CVE-2018-3658
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Exploitability: 3.9 / Impact: 1.4
Source: NVD
Description
Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.
Affected (14)
Products: Siemens: Simatic Field Pg M5 Firmware, Simatic Ipc427e Firmware, Simatic Ipc477e Firmware, Simatic Ipc547e Firmware, Simatic Pc547g Firmware, Simatic Ipc627d Firmware, Simatic Ipc647d Firmware, Simatic Ipc677d Firmware, Simatic Ipc827d Firmware, Simatic Ipc847d Firmware, Simatic Itp1000 Firmware · Intel: Active Management Technology Firmware, Converged Security Management Engine Firmware, Manageability Engine Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 22.01.06 |
| Running on/with | Platform Versions |
|---|---|
Siemens Simatic Field Pg M5 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 21.01.09 |
| Running on/with | Platform Versions |
|---|---|
Siemens Simatic Ipc427e | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 21.01.09 |
| Running on/with | Platform Versions |
|---|---|
Siemens Simatic Ipc477e | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before r1.30.0 |
| Running on/with | Platform Versions |
|---|---|
Siemens Simatic Pc547e | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before r1.23.0 |
| Running on/with | Platform Versions |
|---|---|
Siemens Simatic Ipc547g | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 19.02.11 |
| Running on/with | Platform Versions |
|---|---|
Siemens Simatic Ipc627d | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 19.01.14 |
| Running on/with | Platform Versions |
|---|---|
Siemens Simatic Ipc647d | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 19.02.11 |
| Running on/with | Platform Versions |
|---|---|
Siemens Simatic Ipc677d | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 19.02.11 |
| Running on/with | Platform Versions |
|---|---|
Siemens Simatic Ipc827d | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 19.01.14 |
| Running on/with | Platform Versions |
|---|---|
Siemens Simatic Ipc847d | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 23.01.04 |
| Running on/with | Platform Versions |
|---|---|
Siemens Simatic Itp1000 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 12.0.5 | |
| From 11.0.0 to 12.0.5 | |
| From 9.0.0.0 to 11.0 |
References (12)
Source: secure@intel.com
PatchThird Party Advisory
Source: secure@intel.com
Third Party AdvisoryUS Government Resource
Source: secure@intel.com
Third Party Advisory
Source: secure@intel.com
Third Party Advisory
Source: secure@intel.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.