CVE-2018-12192

Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.

Published : 2019-03-14 20:29 Updated : 2019-03-21 16:00

7.2
CVSS Score More info
Score 7.2 / 10
7.2
Vendor Product Version URI
Intel Converged Security Management Engine Firmware 12.0.5 cpe:/o:intel:converged_security_management_engine_firmware:12.0.5
  1. Intel (1) Search CVE
    1. Converged Security Management Engine Firmware (1) Search CVE
      1. 12.0.5

CWE

ID Name Description Links
CWE-287 Improper Authentication When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct. CVE

History of changes

Date Event
2019-03-21 16:00
2019-03-15 15:06
2019-03-14 20:29

New CVE