Intel® June 2020 Security Vulnerability Update (INTEL-SA-00295, INTEL-SA-00320, INTEL-SA-00322, INTEL-SA-00329)

Reference:

Security vulnerabilities (INTEL-SA-00295, INTEL-SA-00320, INTEL-SA-00322, INTEL-SA-00329)
Intel® Corporation (hereinafter Intel®) has reported that there is a vulnerability in "Intel® Management Engine Firmware". Intel is releasing firmware and software updates to mitigate these potential vulnerabilities. Please refer to the following solutions and take the appropriate action.

Vulnerability Summary:

Heap overflow in subsystem in Intel® CSME before versions 11.8.77, 12.0.64 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Details about the vulnerability:

For details, please see the following web pages.

CVE-2020-0594
CVE-2020-0595
CVE-2020-0543
CVE-2020-0528
CVE-2020-0529
CVE-2020-0548
CVE-2020-0549

Remediation:

Updates may consist of BIOS and/or Intel® Drivers.

Affected Products:

Please check the model list for applicable updates.

page top