» 2018 » 7월

CVE-2018-3682

Posted on 2018년 7월 11일2018년 7월 11일 by admin

CVE-2018-3682

BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized readwrites to the SMBUS.

Source: CVE-2018-3682

CVE-2018-3693

Posted on 2018년 7월 11일2018년 7월 11일 by admin

CVE-2018-3693

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.

Source: CVE-2018-3693

CVE-2018-3668

Posted on 2018년 7월 11일2018년 7월 11일 by admin

CVE-2018-3668

Unquoted service paths in Intel Processor Diagnostic Tool (IPDT) before version 4.1.0.27 allows a local attacker to potentially execute arbitrary code.

Source: CVE-2018-3668

CVE-2018-3688

Posted on 2018년 7월 11일2018년 7월 11일 by admin

CVE-2018-3688

Unquoted service paths in Intel Quartus Prime Programmer and Tools in versions 15.1 – 18.0 allow a local attacker to potentially execute arbitrary code.

Source: CVE-2018-3688

CVE-2018-3667

Posted on 2018년 7월 11일2018년 7월 11일 by admin

CVE-2018-3667

Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed files incorrectly, allowing for execution of arbitrary code and potential privilege escalation.

Source: CVE-2018-3667

CVE-2018-3687

Posted on 2018년 7월 11일2018년 7월 11일 by admin

CVE-2018-3687

Unquoted service paths in Intel Quartus II Programmer and Tools in versions 11.0 – 15.0 allow a local attacker to potentially execute arbitrary code.

Source: CVE-2018-3687

CVE-2018-3684

Posted on 2018년 7월 11일2018년 7월 11일 by admin

CVE-2018-3684

Unquoted service paths in Intel Quartus II in versions 11.0 – 15.0 allow a local attacker to potentially execute arbitrary code.

Source: CVE-2018-3684

CVE-2018-3619

Posted on 2018년 7월 11일2018년 7월 11일 by admin

CVE-2018-3619

Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access.

Source: CVE-2018-3619

CVE-2018-3629

Posted on 2018년 7월 11일2018년 7월 11일 by admin

CVE-2018-3629

Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to cause a denial of service via the same subnet.

Source: CVE-2018-3629

CVE-2018-3652

Posted on 2018년 7월 11일2018년 7월 11일 by admin

CVE-2018-3652

Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces.

Source: CVE-2018-3652