Logic Bug in Intel Converged Security Management Engine Leading to Code Execution
CVE-2018-3627

8.2HIGH

Key Information:

Vendor
Intel
Vendor
CVE Published:
10 July 2018

Summary

A logic bug exists in Intel's Converged Security Management Engine 11.x that may enable an adversary with local privileged access to execute arbitrary code. This vulnerability can pose significant risks to system integrity and confidentiality, highlighting the importance of ensuring that systems are adequately secured and regularly updated.

Affected Version(s)

Intel Converged Security Management Engine (Intel CSME) 11.x

References

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.