Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-3652

Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces.

Security Impact Summary

This vulnerability carries a HIGH severity rating with a CVSS v3.1 score of 7.6, with relatively low complexity without requiring user interaction and does not require pre-existing privileges . The vulnerability impacts confidentiality (data exposure), integrity (unauthorized modifications), and availability (service disruption) for affected systems. Impacting 34 products from intel, from intel, from intel and 31 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

First disclosed in 2018, this vulnerability was reported during a period defined by widespread IoT adoption challenges, mobile security concerns, and the emergence of advanced persistent threat (APT) techniques. Contemporary mitigation strategies focused on secure development practices and third-party component vetting.

Published

2018-07-10T21:29:00.983

Last Modified

2024-11-21T04:05:50.563

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.6 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

  • Access Vector: LOCAL
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

3.9

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-200
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Hardware intel xeon_e3 1505m_v6 Yes
Hardware intel xeon_e3 1515m_v5 Yes
Hardware intel xeon_e3 1535m_v5 Yes
Hardware intel xeon_e3 1535m_v6 Yes
Hardware intel xeon_e3 1545m_v5 Yes
Hardware intel xeon_e3 1558l_v5 Yes
Hardware intel xeon_e3 1565l_v5 Yes
Hardware intel xeon_e3 1575m_v5 Yes
Hardware intel xeon_e3 1578l_v5 Yes
Hardware intel xeon_e3 1585_v5 Yes
Hardware intel xeon_e3 1585l_v5 Yes
Hardware intel xeon_e3_1220_v5 - Yes
Hardware intel xeon_e3_1220_v6 - Yes
Hardware intel xeon_e3_1225_v5 - Yes
Hardware intel xeon_e3_1225_v6 - Yes
Hardware intel xeon_e3_1230_v5 - Yes
Hardware intel xeon_e3_1230_v6 - Yes
Hardware intel xeon_e3_1235l_v5 - Yes
Hardware intel xeon_e3_1240_v5 - Yes
Hardware intel xeon_e3_1240_v6 - Yes
Hardware intel xeon_e3_1240l_v5 - Yes
Hardware intel xeon_e3_1245_v5 - Yes
Hardware intel xeon_e3_1245_v6 - Yes
Hardware intel xeon_e3_1260l_v5 - Yes
Hardware intel xeon_e3_1268l_v5 - Yes
Hardware intel xeon_e3_1270_v5 - Yes
Hardware intel xeon_e3_1270_v6 - Yes
Hardware intel xeon_e3_1275_v5 - Yes
Hardware intel xeon_e3_1275_v6 - Yes
Hardware intel xeon_e3_1280_v5 - Yes
Hardware intel xeon_e3_1280_v6 - Yes
Hardware intel xeon_e3_1285_v6 - Yes
Hardware intel xeon_e3_1501l_v6 - Yes
Hardware intel xeon_e3_1501m_v6 - Yes
Hardware intel xeon_e3_1505l_v5 - Yes
Hardware intel xeon_e3_1505l_v6 - Yes
Hardware intel xeon_e3_1505m_v5 - Yes
Hardware intel xeon_bronze_3104 - Yes
Hardware intel xeon_bronze_3106 - Yes
Hardware intel xeon_gold 5115 Yes
Hardware intel xeon_gold 5118 Yes
Hardware intel xeon_gold 5119t Yes
Hardware intel xeon_gold 5120 Yes
Hardware intel xeon_gold 5120t Yes
Hardware intel xeon_gold 5122 Yes
Hardware intel xeon_gold 6126 Yes
Hardware intel xeon_gold 6126f Yes
Hardware intel xeon_gold 6126t Yes
Hardware intel xeon_gold 6128 Yes
Hardware intel xeon_gold 6130 Yes
Hardware intel xeon_gold 6130f Yes
Hardware intel xeon_gold 6130t Yes
Hardware intel xeon_gold 6132 Yes
Hardware intel xeon_gold 6134 Yes
Hardware intel xeon_gold 6134m Yes
Hardware intel xeon_gold 6136 Yes
Hardware intel xeon_gold 6138 Yes
Hardware intel xeon_gold 6138f Yes
Hardware intel xeon_gold 6138p Yes
Hardware intel xeon_gold 6138t Yes
Hardware intel xeon_gold 6140 Yes
Hardware intel xeon_gold 6140m Yes
