Firmware Update Software Vulnerability in Intel(R) CSME: Potential Privilege Escalation via Local Access

Firmware Update Software Vulnerability in Intel(R) CSME: Potential Privilege Escalation via Local Access

CVE-2019-11103 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

Learn more about our User Device Pen Test.