1. Home
  2. CVE Database
  3. CVE-2018-12169
HIGH · 7.6

CVE-2018-12169

Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation I...

Vulnerability Description

Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation Intel Core Processor contains a logic error which may allow physical attacker to potentially bypass firmware authentication.

CVSS Score

7.6

HIGH

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
IntelCore I34000m
IntelCore I57y54
IntelCore I77y75
IntelCore I98950hk
LenovoThinkpad 11E-
LenovoThinkpad E480-
LenovoThinkpad E580-
LenovoThinkpad L380-
LenovoThinkpad L380 Yoga-
LenovoThinkpad L480-
LenovoThinkpad L580-
LenovoThinkpad P51-
LenovoThinkpad P51S-
LenovoThinkpad P52-
LenovoThinkpad P52S-
LenovoThinkpad P71-
LenovoThinkpad P72-
LenovoThinkpad T25-
LenovoThinkpad T470-
LenovoThinkpad T470P-

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2018-12169?

CVE-2018-12169 is a vulnerability with a CVSS score of 7.6 (HIGH). Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation I...

How severe is CVE-2018-12169?

CVE-2018-12169 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-12169?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Core I3, Intel Core I5, Intel Core I7, Intel Core I9, Lenovo Thinkpad 11E.