cvedb.io
CVE-2018-3643
HIGH · CVSS 8.2
EPSS exploitation probability: 0%
Published 2018-09-12T19:29:02.557 · Last modified 2026-06-17T01:57:37.033

Summary

A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.

Affected products

intel — converged_security_management_engine_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when intel ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.