CVE-2018-12205
MEDIUMIntel Platform Sample/Silicon Reference Firmware - Improper Certificate Validation
Title source: llmDescription
Improper certificate validation in Platform Sample/ Silicon Reference firmware for 8th Generation Intel(R) Core(tm) Processor, 7th Generation Intel(R) Core(tm) Processor may allow an unauthenticated user to potentially enable an escalation of privilege via physical access.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00191.html
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20190318-0002/
Vendor Advisory x_refsource_confirm
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us
Scores
CVSS v3
6.8
EPSS
0.0013
EPSS Percentile
31.4%
Attack Vector
PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-295
Status
published
Products (2)
intel/platform_sample_firmware
intel/silicon_reference_firmware
Published
Mar 14, 2019
Tracked Since
Feb 18, 2026