CVE-2018-3659

Published: Sep 12, 2018Modified: Nov 21, 2024

6.8

Vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.9 / Impact: 5.9

Source: NVD

Description

A vulnerability in Intel PTT module in Intel CSME firmware before version 12.0.5 and Intel TXE firmware before version 4.0 may allow an unauthenticated user to potentially disclose information via physical access.

Affected (2)

Products: Intel: Converged Security Management Engine Firmware, Trusted Execution Engine Firmware

Intel

2 products

Converged Security Management Engine Firmware

Trusted Execution Engine Firmware

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Intel Converged Security Management Engine Firmware	Before 12.0.5

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Intel Trusted Execution Engine Firmware	Before 4.0

References (4)

https://security.netapp.com/advisory/ntap-20180924-0003/

Source: secure@intel.com

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00142.html

Source: secure@intel.com

Vendor Advisory

https://security.netapp.com/advisory/ntap-20180924-0003/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00142.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.