
CVSSv3
CVE-2020-24506
Out of bound read in a subsystem in the Intel(R) CSME versions prior to 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentially enable information disclosure via local access.
Intel Converged Security And Manageability Engine
Siemens Simatic Field Pg M6 Firmware
Siemens Simatic Ipc627e Firmware
Siemens Simatic Ipc647e Firmware
Siemens Simatic Ipc677e Firmware
Siemens Simatic Ipc847e Firmware
4.4
CVSSv3
CVE-2020-24507
Improper initialization in a subsystem in the Intel(R) CSME versions prior to 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access.
Intel Converged Security And Manageability Engine
Siemens Simatic Field Pg M6 Firmware
Siemens Simatic Ipc427e Firmware
Siemens Simatic Ipc477e Firmware
Siemens Simatic Ipc477e Pro Firmware
Siemens Simatic Ipc527g Firmware
Siemens Simatic Ipc547g Firmware
Siemens Simatic Ipc627e Firmware
Siemens Simatic Ipc647e Firmware
Siemens Simatic Ipc677e Firmware
Siemens Simatic Ipc847e Firmware
Siemens Simatic Itp1000 Firmware
Siemens Simatic Field Pg M5 Firmware
6.7
CVSSv3
CVE-2020-8703
Improper buffer restrictions in a subsystem in the Intel(R) CSME versions prior to 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access.
Intel Converged Security And Manageability Engine
Netapp Cloud Backup -
Siemens Simatic Field Pg M6 Firmware
Siemens Simatic Field Pg M5 Firmware
Siemens Simatic Ipc427e Firmware
Siemens Simatic Ipc477e Firmware
Siemens Simatic Ipc477e Pro Firmware
Siemens Simatic Ipc527g Firmware
Siemens Simatic Ipc547g Firmware
Siemens Simatic Ipc627e Firmware
Siemens Simatic Ipc647e Firmware
Siemens Simatic Ipc677e Firmware
Siemens Simatic Ipc847e Firmware
Siemens Simatic Itp1000 Firmware
5.9
CVSSv3
CVE-2020-1971
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This functi...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Api Gateway 11.1.2.4.0
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Business Intelligence 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Business Intelligence 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Http Server 12.2.1.4.0
Oracle Enterprise Manager For Storage Management 13.4.0.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Mysql
Oracle Graalvm 19.3.4
Oracle Graalvm 20.3.0
Oracle Essbase 21.2
5 Github repositories
1 Article
7.8
CVSSv3
CVE-2020-12297
Improper access control in Installer for Intel(R) CSME Driver for Windows versions prior to 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via lo...
Intel Converged Security And Manageability Engine
Intel Trusted Execution Technology 3.1.80
Intel Trusted Execution Technology 4.0.30
7.8
CVSSv3
CVE-2020-12303
Use after free in DAL subsystem for Intel(R) CSME versions prior to 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access.
Intel Converged Security And Manageability Engine
Intel Trusted Execution Technology 3.1.80
Intel Trusted Execution Technology 4.0.30
7.8
CVSSv3
CVE-2020-12304
Improper access control in Installer for Intel(R) DAL SDK before version 2.1 for Windows may allow an authenticated user to potentially enable escalation of privileges via local access.
Intel Dynamic Application Loader Software Developement Kit
7.8
CVSSv3
CVE-2020-12354
Incorrect default permissions in Windows(R) installer in Intel(R) AMT SDK versions prior to 14.0.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Active Management Technology Software Development Kit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »