PT-2019-1629 · Intel · Intel Server Platform Services

Published

2019-03-12

Updated

2019-04-04

CVE-2018-12198

CVSS v3.1

6.0

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Intel Server Platform Services versions prior to SPS E5 04.00.04.393.0

Description The issue is related to insufficient input validation in the HECI subsystem of Intel Server Platform Services, which may allow a privileged user to cause a denial of service via local access. This could potentially be exploited by an attacker to disrupt service.

Recommendations For versions prior to SPS E5 04.00.04.393.0, update to version SPS E5 04.00.04.393.0 or later to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2019-01176

CVE-2018-12198

Affected Products

Intel Server Platform Services

PT-2019-1629 · Intel · Intel Server Platform Services

CVE-2018-12198

Weakness Enumeration

Related Identifiers

Affected Products

References · 7