Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2018-3643

UNKNOWN
Published 2018-09-12T19:00:00Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2018-3643. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Intel Corporation

Intel(R) Converged Security and Management Engine (CSME) and Intel(R) Server Platform Services firmware

Affected Versions:

CSME versions before 12.0.6 or Server Platform Services firmware before version 4.x.04.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-vh4v-fp85-ffwc

Advisory Details

A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2018-3643
WEB https://security.netapp.com/advisory/ntap-20180924-0002
WEB https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us
WEB https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00131.html

Advisory provided by GitHub Security Advisory Database. Published: May 13, 2022, Modified: May 13, 2022

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00131.html
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03873en_us
https://security.netapp.com/advisory/ntap-20180924-0002/
Published: 2018-09-12T19:00:00Z
Last Modified: 2024-09-16T23:56:06.333Z
Copied to clipboard!