{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T23:07:24.344","vulnerabilities":[{"cve":{"id":"CVE-2019-0090","sourceIdentifier":"secure@intel.com","published":"2019-05-17T16:29:00.937","lastModified":"2026-06-17T02:07:40.977","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Insufficient access control vulnerability in subsystem for Intel(R) CSME before versions 11.x, 12.0.35 Intel(R) TXE 3.x, 4.x, Intel(R) Server Platform Services 3.x, 4.x, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access."},{"lang":"es","value":"Una vulnerabilidad de control de acceso insuficiente en el subsistema para Intel(R) CSME en versiones anteriores a la 11.x, 12.0.35 Intel(R) TXE 3.x, 4.x, Intel(R) Server Platform Services 3.x, 4.x, Intel(R) SPS en versiones anteriores a la SPS_E3_05.00.04.027.0 puede permitir que un usuario no autenticado habilite potencialmente un aumento de privilegios por medio de un acceso fĂ­sico."}],"affected":[{"source":"secure@intel.com","affectedData":[{"vendor":"n/a","product":"Intel(R) Converged Security & Management Engine (CSME), Intel(R) Server Platform Services (SPS)","versions":[{"version":"CSME before version 12.0.35, Intel(R) SPS before version SPS_E3_05.00.04.027.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"PHYSICAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.5,"impactScore":6.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:P/A:P","baseScore":4.4,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:intel:converged_security_and_management_engine:*:*:*:*:*:*:*:*","versionEndExcluding":"12.0.35","matchCriteriaId":"1219056B-D42B-4D3A-9BBB-0EC6856D3E79"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:intel:server_platform_services:*:*:*:*:*:*:*:*","versionEndExcluding":"sps_e3_05.00.04.027.0","matchCriteriaId":"E4B4F480-DD79-4A66-9231-FDBE8342CAEA"}]}]}],"references":[{"url":"https://support.f5.com/csp/article/K59145983","source":"secure@intel.com","tags":["Third Party Advisory"]},{"url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html","source":"secure@intel.com","tags":["Vendor Advisory"]},{"url":"https://support.f5.com/csp/article/K59145983","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}],"vendorComments":[{"organization":"Intel","comment":"After an attacker gains access, they would need to invest additional effort in preparation or execution of the vulnerable component in order to use this vulnerability.","lastModified":"2019-11-08T12:21:48.120"}]}}]}