Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-3627

Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.

Published

2018-07-10T21:29:00.810

Last Modified

2024-11-21T04:05:47.670

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.2 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

3.9

Impact Score

6.4

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	intel	converged_security_management_engine_firmware	11.0	Yes
Hardware	intel	core_i3	6006u	No
Hardware	intel	core_i3	6098p	No
Hardware	intel	core_i3	6100	No
Hardware	intel	core_i3	6100e	No
Hardware	intel	core_i3	6100h	No
Hardware	intel	core_i3	6100t	No
Hardware	intel	core_i3	6100te	No
Hardware	intel	core_i3	6100u	No
Hardware	intel	core_i3	6102e	No
Hardware	intel	core_i3	6157u	No
Hardware	intel	core_i3	6167u	No
Hardware	intel	core_i3	6300	No
Hardware	intel	core_i3	6300t	No
Hardware	intel	core_i3	6320	No
Hardware	intel	core_i3	7020u	No
Hardware	intel	core_i3	7100	No
Hardware	intel	core_i3	7100e	No
Hardware	intel	core_i3	7100h	No
Hardware	intel	core_i3	7100t	No
Hardware	intel	core_i3	7100u	No
Hardware	intel	core_i3	7101e	No
Hardware	intel	core_i3	7101te	No
Hardware	intel	core_i3	7102e	No
Hardware	intel	core_i3	7130u	No
Hardware	intel	core_i3	7167u	No
Hardware	intel	core_i3	7300	No
Hardware	intel	core_i3	7300t	No
Hardware	intel	core_i3	7320	No
Hardware	intel	core_i3	7350k	No
Hardware	intel	core_i3	8100	No
Hardware	intel	core_i3	8100h	No
Hardware	intel	core_i3	8100t	No
Hardware	intel	core_i3	8109u	No
Hardware	intel	core_i3	8130u	No
Hardware	intel	core_i3	8145u	No
Hardware	intel	core_i3	8300	No
Hardware	intel	core_i3	8300t	No
Hardware	intel	core_i3	8350k	No
Operating System	intel	converged_security_management_engine_firmware	11.0	Yes
Hardware	intel	core_i5	7y54	No
Hardware	intel	core_i5	7y57	No
Hardware	intel	core_i5	6200u	No
Hardware	intel	core_i5	6260u	No
Hardware	intel	core_i5	6267u	No
Hardware	intel	core_i5	6287u	No
Hardware	intel	core_i5	6300hq	No
Hardware	intel	core_i5	6300u	No
Hardware	intel	core_i5	6350hq	No
Hardware	intel	core_i5	6360u	No
Hardware	intel	core_i5	6400	No
Hardware	intel	core_i5	6400t	No
Hardware	intel	core_i5	6402p	No
Hardware	intel	core_i5	6440eq	No
Hardware	intel	core_i5	6440hq	No
Hardware	intel	core_i5	6442eq	No
Hardware	intel	core_i5	6500	No
Hardware	intel	core_i5	6500t	No
Hardware	intel	core_i5	6500te	No
Hardware	intel	core_i5	6585r	No
Hardware	intel	core_i5	6600	No
Hardware	intel	core_i5	6600k	No
Hardware	intel	core_i5	6600t	No
Hardware	intel	core_i5	6685r	No
Hardware	intel	core_i5	7200u	No
Hardware	intel	core_i5	7260u	No
Hardware	intel	core_i5	7267u	No
Hardware	intel	core_i5	7287u	No
Hardware	intel	core_i5	7300hq	No
Hardware	intel	core_i5	7300u	No
Hardware	intel	core_i5	7360u	No
Hardware	intel	core_i5	7400	No
Hardware	intel	core_i5	7400t	No
Hardware	intel	core_i5	7440eq	No
Hardware	intel	core_i5	7440hq	No
Hardware	intel	core_i5	7442eq	No
Hardware	intel	core_i5	7500	No
Hardware	intel	core_i5	7500t	No
Hardware	intel	core_i5	7600	No
Hardware	intel	core_i5	7600k	No
Hardware	intel	core_i5	7600t	No
Hardware	intel	core_i5	8200y	No
Hardware	intel	core_i5	8250u	No
Hardware	intel	core_i5	8259u	No
Hardware	intel	core_i5	8265u	No
Hardware	intel	core_i5	8269u	No
Hardware	intel	core_i5	8300h	No
Hardware	intel	core_i5	8305g	No
Hardware	intel	core_i5	8350u	No
Hardware	intel	core_i5	8400	No
Hardware	intel	core_i5	8400b	No
Hardware	intel	core_i5	8400h	No
Hardware	intel	core_i5	8400t	No
