What is CVE-2018-12169?

CVE-2018-12169 is a high-severity vulnerability in Intel Core_i3, classified under Improper Authentication. CVSS score: 7.6/10. Published 2018-09-21.

How severe is CVE-2018-12169?

High severity. CVSS v3 base score is 7.6 out of 10.

Auth bypass in Intel Core_i3

CVE-2018-12169

Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation Intel Core Processor contains a logic er…

Vulnerability class: Broken Authentication

EPSS: 0.006 (41.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.6 (High). Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H.

Affected products

Intel Core_i3 — versions 4000m, 4005u, 4010u
Intel Core_i5 — versions 7y54, 7y57, 4200h
Intel Core_i7 — versions 7y75, 4500u, 4510u
Intel Core_i9 — versions 8950hk
Lenovo Thinkpad_11e
Lenovo Thinkpad_e480
Lenovo Thinkpad_e580
Lenovo Thinkpad_l380
Lenovo Thinkpad_l380_yoga
Lenovo Thinkpad_l480

Weakness classification (CWE)

CWE-287 — Improper Authentication

References

secure@intel.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
secure@intel.com (x_refsource_CONFIRM, Third Party Advisory, Mitigation)
secure@intel.com (x_refsource_CONFIRM, Third Party Advisory)

Frequently asked questions

What is CVE-2018-12169?: CVE-2018-12169 is a high-severity vulnerability in Intel Core_i3, classified under Improper Authentication. CVSS score: 7.6/10. Published 2018-09-21.
How severe is CVE-2018-12169?: High severity. CVSS v3 base score is 7.6 out of 10.