QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-3643

Back to search

CVE-2018-3643

Published: Sep 12, 2018

Modified: Sep 16, 2024

PUBLISHED

Description

A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.

VendorProductVersions

Intel Corporation

Intel(R) Converged Security and Management Engine (CSME) and Intel(R) Server Platform Services firmware

affected
CSME versions before 12.0.6 or Server Platform Services firmware before version 4.x.04.

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now