Intel Monthly February Security Update, February 2020
Security Advisories That Affect BIOS:
- Intel-SA-00307 – Escalation of Privilege, Denial of Service, Information Disclosure
- Summary: A potential security vulnerability in CSME subsystem may allow escalation of privilege, denial of service, and information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability.
- Severity: HIGH
- CVEID: CVE-2019-14598
Description: Improper Authentication in subsystem in Intel® CSME versions before 12.0.49, 12.0.55, 13.0.21, 14.0.11 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
CVSS Base Score: 8.2 High
Security Advisories that don’t affect BIOS:
- INTEL-SA-00273 - Intel® Renesas Electronics® USB 3.0 Driver Advisory
- INTEL-SA-00336 - Intel® SGX SDK Advisory
- INTEL-SA-00339 - Intel® RAID Web Console 2 (RWC2)
- INTEL-TA-00340 - Intel® Manycore Platform Software Stack (MPSS)
- INTEL-SA-00341 - Intel® RAID Web Console 3 (RWC3)