Hardware intel xeon_gold 6142 Yes
Hardware intel xeon_gold 6142f Yes
Hardware intel xeon_gold 6142m Yes
Hardware intel xeon_gold 6144 Yes
Hardware intel xeon_gold 6146 Yes
Hardware intel xeon_gold 6148 Yes
Hardware intel xeon_gold 6148f Yes
Hardware intel xeon_gold 6150 Yes
Hardware intel xeon_gold 6152 Yes
Hardware intel xeon_gold 6154 Yes
Hardware intel xeon_platinum 8153 Yes
Hardware intel xeon_platinum 8156 Yes
Hardware intel xeon_platinum 8158 Yes
Hardware intel xeon_platinum 8160 Yes
Hardware intel xeon_platinum 8160f Yes
Hardware intel xeon_platinum 8160m Yes
Hardware intel xeon_platinum 8160t Yes
Hardware intel xeon_platinum 8164 Yes
Hardware intel xeon_platinum 8168 Yes
Hardware intel xeon_platinum 8170 Yes
Hardware intel xeon_platinum 8170m Yes
Hardware intel xeon_platinum 8176 Yes
Hardware intel xeon_platinum 8176f Yes
Hardware intel xeon_platinum 8176m Yes
Hardware intel xeon_platinum 8180 Yes
Hardware intel xeon_platinum 8180m Yes
Hardware intel xeon_silver 4108 Yes
Hardware intel xeon_silver 4109t Yes
Hardware intel xeon_silver 4110 Yes
Hardware intel xeon_silver 4112 Yes
Hardware intel xeon_silver 4114 Yes
Hardware intel xeon_silver 4114t Yes
Hardware intel xeon_silver 4116 Yes
Hardware intel xeon_silver 4116t Yes
Hardware intel xeon d-1513n Yes
Hardware intel xeon d-1518 Yes
Hardware intel xeon d-1520 Yes
Hardware intel xeon d-1521 Yes
Hardware intel xeon d-1523n Yes
Hardware intel xeon d-1527 Yes
Hardware intel xeon d-1528 Yes
Hardware intel xeon d-1529 Yes
Hardware intel xeon d-1531 Yes
Hardware intel xeon d-1533n Yes
Hardware intel xeon d-1537 Yes
Hardware intel xeon d-1539 Yes
Hardware intel xeon d-1540 Yes
Hardware intel xeon d-1541 Yes
Hardware intel xeon d-1543n Yes
Hardware intel xeon d-1548 Yes
Hardware intel xeon d-1553n Yes
Hardware intel xeon d-1557 Yes
Hardware intel xeon d-1559 Yes
Hardware intel xeon d-1567 Yes
Hardware intel xeon d-1571 Yes
Hardware intel xeon d-1577 Yes
Hardware intel xeon d-2123it Yes
Hardware intel xeon d-2141i Yes
Hardware intel xeon d-2142it Yes
Hardware intel xeon d-2143it Yes
Hardware intel xeon d-2145nt Yes
Hardware intel xeon d-2146nt Yes
Hardware intel xeon d-2161i Yes
Hardware intel xeon d-2163it Yes
Hardware intel xeon d-2166nt Yes
Hardware intel xeon d-2173it Yes
Hardware intel xeon d-2177nt Yes
Hardware intel xeon d-2183it Yes
Hardware intel xeon d-2187nt Yes
Hardware intel atom_c c2308 Yes
Hardware intel atom_c c2316 Yes
Hardware intel atom_c c2338 Yes
Hardware intel atom_c c2350 Yes
Hardware intel atom_c c2358 Yes
Hardware intel atom_c c2508 Yes
Hardware intel atom_c c2516 Yes
Hardware intel atom_c c2518 Yes
Hardware intel atom_c c2530 Yes
Hardware intel atom_c c2538 Yes
Hardware intel atom_c c2550 Yes
Hardware intel atom_c c2558 Yes
Hardware intel atom_c c2718 Yes
Hardware intel atom_c c2730 Yes
Hardware intel atom_c c2738 Yes
Hardware intel atom_c c2750 Yes
Hardware intel atom_c c2758 Yes
Hardware intel atom_c c3308 Yes
Hardware intel atom_c c3336 Yes
Hardware intel atom_c c3338 Yes
Hardware intel atom_c c3508 Yes
Hardware intel atom_c c3538 Yes
Hardware intel atom_c c3558 Yes
Hardware intel atom_c c3708 Yes
Hardware intel atom_c c3750 Yes
Hardware intel atom_c c3758 Yes
Hardware intel atom_c c3808 Yes
Hardware intel atom_c c3830 Yes
Hardware intel atom_c c3850 Yes
Hardware intel atom_c c3858 Yes
Hardware intel atom_c c3950 Yes
Hardware intel atom_c c3955 Yes
Hardware intel atom_c c3958 Yes
References

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For intel's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.