Lucene search
HistoryJul 10, 2018 - 9:29 p.m.
CVE-2018-3652
cve-2018-3652
uefi
intel xeon
processor
dci
debug interface
platform secrets
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.6 High
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
7.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
33.5%
Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces.
Affected configurations
Node
intelxeon_e3Match1505m_v6
ORintelxeon_e3Match1515m_v5
ORintelxeon_e3Match1535m_v5
ORintelxeon_e3Match1535m_v6
ORintelxeon_e3Match1545m_v5
ORintelxeon_e3Match1558l_v5
ORintelxeon_e3Match1565l_v5
ORintelxeon_e3Match1575m_v5
ORintelxeon_e3Match1578l_v5
ORintelxeon_e3Match1585_v5
ORintelxeon_e3Match1585l_v5
ORintelxeon_e3_1220_v5Match-
ORintelxeon_e3_1220_v6Match-
ORintelxeon_e3_1225_v5Match-
ORintelxeon_e3_1225_v6Match-
ORintelxeon_e3_1230_v5Match-
ORintelxeon_e3_1230_v6Match-
ORintelxeon_e3_1235l_v5Match-
ORintelxeon_e3_1240_v5Match-
ORintelxeon_e3_1240_v6Match-
ORintelxeon_e3_1240l_v5Match-
ORintelxeon_e3_1245_v5Match-
ORintelxeon_e3_1245_v6Match-
ORintelxeon_e3_1260l_v5Match-
ORintelxeon_e3_1268l_v5Match-
ORintelxeon_e3_1270_v5Match-
ORintelxeon_e3_1270_v6Match-
ORintelxeon_e3_1275_v5Match-
ORintelxeon_e3_1275_v6Match-
ORintelxeon_e3_1280_v5Match-
ORintelxeon_e3_1280_v6Match-
ORintelxeon_e3_1285_v6Match-
ORintelxeon_e3_1501l_v6Match-
ORintelxeon_e3_1501m_v6Match-
ORintelxeon_e3_1505l_v5Match-
ORintelxeon_e3_1505l_v6Match-
ORintelxeon_e3_1505m_v5Match-
Node
intelxeon_bronze_3104Match-
ORintelxeon_bronze_3106Match-
ORintelxeon_goldMatch5115
ORintelxeon_goldMatch5118
ORintelxeon_goldMatch5119t
ORintelxeon_goldMatch5120
ORintelxeon_goldMatch5120t
ORintelxeon_goldMatch5122
ORintelxeon_goldMatch6126
ORintelxeon_goldMatch6126f
ORintelxeon_goldMatch6126t
ORintelxeon_goldMatch6128
ORintelxeon_goldMatch6130
ORintelxeon_goldMatch6130f
ORintelxeon_goldMatch6130t
ORintelxeon_goldMatch6132
ORintelxeon_goldMatch6134
ORintelxeon_goldMatch6134m
ORintelxeon_goldMatch6136
ORintelxeon_goldMatch6138
ORintelxeon_goldMatch6138f
ORintelxeon_goldMatch6138p
ORintelxeon_goldMatch6138t
ORintelxeon_goldMatch6140
ORintelxeon_goldMatch6140m
ORintelxeon_goldMatch6142
ORintelxeon_goldMatch6142f
ORintelxeon_goldMatch6142m
ORintelxeon_goldMatch6144
ORintelxeon_goldMatch6146
ORintelxeon_goldMatch6148
ORintelxeon_goldMatch6148f
ORintelxeon_goldMatch6150
ORintelxeon_goldMatch6152
ORintelxeon_goldMatch6154
ORintelxeon_platinumMatch8153
ORintelxeon_platinumMatch8156
ORintelxeon_platinumMatch8158
ORintelxeon_platinumMatch8160
ORintelxeon_platinumMatch8160f
ORintelxeon_platinumMatch8160m
ORintelxeon_platinumMatch8160t
ORintelxeon_platinumMatch8164
ORintelxeon_platinumMatch8168
ORintelxeon_platinumMatch8170
