Buffer Overflow in Intel Active Management Technology Affects Multiple Firmware Versions
CVE-2018-3629

6.5MEDIUM

Key Information:

Vendor

Intel
Status
Intel Active Management Technology
Vendor
CVE Published:
10 July 2018

What is CVE-2018-3629?

A buffer overflow vulnerability exists in the event handler of Intel Active Management Technology across multiple firmware versions, ranging from 3.x to 11.x. This flaw may allow an attacker within the same subnet to exploit the vulnerability, potentially leading to a denial of service. It highlights the need for organizations to ensure firmware is kept up-to-date and to implement network security measures to mitigate risks from potential attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Intel Active Management Technology 3.x,4.x,5.x,6.x,7.x,8.x,9.x,10.x,11.x

References

http://www.securitytracker.com/id/1041362
vdb-entryx_refsource_SECTRACK
https://www.intel.com/content/www/us/en/security-center/a...
x_refsource_CONFIRM
https://support.hpe.com/hpsc/doc/public/display?docLocale...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.