erek
[H]F Junkie
- Joined
- Dec 19, 2005
- Messages
- 10,894
Bogus response from Intel.
"Intel has warned of a critical vulnerability in the CSME security engine and has urged users to apply a fix, now available, as quickly as possible.
The Intel Converged Security and Management Engine (CSME) is a chipset subsystem that powers Intel's Active Management technologies.
According to a security advisory published on Tuesday, CSME is subject to a firmware vulnerability, found internally by Intel's security team, which if exploited allows local threat actors to launch escalation of privilege, denial of service, and information disclosure attacks.
Tracked as CVE-2019-14598, the vulnerability has been awarded a CVSS base score of 8.2, which deems the issue critical -- the highest severity rating."
https://www.zdnet.com/article/intel-warns-of-critical-security-flaw-in-csme-engine/
"Intel has warned of a critical vulnerability in the CSME security engine and has urged users to apply a fix, now available, as quickly as possible.
The Intel Converged Security and Management Engine (CSME) is a chipset subsystem that powers Intel's Active Management technologies.
According to a security advisory published on Tuesday, CSME is subject to a firmware vulnerability, found internally by Intel's security team, which if exploited allows local threat actors to launch escalation of privilege, denial of service, and information disclosure attacks.
Tracked as CVE-2019-14598, the vulnerability has been awarded a CVSS base score of 8.2, which deems the issue critical -- the highest severity rating."
https://www.zdnet.com/article/intel-warns-of-critical-security-flaw-in-csme-engine/