Vulnerability Description
Improper certificate validation in Platform Sample/ Silicon Reference firmware for 8th Generation Intel(R) Core(tm) Processor, 7th Generation Intel(R) Core(tm) Processor may allow an unauthenticated user to potentially enable an escalation of privilege via physical access.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Platform Sample Firmware | - |
| Intel | Core I3 | 8100 |
| Intel | Core I5 | 8200y |
| Intel | Core I7 | 8086k |
| Intel | Silicon Reference Firmware | - |
Related Weaknesses (CWE)
References
- https://security.netapp.com/advisory/ntap-20190318-0002/
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpe
- https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00191.Vendor Advisory
- https://security.netapp.com/advisory/ntap-20190318-0002/
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpe
- https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00191.Vendor Advisory
FAQ
What is CVE-2018-12205?
CVE-2018-12205 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Improper certificate validation in Platform Sample/ Silicon Reference firmware for 8th Generation Intel(R) Core(tm) Processor, 7th Generation Intel(R) Core(tm) Processor may allow an unauthenticated u...
How severe is CVE-2018-12205?
CVE-2018-12205 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-12205?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Platform Sample Firmware, Intel Core I3, Intel Core I5, Intel Core I7, Intel Silicon Reference Firmware.