Security advisories

Intel Firmware Vulnerabilities

February 26, 2019 | 1 MIN READ

Speak With A Security Expert Now

TALK TO AN EXPERT

The Intel Corporation has identified eight separate vulnerabilities in its Management Engine (ME), Server Platform Services (SPS) and Trusted Execution Engine (TXE). These vulnerabilities have the potential to affect any devices that make use of Intel’s affected processors, including PCs, servers and IoT platforms. Successful exploitation of these vulnerabilities may allow for elevation of privileges, remote admin access, unauthorized code execution or it may cause systems to crash or become unstable.

What you should do about it

Additional information

These vulnerabilities are not currently being exploited in the wild. Any successful attack that exploits these vulnerabilities would require an advanced skill level.

For a full list of CVEs and additional technical details, please see below [2]:

Affected Products:

  • 6th, 7th & 8th Generation Intel® Core™ Processor Family
  • Intel® Xeon® Processor E3-1200 v5 & v6 Product Family
  • Intel® Xeon® Processor Scalable Family
  • Intel® Xeon® Processor W Family
  • Intel® Atom® C3000 Processor Family
  • Apollo Lake Intel® Atom Processor E3900 series
  • Apollo Lake Intel® Pentium™
  • Celeron™ N and J series Processors

Affected Version

  • ME Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20
  • SPS Firmware version 4.0
  • TXE version 3.0

Additional Sources

[1]https://downloadcenter.intel.com/download/27150

[2]https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

View Most Recent Advisories