High severity8.2NVD Advisory· Published Sep 12, 2018· Updated Jun 17, 2026
CVE-2018-3643
CVE-2018-3643
Description
A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: < 4.0.04
- Range: < 12.0.6
- Intel Corporation/Intel(R) Converged Security and Management Engine (CSME) and Intel(R) Server Platform Services firmwarev5Range: CSME versions before 12.0.6 or Server Platform Services firmware before version 4.x.04.
Patches
Vulnerability mechanics
References
3- support.hpe.com/hpsc/doc/public/displaynvdPatchThird Party Advisory
- security.netapp.com/advisory/ntap-20180924-0002/nvdThird Party Advisory
- www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00131.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.