CVE-2018-12205

EUVD-2018-4183
Improper certificate validation in Platform Sample/ Silicon Reference firmware for 8th Generation Intel(R) Core(tm) Processor, 7th Generation Intel(R) Core(tm) Processor may allow an unauthenticated user to potentially enable an escalation of privilege via physical access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
Affected Products (NVD)
VendorProductVersion
intelplatform_sample_firmware
-
intelplatform_sample_firmware
-
intelsilicon_reference_firmware
-
intelsilicon_reference_firmware
-
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
intel-microcode
bionic
Fixed 3.20190514.0ubuntu0.18.04.2
released
cosmic
Fixed 3.20190514.0ubuntu0.18.10.1
released
disco
not-affected
trusty
Fixed 3.20190514.0ubuntu0.14.04.1
released
xenial
Fixed 3.20190514.0ubuntu0.16.04.1
released
Common Weakness Enumeration
References
https://security.netapp.com/advisory/ntap-20190318-0002/
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00191.html
https://security.netapp.com/advisory/ntap-20190318-0002/
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00191.html