ORintelxeon_platinumMatch8170m
ORintelxeon_platinumMatch8176
ORintelxeon_platinumMatch8176f
ORintelxeon_platinumMatch8176m
ORintelxeon_platinumMatch8180
ORintelxeon_platinumMatch8180m
ORintelxeon_silverMatch4108
ORintelxeon_silverMatch4109t
ORintelxeon_silverMatch4110
ORintelxeon_silverMatch4112
ORintelxeon_silverMatch4114
ORintelxeon_silverMatch4114t
ORintelxeon_silverMatch4116
ORintelxeon_silverMatch4116t
Node
intelxeonMatchd-1513n
ORintelxeonMatchd-1518
ORintelxeonMatchd-1520
ORintelxeonMatchd-1521
ORintelxeonMatchd-1523n
ORintelxeonMatchd-1527
ORintelxeonMatchd-1528
ORintelxeonMatchd-1529
ORintelxeonMatchd-1531
ORintelxeonMatchd-1533n
ORintelxeonMatchd-1537
ORintelxeonMatchd-1539
ORintelxeonMatchd-1540
ORintelxeonMatchd-1541
ORintelxeonMatchd-1543n
ORintelxeonMatchd-1548
ORintelxeonMatchd-1553n
ORintelxeonMatchd-1557
ORintelxeonMatchd-1559
ORintelxeonMatchd-1567
ORintelxeonMatchd-1571
ORintelxeonMatchd-1577
ORintelxeonMatchd-2123it
ORintelxeonMatchd-2141i
ORintelxeonMatchd-2142it
ORintelxeonMatchd-2143it
ORintelxeonMatchd-2145nt
ORintelxeonMatchd-2146nt
ORintelxeonMatchd-2161i
ORintelxeonMatchd-2163it
ORintelxeonMatchd-2166nt
ORintelxeonMatchd-2173it
ORintelxeonMatchd-2177nt
ORintelxeonMatchd-2183it
ORintelxeonMatchd-2187nt
Node
intelatom_cMatchc2308
ORintelatom_cMatchc2316
ORintelatom_cMatchc2338
ORintelatom_cMatchc2350
ORintelatom_cMatchc2358
ORintelatom_cMatchc2508
ORintelatom_cMatchc2516
ORintelatom_cMatchc2518
ORintelatom_cMatchc2530
ORintelatom_cMatchc2538
ORintelatom_cMatchc2550
ORintelatom_cMatchc2558
ORintelatom_cMatchc2718
ORintelatom_cMatchc2730
ORintelatom_cMatchc2738
ORintelatom_cMatchc2750
ORintelatom_cMatchc2758
ORintelatom_cMatchc3308
ORintelatom_cMatchc3336
ORintelatom_cMatchc3338
ORintelatom_cMatchc3508
ORintelatom_cMatchc3538
ORintelatom_cMatchc3558
ORintelatom_cMatchc3708
ORintelatom_cMatchc3750
ORintelatom_cMatchc3758
ORintelatom_cMatchc3808
ORintelatom_cMatchc3830
ORintelatom_cMatchc3850
ORintelatom_cMatchc3858
ORintelatom_cMatchc3950
ORintelatom_cMatchc3955
ORintelatom_cMatchc3958
CNA Affected
[
{
"product": "Intel Xeon Processor",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family"
}
]
}
]Related
hp
hp
HPSBHF03586 rev. 1 - DCI Policy Update
2018-07-06 00:00:00
prion
prion
Design/Logic Flaw
2018-07-10 21:29:00
cvelist
cvelist
CVE-2018-3652
2018-07-10 21:00:00
lenovo
lenovo
Intel DCI Policy Update - Lenovo Support US
2018-11-28 14:20:04
Intel DCI Policy Update - US
2018-11-28 14:20:04
nvd
nvd
CVE-2018-3652
2018-07-10 21:29:00
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.6 High
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
7.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
33.5%
Related for CVE-2018-3652