CVE-2018-3658

MEDIUM

Siemens Simatic Field PG M5 Firmware < 22.01.06 - Resource Leak

Title source: rule
STIX 2.1

Description

Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.

References (6)

Scores

CVSS v3 5.3
EPSS 0.0113
EPSS Percentile 78.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Details

CWE
CWE-772
Status published
Products (14)
intel/active_management_technology_firmware < 12.0.5
intel/converged_security_management_engine_firmware 11.0.0 - 12.0.5
intel/manageability_engine_firmware 9.0.0.0 - 11.0
siemens/simatic_field_pg_m5_firmware < 22.01.06
siemens/simatic_ipc427e_firmware < 21.01.09
siemens/simatic_ipc477e_firmware < 21.01.09
siemens/simatic_ipc547e_firmware < r1.30.0
siemens/simatic_ipc627d_firmware < 19.02.11
siemens/simatic_ipc647d_firmware < 19.01.14
siemens/simatic_ipc677d_firmware < 19.02.11
... and 4 more
Published Sep 12, 2018
Tracked Since Feb 18, 2026