4.6
CVSSv2

CVE-2018-3643

Published: 12/09/2018 Updated: 03/10/2019
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 8.2 | Impact Score: 6 | Exploitability Score: 1.5
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

intel server platform services firmware

intel converged security management engine firmware

Vendor Advisories

Potential security vulnerabilities with Intel CSME firmware and PMC firmware have been identified that could potentially place impacted platforms at risk ...
Potential security vulnerabilities with Intel CSME firmware and PMC firmware have been identified that could potentially place impacted platforms at risk ...