CVE Vulnerabilities

CVE-2018-12205

Improper Certificate Validation

Published: Mar 14, 2019 | Modified: Nov 21, 2024
CVSS 3.x
6.8
MEDIUM
Source:
NVD
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

Improper certificate validation in Platform Sample/ Silicon Reference firmware for 8th Generation Intel(R) Core(tm) Processor, 7th Generation Intel(R) Core(tm) Processor may allow an unauthenticated user to potentially enable an escalation of privilege via physical access.

Weakness

The product does not validate, or incorrectly validates, a certificate.

Affected Software

Name Vendor Start Version End Version
Platform_sample_firmware Intel - (including) - (including)
Intel-microcode Ubuntu bionic *
Intel-microcode Ubuntu cosmic *
Intel-microcode Ubuntu trusty *
Intel-microcode Ubuntu xenial *

Potential Mitigations

References