CVE-2019-0152
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
14/11/2019
Last modified:
07/11/2023
Description
Insufficient memory protection in System Management Mode (SMM) and Intel(R) TXT for certain Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Impact
Base Score 3.x
6.70
Severity 3.x
MEDIUM
Base Score 2.0
7.20
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:intel:xeon_platinum_8253_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:intel:xeon_platinum_8256_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:intel:xeon_platinum_8260_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:intel:xeon_platinum_8276_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:intel:xeon_platinum_8276m_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_platinum_8276m:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:intel:xeon_platinum_8276l_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:intel:xeon_platinum_8280l_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:intel:xeon_platinum_8260l_firmware:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf
- https://support.f5.com/csp/article/K34425791?utm_source=f5support&%3Butm_medium=RSS
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03971en_us
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00240.html