安全研究
安全漏洞
Intel Converged Security Management Engine缓冲区溢出漏洞 (CVE-2018-3628)
发布日期:2017-12-28
更新日期:2018-07-24
受影响系统:Intel Converged Security Management Engine 9.x
Intel Converged Security Management Engine 8.x
Intel Converged Security Management Engine 7.x
Intel Converged Security Management Engine 6.x
Intel Converged Security Management Engine 5.x
Intel Converged Security Management Engine 4.x
Intel Converged Security Management Engine 3.x
Intel Converged Security Management Engine 11.x
Intel Converged Security Management Engine 10.x
Intel Converged Security Management Engine
描述:
CVE(CAN) ID:
CVE-2018-3628
Intel Converged Security Management Engine是一个自主运行的子系统,自2008年起被纳入几乎所有的英特尔处理器芯片。
Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, 11.x版本,在Active Management Technology的HTTP处理器实现上存在缓冲区溢出漏洞,可使攻击者通过同一子集,执行任意代码。
<*来源:vendor
*>
建议:
厂商补丁:
Intel
-----
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00112.html浏览次数:1941
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障 |
