CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2018-3655

HIGH
7.3
CVSS Severity Score
EPSS Score0.0060%
EPSS Percentile19.97th
Published2018年9月12日
Last Modified2024年11月21日

Vulnerability Description

A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.

Affected Platforms (CPE)

💻
Intel

Converged Security Management Engine Firmware

>= 11.0 and <= 11.8.50
💻
Intel

Converged Security Management Engine Firmware

>= 11.10 and <= 11.11.50
💻
Intel

Converged Security Management Engine Firmware

>= 11.20 and <= 11.21.51
💻
Intel

Server Platform Services Firmware

< 4.0
💻
Intel

Trusted Execution Engine Firmware

>= 3.0 and <= 3.1.50

References & Advisories

🔗 https://security.netapp.com/advisory/ntap-20180924-0003/
🔗 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us
🔗 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html
🔗 https://security.netapp.com/advisory/ntap-20180924-0003/
🔗 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us
🔗 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html

相關漏洞威脅

CVE-2018-36288.8

Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3....

CVE-2018-36438.2

A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engin...

CVE-2018-36326.7

Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x ...

CVE-2018-36296.5

Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3...