CVE-2018-12169

7.6HIGH

Key Information:

Vendor
Intel
Status
Core I3
Vendor
CVE Published:
21 September 2018

Summary

Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation Intel Core Processor contains a logic error which may allow physical attacker to potentially bypass firmware authentication.

References

http://www.securityfocus.com/bid/105387
vdb-entryx_refsource_BID
https://support.lenovo.com/us/en/solutions/LEN-20527
x_refsource_CONFIRM
https://edk2-docs.gitbooks.io/security-advisory/content/u...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.