Back to CVE Browser

CVE-2018-3655

HIGH

7.3

CVSS Severity Score

EPSS Score0.0060%

EPSS Percentile19.97th

PublishedSep 12, 2018

Last ModifiedNov 21, 2024

Vulnerability Description

A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.

Affected Platforms (CPE)

💻

Intel

Converged Security Management Engine Firmware

>= 11.0 and <= 11.8.50

💻

Intel

Converged Security Management Engine Firmware

>= 11.10 and <= 11.11.50

💻

Intel

Converged Security Management Engine Firmware

>= 11.20 and <= 11.21.51

💻

Intel

Server Platform Services Firmware

< 4.0

💻

Intel

Trusted Execution Engine Firmware

>= 3.0 and <= 3.1.50

References & Advisories

🔗 https://security.netapp.com/advisory/ntap-20180924-0003/

🔗 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us

🔗 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html

🔗 https://security.netapp.com/advisory/ntap-20180924-0003/

🔗 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us

🔗 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html

Related Vulnerabilities

CVE-2018-36288.8

Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3....

CVE-2018-36438.2

A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engin...

CVE-2018-36326.7

Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x ...

CVE-2018-36296.5

Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3...