← Back

CVE-2018-3655

nvd nist
Published: Sep 12, 2018Modified: Nov 21, 2024

JSON object

Loading...
7.3
Vector
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Exploitability: 0.9 / Impact: 5.8
Source: NVD

Description

A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.

Affected (5)

Intel
3 products
Converged Security Management Engine Firmware
Server Platform Services Firmware
Trusted Execution Engine Firmware
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Intel
Converged Security Management Engine Firmware
From 11.0 to 11.8.50
Converged Security Management Engine Firmware
From 11.10 to 11.11.50
Converged Security Management Engine Firmware
From 11.20 to 11.21.51
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Server Platform Services Firmware
Before 4.0
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Trusted Execution Engine Firmware
From 3.0 to 3.1.50

References (6)

Source: secure@intel.com
Source: secure@intel.com
PatchThird Party Advisory
Source: secure@intel.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.