Hardware	intel	core_i5	8500	No
Hardware	intel	core_i5	8500b	No
Hardware	intel	core_i5	8500t	No
Hardware	intel	core_i5	8600	No
Hardware	intel	core_i5	8600k	No
Hardware	intel	core_i5	8600t	No
Operating System	intel	converged_security_management_engine_firmware	11.0	Yes
Hardware	intel	core_i7	7y75	No
Hardware	intel	core_i7	6500u	No
Hardware	intel	core_i7	6560u	No
Hardware	intel	core_i7	6567u	No
Hardware	intel	core_i7	6600u	No
Hardware	intel	core_i7	6650u	No
Hardware	intel	core_i7	6660u	No
Hardware	intel	core_i7	6700	No
Hardware	intel	core_i7	6700hq	No
Hardware	intel	core_i7	6700k	No
Hardware	intel	core_i7	6700t	No
Hardware	intel	core_i7	6700te	No
Hardware	intel	core_i7	6770hq	No
Hardware	intel	core_i7	6785r	No
Hardware	intel	core_i7	6820eq	No
Hardware	intel	core_i7	6820hk	No
Hardware	intel	core_i7	6820hq	No
Hardware	intel	core_i7	6822eq	No
Hardware	intel	core_i7	6870hq	No
Hardware	intel	core_i7	6920hq	No
Hardware	intel	core_i7	6970hq	No
Hardware	intel	core_i7	7500u	No
Hardware	intel	core_i7	7560u	No
Hardware	intel	core_i7	7567u	No
Hardware	intel	core_i7	7600u	No
Hardware	intel	core_i7	7660u	No
Hardware	intel	core_i7	7700	No
Hardware	intel	core_i7	7700hq	No
Hardware	intel	core_i7	7700k	No
Hardware	intel	core_i7	7700t	No
Hardware	intel	core_i7	7820eq	No
Hardware	intel	core_i7	7820hk	No
Hardware	intel	core_i7	7820hq	No
Hardware	intel	core_i7	7920hq	No
Hardware	intel	core_i7	8086k	No
Hardware	intel	core_i7	8500y	No
Hardware	intel	core_i7	8550u	No
Hardware	intel	core_i7	8559u	No
Hardware	intel	core_i7	8565u	No
Hardware	intel	core_i7	8650u	No
Hardware	intel	core_i7	8700	No
Hardware	intel	core_i7	8700b	No
Hardware	intel	core_i7	8700k	No
Hardware	intel	core_i7	8700t	No
Hardware	intel	core_i7	8705g	No
Hardware	intel	core_i7	8706g	No
Hardware	intel	core_i7	8709g	No
Hardware	intel	core_i7	8750h	No
Hardware	intel	core_i7	8809g	No
Hardware	intel	core_i7	8850h	No
Operating System	intel	converged_security_management_engine_firmware	11.0	Yes
Hardware	intel	core_i9	8950hk	No
Operating System	intel	converged_security_management_engine_firmware	11.0	Yes
Hardware	intel	xeon_e3_1220_v5	-	No
Hardware	intel	xeon_e3_1220_v6	-	No
Hardware	intel	xeon_e3_1225_v5	-	No
Hardware	intel	xeon_e3_1225_v6	-	No
Hardware	intel	xeon_e3_1230_v5	-	No
Hardware	intel	xeon_e3_1230_v6	-	No
Hardware	intel	xeon_e3_1235l_v5	-	No
Hardware	intel	xeon_e3_1240_v5	-	No
Hardware	intel	xeon_e3_1240_v6	-	No
Hardware	intel	xeon_e3_1240l_v5	-	No
Hardware	intel	xeon_e3_1245_v5	-	No
Hardware	intel	xeon_e3_1245_v6	-	No
Hardware	intel	xeon_e3_1260l_v5	-	No
Hardware	intel	xeon_e3_1270_v5	-	No
Hardware	intel	xeon_e3_1270_v6	-	No
Hardware	intel	xeon_e3_1275_v6	-	No
Hardware	intel	xeon_e3_1280_v5	-	No
Hardware	intel	xeon_e3_1280_v6	-	No
Hardware	intel	xeon_e3_1285_v6	-	No
Operating System	intel	converged_security_management_engine_firmware	11.0	Yes
Hardware	intel	xeon_w	2123	No
Hardware	intel	xeon_w	2125	No
Hardware	intel	xeon_w	2133	No
Hardware	intel	xeon_w	2135	No
Hardware	intel	xeon_w	2145	No
Hardware	intel	xeon_w	2155	No
Hardware	intel	xeon_w	2175	No
Hardware	intel	xeon_w	2195	No
Application	netapp	element_software_management_node	-	Yes

References

https://security.netapp.com/advisory/ntap-20190327-0006/ Third Party Advisory ([email protected])
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html Vendor Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20190327-0006/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)