CVE-2018-12192
Last modified
CVE-2018-12192 is a vulnerability of currently unknown severity. Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.. EPSS estimates a 0.47% chance of exploitation in the next 30 days.
Description
Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Intel | Converged Security Management Engine Firmware | >= 11.0, < 11.8.60 |
| Intel | Converged Security Management Engine Firmware | >= 11.10, < 11.11.60 |
| Intel | Converged Security Management Engine Firmware | >= 11.20, < 11.22.60 |
| Intel | Converged Security Management Engine Firmware | >= 12.0.0, < 12.0.20 |
| Intel | Server Platform Services Firmware | < sps_e5_04.00.04.393.0 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-12192?
How severe is CVE-2018-12192?
How do I fix CVE-2018-12192?
Are you affected by CVE-2018-12192?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST