CVE-2018-3652

Name: CVE-2018-3652
Creator: NVD / NIST
Published: 2018-07-10T21:29:00.983+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.6/10EPSS 0.36%

Last modified Jun 17, 2026

CVE-2018-3652 is a high-severity vulnerability rated 7.6/10 on the CVSS scale. Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces.. EPSS estimates a 0.36% chance of exploitation in the next 30 days.

Description

Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces.

Metrics

CVSS 3.1

7.6/10

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

EPSS Probability

0.36%

28.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-200

Affected Software

Vendor	Product	Versions
Intel	Xeon E3	1505m_v6
Intel	Xeon E3	1515m_v5
Intel	Xeon E3	1535m_v5
Intel	Xeon E3	1535m_v6
Intel	Xeon E3	1545m_v5
Intel	Xeon E3	1558l_v5
Intel	Xeon E3	1565l_v5
Intel	Xeon E3	1575m_v5
Intel	Xeon E3	1578l_v5
Intel	Xeon E3	1585_v5
Intel	Xeon E3	1585l_v5
Intel	Xeon E3 1220 V5	All versions
Intel	Xeon E3 1220 V6	All versions
Intel	Xeon E3 1225 V5	All versions
Intel	Xeon E3 1225 V6	All versions
Intel	Xeon E3 1230 V5	All versions
Intel	Xeon E3 1230 V6	All versions
Intel	Xeon E3 1235l V5	All versions
Intel	Xeon E3 1240 V5	All versions
Intel	Xeon E3 1240 V6	All versions
Intel	Xeon E3 1240l V5	All versions
Intel	Xeon E3 1245 V5	All versions
Intel	Xeon E3 1245 V6	All versions
Intel	Xeon E3 1260l V5	All versions
Intel	Xeon E3 1268l V5	All versions
Intel	Xeon E3 1270 V5	All versions
Intel	Xeon E3 1270 V6	All versions
Intel	Xeon E3 1275 V5	All versions
Intel	Xeon E3 1275 V6	All versions
Intel	Xeon E3 1280 V5	All versions
Intel	Xeon E3 1280 V6	All versions
Intel	Xeon E3 1285 V6	All versions
Intel	Xeon E3 1501l V6	All versions
Intel	Xeon E3 1501m V6	All versions
Intel	Xeon E3 1505l V5	All versions
Intel	Xeon E3 1505l V6	All versions
Intel	Xeon E3 1505m V5	All versions
Intel	Xeon Bronze 3104	All versions
Intel	Xeon Bronze 3106	All versions
Intel	Xeon Gold	5115
Intel	Xeon Gold	5118
Intel	Xeon Gold	5119t
Intel	Xeon Gold	5120
Intel	Xeon Gold	5120t
Intel	Xeon Gold	5122
Intel	Xeon Gold	6126
Intel	Xeon Gold	6126f
Intel	Xeon Gold	6126t
Intel	Xeon Gold	6128
Intel	Xeon Gold	6130

Showing 50 of 164 affected configurations. See NVD for the full list.

References

https://security.netapp.com/advisory/ntap-20180802-0001/Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00127.htmlMitigation, Vendor Advisory
https://security.netapp.com/advisory/ntap-20180802-0001/Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00127.htmlMitigation, Vendor Advisory

Timeline

Published: Jul 10, 2018
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2018-3652?

How severe is CVE-2018-3652?

CVE-2018-3652 has a CVSS score of 7.6/10 (HIGH severity). The EPSS model estimates a 0.36% probability of exploitation in the next 30 days.

How do I fix CVE-2018-3652?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-3652?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST