CVE-2018-3627

8.2HIGH

Key Information:

Vendor
Intel
Status
Intel Converged Security Management Engine (intel Csme)
Vendor
CVE Published:
10 July 2018

Summary

Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.

Affected Version(s)

Intel Converged Security Management Engine (Intel CSME) 11.x

References

https://www.intel.com/content/www/us/en/security-center/a...
x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20190327-0006/
x_refsource_CONFIRM

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.