CVE-2018-3655

🗓️ 12 Sep 2018 19:29:02Reported by [email protected]Type

A vulnerability in Intel CSME, Server Platform Services, and Trusted Execution Engine Firmware may allow unauthorized access and information disclosure

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability of Microprogramming Software, including Intel Converged Security and Manageability Engine (CSME), Intel Server Platform Services (SPS), and Intel Trusted Execution Engine (TXE), arises due to privilege management errors, allowing attackers to disclose or modify protected information.	5 Oct 201800:00	–	bdu_fstec
CVE	CVE-2018-3655	12 Sep 201819:00	–	cve
Cvelist	CVE-2018-3655	12 Sep 201819:00	–	cvelist
EUVD	EUVD-2018-15509	7 Oct 202500:30	–	euvd
F5 Networks	K60381308: Intel CPU vulnerability CVE-2018-3655	21 Feb 202319:55	–	f5
Hewlett-Packard	HPSBHF03592 rev. 3 - Intel Converged Security and Management Engine (CSME) and Power Management Controller (PMC) Security Updates	11 Sep 201800:00	–	hp
Intel	Intel® CSME Assets Advisory	4 Jun 201900:00	–	intel
Lenovo	Intel CSME / SPS and TXE Vulnerabilities - Lenovo Support US	1 Oct 201819:13	–	lenovo
Lenovo	Intel CSME / SPS and TXE Vulnerabilities - US	20 Sep 201816:57	–	lenovo
Prion	Design/Logic Flaw	12 Sep 201819:29	–	prion

NVD

Node

intel converged_security_management_engine_firmwareRange11.0–11.8.50

intel converged_security_management_engine_firmwareRange11.10–11.11.50

intel converged_security_management_engine_firmwareRange11.20–11.21.51

Node

intel server_platform_services_firmwareRange<4.0

Node

intel trusted_execution_engine_firmwareRange3.0–3.1.50

Source	Link
security	www.security.netapp.com/advisory/ntap-20180924-0003/
support	www.support.hpe.com/hpsc/doc/public/display
intel	www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html

21 Nov 2024 04:05Current

7High risk

Vulners AI Score7

CVSS 23.6

CVSS 37.3

EPSS0.00173