Dell OptiPlex 7450 AIO - China HDD Protection

Updating the system firmware improves performance.

Atom Feed

Version 1.30.0
2024-01-29 08:12:51

Dell Technologies highly recommends applying this important update as soon as possible.The update contains critical bug fixes and changes to improve functionality, reliability, and stability of your Dell system.It may include security fixes and other feature enhancements.

Urgency critical
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.29.0
2023-12-15 06:23:26

Dell Technologies highly recommends applying this important update as soon as possible.The update contains critical bug fixes and changes to improve functionality, reliability, and stability of your Dell system.It may include security fixes and other feature enhancements.

Urgency critical
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.28.0
2023-11-13 01:13:57

Dell Technologies highly recommends applying this important update as soon as possible.The update contains critical bug fixes and changes to improve functionality, reliability, and stability of your Dell system.It may include security fixes and other feature enhancements.

Urgency critical
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.27.0
2023-08-08 02:56:45

Dell Technologies highly recommends applying this important update as soon as possible.The update contains critical bug fixes and changes to improve functionality, reliability, and stability of your Dell system.It may include security fixes and other feature enhancements.

Urgency critical
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.26.0
2023-05-11 07:15:45

Dell Technologies highly recommends applying this important update as soon as possible.The update contains critical bug fixes and changes to improve functionality, reliability, and stability of your Dell system.It may include security fixes and other feature enhancements.

Urgency critical
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.25.0
2023-02-06 07:01:03

Dell Technologies highly recommends applying this important update as soon as possible.The update contains critical bug fixes and changes to improve functionality, reliability, and stability of your Dell system.It may include security fixes and other feature enhancements.

Urgency critical
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.24.0
2022-12-22 03:12:28

Dell Technologies highly recommends applying this important update as soon as possible.The update contains critical bug fixes and changes to improve functionality, reliability, and stability of your Dell system.It may include security fixes and other feature enhancements.

Urgency critical
Fixed issues:
  • CVE-2022-34463
  • CVE-2017-5715

    Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

  • CVE-2022-40262

    A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines (VMs) and bypassing memory isolation and confidential computing boundaries. Additionally, an attacker can build a payload which can be injected into the SMRAM memory. This issue affects: Module name: S3Resume2Pei SHA256: 7bb29f05534a8a1e010443213451425098faebd45948a4642db969b19d0253fc Module GUID: 89E549B0-7CFE-449D-9BA3-10D8B2312D71

  • CVE-2022-33159
  • CVE-2022-27497

    Null pointer dereference in firmware for Intel(R) AMT before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable denial of service via network access.

  • CVE-2022-29893

    Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an authenticated user to potentially enable escalation of privilege via network access.

  • CVE-2022-26845

    Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

  • CVE-2022-34398
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.23.0
2022-10-12 02:08:53

Dell Technologies highly recommends applying this important update as soon as possible.The update contains critical bug fixes and changes to improve functionality, reliability, and stability of your Dell system.It may include security fixes and other feature enhancements.

Urgency critical
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.22.0
2022-08-10 02:31:52

Dell Technologies highly recommends applying this important update as soon as possible.The update contains critical bug fixes and changes to improve functionality, reliability, and stability of your Dell system.It may include security fixes and other feature enhancements.

Urgency critical
Fixed issues:
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.21.0
2022-05-12 08:48:13

Dell Technologies highly recommends applying this important update as soon as possible.The update contains critical bug fixes and changes to improve functionality, reliability, and stability of your Dell system.It may include security fixes and other feature enhancements.

Urgency critical
Fixed issues:
  • CVE-2021-28211

    A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.

  • CVE-2021-28210

    An unlimited recursion in DxeCore in EDK II.

  • CVE-2022-21151

    Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-21181

    Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2022-0005

    Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access.

  • CVE-2022-0004

    Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • CVE-2022-21166

    Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-21127

    Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2022-21125

    Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2019-14584

    Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2022-21123

    Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.20.0
2022-04-28 06:16:58

Dell Technologies highly recommends applying this important update as soon as possible.The update contains critical bug fixes and changes to improve functionality, reliability, and stability of your Dell system.It may include security fixes and other feature enhancements.

