CVE-2020-12297

HIGH

Intel CSME Driver <11.8.80-14.5.25 - Privilege Escalation

Title source: llm

Description

Improper access control in Installer for Intel(R) CSME Driver for Windows versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access.

References (3)

Core 3

Core References

Vendor Advisory x_refsource_misc

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391

Third Party Advisory x_refsource_confirm

https://security.netapp.com/advisory/ntap-20201113-0005/

Third Party Advisory x_refsource_confirm

https://security.netapp.com/advisory/ntap-20201113-0002/

Scores

CVSS v3 7.8

EPSS 0.0008

EPSS Percentile 24.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (3)

intel/converged_security_and_manageability_engine < 11.8.80

intel/trusted_execution_technology 3.1.80

intel/trusted_execution_technology 4.0.30

Published Nov 12, 2020

Tracked Since Feb 18, 2026