Intel platforms, starting with Skylake, support a USB 3-based debugging interface (a.k.a. Direct Connect Interface or DCI), which, if enabled, allows inspection/modification of hardware configuration and memory. There is an existing UEFI setting restriction for DCI (Direct Connect Interface) in 5th and 6th generation Intel® Xeon® Processor E3 Family, Intel® Xeon® Scalable processors, and Intel® Xeon® Processor D Family, which allows a limited physical presence attacker to access platform secrets via debug interfaces. This vulnerability potentially affects platforms using the following processors: Intel® Xeon® Scalable processors Intel® Xeon® Processor E3 v6 Family (Kaby Lake) Intel® Xeon® Processor E3 v5 Family (Skylake) Intel® Xeon® Processor D Family (Skylake-D) Potentially affected products are not subject to this vulnerability if any of the following is true: EFI Secure Boot is enabled: This prevents the loading of malicious option ROMs. This also assumes the DCI Control setup field is equally protected. Boot Guard is enabled: Settings limit enabling of DCI capabilities. User Control through a UEFI variable has been disconnected from DCI Policy AND the DCI Policy has been set to disabled: This eliminates the ability to enable the DCI.
VULNERABILITY SUMMARY
Reference
|
Base Vector
|
Base Score
|
CVE-2018-3652
|
CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
|
7.3
|
PI
|
HP Printing and Imaging
|
HF
|
HP Hardware and Firmware
|
GN
|
HP General Software
|