Urgency critical
Fixed issues:
  • CVE-2021-33107

    Insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK before version 16.0.3, Intel(R) SCS before version 12.2 and Intel(R) MEBx before versions 11.0.0.0012, 12.0.0.0011, 14.0.0.0004 and 15.0.0.0004 may allow an unauthenticated user to potentially enable information disclosure via physical access.

  • CVE-2021-0165

    Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

  • CVE-2021-0164

    Improper access control in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable escalation of privilege via local access.

  • CVE-2021-0161

    Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2021-0127

    Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access.

  • CVE-2021-0156

    Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local access.

  • CVE-2021-0125

    Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access.

  • CVE-2021-0124

    Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access.

  • CVE-2021-0119

    Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access.

  • CVE-2021-0118

    Out-of-bounds read in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

  • CVE-2021-0117

    Pointer issues in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

  • CVE-2021-0116

    Out-of-bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

  • CVE-2021-0115

    Buffer overflow in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2021-0114

    Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

  • CVE-2021-0111

    NULL pointer dereference in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

  • CVE-2021-0107

    Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.19.0
2021-12-15 08:12:47

Dell Technologies highly recommends applying this important update as soon as possible.The update contains critical bug fixes and changes to improve functionality, reliability, and stability of your Dell system.It may include security fixes and other feature enhancements.

Urgency critical
Fixed issues:
  • CVE-2021-0157

    Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.18.0
2021-09-17 02:53:08

Dell Technologies highly recommends applying this important update as soon as possible.The update contains critical bug fixes and changes to improve functionality, reliability, and stability of your Dell system.It may include security fixes and other feature enhancements.

Urgency critical
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.17.4
2021-06-29 02:31:36

Dell Technologies highly recommends applying this important update as soon as possible.The update contains critical bug fixes and changes to improve functionality, reliability, and stability of your Dell system.It may include security fixes and other feature enhancements.

Urgency critical
Fixed issues:
  • CVE-2020-8703

    Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2020-24512

    Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-24507

    Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.16.2
2021-05-06 08:16:26

Dell highly recommends applying this update as soon as possible.The update contains changes to improve the reliability and availability of your Dell system.

Urgency high
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.16.1
2021-01-29 10:09:25

Dell security update.

Urgency critical
Fixed issues:
Licenses
Security
Release Gating
Download Archive More details Firmware Details Compare with previous

Version 1.15.1
2020-09-22 08:05:37

This stable release fixes the following issues:

  • Fixed an issue with the hard drive master password reset not functioning.
  • Fixed the issue where the operating system prompts for BitLocker Recovery key while booting.
  • Fixed a BIOS Setup configuration issue that occurs after clearing the CMOS.

Urgency critical
Fixed issues:
  • CVE-2020-5362

    Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability interface for which an unauthorized actor, with local system access with OS administrator privileges, could bypass the BIOS Administrator authentication to restore BIOS Setup configuration to default values.

  • CVE-2020-0549

    Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-0548

    Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-0543

    Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-0529

    Improper initialization in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an unauthenticated user to potentially enable escalation of privilege via local access.

  • CVE-2020-0528

    Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access.

  • CVE-2020-8674

    Out-of-bounds Read (CWE-125) in DHCP component. A local network attacker can send a malicious Layer-2 DHCP packet that could lead to an unintended exposure of sensitive information on the target device. This is Intel's version of CVE-2020-11905

  • CVE-2020-0596

    Improper input validation in DHCPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access.

  • CVE-2020-0595

    Double Free (CWE-415) in IPv4 tunneling component when handling a packet. An unauthorized network attacker can use malicious packets that could lead to unexpected behavior of memory access that can be used to write or read values in arbitrary memory spaces. This is Intel's version of CVE-2020-11900

  • CVE-2020-0594

    Improper Input Validation (CWE-20) in IPv6 component when handling a packet sent by an unauthorized network attacker. An unauthorized network attacker can send a malicious request that can lead to out of bounds read on the target device. Intel obtained this CVE for CVE-2020-11899 , specific to their environment.

  • CVE-2020-0545

    Integer overflow in subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77 and Intel(R) TXE versions before 3.1.75, 4.0.25 and Intel(R) Server Platform Services (SPS) versions before SPS_E5_04.01.04.380.0, SPS_SoC-X_04.00.04.128.0, SPS_SoC-A_04.00.04.211.0, SPS_E3_04.01.04.109.0, SPS_E3_04.08.04.070.0 may allow a privileged user to potentially enable denial of service via local access.

  • CVE-2020-0540

    Insufficiently protected credentials in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access.

  • CVE-2020-0539

    Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially enable denial of service via local access.

  • CVE-2020-0538

    Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable denial of service via network access.

  • CVE-2020-0537

    Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow a privileged user to potentially enable denial of service via network access.

  • CVE-2020-0536

    Improper input validation in the DAL subsystem for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32,14.0.33 and Intel(R) TXE versions before 3.1.75 and 4.0.25 may allow an unauthenticated user to potentially enable information disclosure via network access.

  • CVE-2020-0533

    Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.

  • CVE-2020-0532

    Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.

  • CVE-2020-0535

    Improper input validation in Intel(R) AMT versions before 11.8.76, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access.

  • VU#257161

    Treck Inc.designs and distributes software for real-time operating systems (RTOS) customers worldwide. Treck's sofware provide essential TCP/IP networking capability to these devices. Security researchers from JSOF have discovered a number of vulnerabilities that can have an impact on devices that have adopted Treck's embedded software to cause unexpected behavior and possibly further exploit these devices for nefarious purposes.

  • CVE-2020-0531

    Improper input validation in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an authenticated user to potentially enable information disclosure via network access.

  • CVE-2020-8758

    Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned systems, an authenticated user may potentially enable escalation of privilege via local access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.13.1
2019-07-04 02:28:09

This stable release fixes the following issues:

  • Firmware updates to address security advisory INTEL-SA-00213
  • Firmware updates to address security advisories INTEL-SA-00233
  • Removed the pre-boot Intel RST Manager Optimized Defaults option.
  • Fixed the issue where the mSATA hard drive password cannot be set with Dell Command Configure tool.
  • Fixed the issue where applications do not work when SMM Security Mitigation is enabled in BIOS setup menu.

Urgency critical
Fixed issues:
  • CVE-2019-11091

    Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

  • CVE-2018-12130

    Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

  • CVE-2018-12127

    Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

  • CVE-2018-12126

    Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

  • CVE-2019-0170

    Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2019-0153

    Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

  • CVE-2019-0091

    Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.

  • CVE-2019-0098

    Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • CVE-2019-0097

    Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access.

  • CVE-2019-0096

    Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an authenticated user to potentially enable escalation of privilege via adjacent network access.

  • CVE-2019-0094

    Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access.

  • CVE-2019-0093

    Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2019-0092

    Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • CVE-2019-0086

    Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.

  • CVE-2019-0090

    Insufficient access control vulnerability in subsystem for Intel(R) CSME before versions 11.x, 12.0.35 Intel(R) TXE 3.x, 4.x, Intel(R) Server Platform Services 3.x, 4.x, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.12.1
2019-04-01 07:29:27

Fixes and Enhancements:

  • Fixed an issue with Secure Boot Option ROM Signature Verification.
  • Firmware updates to address security advisories INTEL-SA-00185 and INTEL-SA-00191

Urgency critical
Fixed issues:
  • CVE-2018-12203

    Denial of service vulnerability in Platform Sample/ Silicon Reference firmware for 8th Generation Intel Core Processor, 7th Generation Intel Core Processor may allow privileged user to potentially execute arbitrary code via local access.

  • CVE-2018-12202

    Privilege escalation vulnerability in Platform Sample/ Silicon Reference firmware for 8th Generation Intel(R) Core Processor, 7th Generation Intel(R) Core Processor may allow privileged user to potentially leverage existing features via local access.

  • CVE-2018-12201

    Buffer overflow vulnerability in Platform Sample / Silicon Reference firmware for 8th Generation Intel(R) Core Processor, 7th Generation Intel(R) Core Processor, Intel(R) Pentium(R) Silver J5005 Processor, Intel(R) Pentium(R) Silver N5000 Processor, Intel(R) Celeron(R) J4105 Processor, Intel(R) Celeron(R) J4005 Processor, Intel Celeron(R) N4100 Processor and Intel(R) Celeron N4000 Processor may allow privileged user to potentially execute arbitrary code via local access.

