CVE-2018-12191 Information
Feb 14, 2021
cve
Description
Bounds check in Kernel subsystem in Intel CSME before version 11.8.60 11.11.60 11.22.60 or 12.0.20 or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174 or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.
CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Reference
https://security.netapp.com/advisory/ntap-20190318-0001/ https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03914en_us https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
CHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
7.6
Share on: