Vulnerability Details CVE-2018-12196
Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.9%
CVSS Severity
CVSS v3 Score 6.7
CVSS v2 Score 4.6
References
Products affected by CVE-2018-12196
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.10
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.11.50
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.11.55
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.20
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.21.51
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.22.0
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.8.50
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:11.8.55
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:12.0.0
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:12.0.10
-
cpe:2.3:o:intel:converged_security_management_engine_firmware:12.0.5