返回 CVE 浏览器

CVE-2018-3643

HIGH

8.2

CVSS Severity Score

EPSS Score0.0030%

EPSS Percentile43.12th

Published2018年9月12日

Last Modified2024年11月21日

Vulnerability Description

A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.

Affected Platforms (CPE)

💻

Intel

Converged Security Management Engine Firmware

< 12.0.6

💻

Intel

Server Platform Services Firmware

< 4.00.04

References & Advisories

🔗 https://security.netapp.com/advisory/ntap-20180924-0002/

🔗 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us

🔗 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00131.html

🔗 https://security.netapp.com/advisory/ntap-20180924-0002/

🔗 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us

🔗 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00131.html

相关漏洞威胁

CVE-2018-36288.8

Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3....

CVE-2018-36326.7

Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x ...

CVE-2018-36296.5

Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...