Intel® Converged Security Management Engine (Intel® CSME) Security Advisory: SA-00307

Documentation

Product Information & Documentation

000056085

04/02/2020

On February 11, 2020, Intel released information for security advisory Intel-SA-00307. This information was released as part of Intel's regular product update process.

The security advisory discloses that a potential security vulnerability in an Intel® Converged Security Management Engine (Intel® CSME) subsystem may allow:

  • Escalation of privilege
  • Denial of service
  • Information disclosure

Intel is releasing firmware updates to mitigate this potential vulnerability.

Refer to the public security advisory SA-00307 for complete details on the Common Vulnerabilities and Exposures (CVEs) and Common Vulnerability Scoring System (CVSS) scores.

Affected products

This potential vulnerability impacts Intel® CSME versions before 12.0.49 (IoT only: 12.0.56), 13.0.21, 14.0.11.

Recommendations

Contact your system or motherboard manufacturer to obtain a firmware or BIOS update that addresses this vulnerability. Intel can't provide updates for systems or motherboards from other manufacturers.

Frequently Asked Questions

Click or the topic for details:

What are the Vulnerability Descriptions, Common Vulnerabilities and Exposures (CVE) Numbers, and Common Vulnerability Scoring System (CVSS) information for the identified vulnerabilities associated with Intel® Manageability Engine?See the Intel-SA-00307 Security Advisory for full information on the CVEs associated with this announcement.
How can I determine if I'm impacted by this vulnerability?Reboot your system and access the system BIOS. Intel® Management Engine (Intel® ME)/Intel® CSME firmware information may be available in the BIOS information screens. If the information isn't available in the system BIOS, contact your system manufacturer for assistance.
I have a system or motherboard manufactured by Intel (Intel® NUC, Intel® Mini PC, Intel® Server, Intel® Desktop Board) that is showing as vulnerable. What do I do?Go to Intel Support and navigate to the support page for your product. You'll be able to check for BIOS or firmware updates for your system.
I built my computer from components, but I don't have a system manufacturer to contact. What do I do?Contact the manufacturer of the motherboard you purchased to build your system. They're responsible for distributing the correct BIOS or firmware update for the motherboard.

If you have additional questions on this issue, contact Intel Customer Support.