  • CVE-2018-12185

    Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physical access.

  • CVE-2018-12196

    Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.

  • CVE-2018-12187

    Insufficient input validation in Intel(R) Active Management Technology (Intel(R) AMT) before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially cause a denial of service via network access.

  • CVE-2018-12200

    Insufficient access control in Intel(R) Capability Licensing Service before version 1.50.638.1 may allow an unprivileged user to potentially escalate privileges via local access.

  • CVE-2018-12198

    Insufficient input validation in Intel(R) Server Platform Services HECI subsystem before version SPS_E5_04.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access.

  • CVE-2018-12199

    Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access.

  • CVE-2018-12192

    Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.

  • CVE-2018-12191

    Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.

  • CVE-2018-12190

    Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access.

  • CVE-2018-12188

    Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.11.4
2018-11-21 09:16:17

Major fixes:

  • Includes the Data Wipe feature in BIOS that enables removing data from storage.
  • Fixed a potential issue where the Auto-On feature does not work properly if system is powered down from F12 boot menu.Auto on feature is a BIOS feature that can wake the system up from a preset wake-up time.
  • Fixed the TPM startup error under TPM enabled condition when the system resumes from sleep mode.
  • Fixed a potential issue with binary image measurement using the Linux UEFI shim boot loader.
  • Fixed a potential issue where the system stops responding when an incorrectly formatted password is entered at the BIOS security Manager (BIOS preboot password) prompt.
  • Updated Intel ME Firmware to address security advisories INTEL-SA-00112, INTEL-SA-00118, INTEL-SA-00125, Intel-SA-00131 & INTEL-SA-00141
  • Updated CPU microcode to address security advisory Intel Security Advisory INTEL-SA-00115.

Enhancements:

  • Enhanced BIOS Auto Recovery Feature.
  • Enabled Windows Security Mitigation Table (WSMT) security enhancements for Win10 Creators Update.

Urgency high
Fixed issues:
  • CVE-2018-3640

    Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.

  • CVE-2018-3639

    Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

  • CVE-2018-3616

    Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.

  • CVE-2018-3658

    Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.

  • CVE-2018-3657

    Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.

  • CVE-2018-3643

    A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.

  • CVE-2018-3655

    A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.

  • CVE-2018-3627

    Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.

  • CVE-2018-3628

    Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet.

  • VU#180049

    CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks

  • CVE-2018-3644
  • CVE-2018-3632

    Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x / 9.x / 10.x / 11.0 / 11.5 / 11.6 / 11.7 / 11.10 / 11.20 could be triggered by an attacker with local administrator permission on the system.

  • CVE-2018-3629

    Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to cause a denial of service via the same subnet.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.11.3 — not be suitable for production systems
2018-09-18 02:27:14

Fixes: - N/A.Enhancements: - Enhanced BIOS Auto Recovery Feature.

Urgency medium
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.11.2
2018-09-03 23:55:54

This stable release fixes the following issues:

  • Fixed a potential issue with binary image measurement using the Linux UEFI shim boot loader.
  • Fixed a potential system hang issue when an incorrectly formatted password is entered at the BIOS security Manager (BIOS pre-boot password) prompt.
  • Updated Intel ME Firmware to address security advisories INTEL-SA-00125, Intel-SA-00131 & INTEL-SA-00141

Urgency critical
Fixed issues:
  • CVE-2018-3658

    Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.

  • CVE-2018-3657

    Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.

  • CVE-2018-3643

    A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.

  • CVE-2018-36
  • CVE-2018-3644
  • CVE-2018-3655

    A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.10.2
2018-06-14 08:30:53

Urgency unknown
Licenses
Security
Release Gating
Download Archive Firmware Details Compare with previous

Version 1.5.2
2017-08-02 07:59:46

Urgency None
Licenses
Security
Release Gating
Download Archive Firmware Details

LVFS © 2015 Richard Hughes with icons from Font Awesome and GeoIP data from IP2Location.

Linux Vendor Firmware Service Project a Series of LF Projects, LLC :: Charter