Skip to main content

Core I7 CVE-2018-3619

MEDIUM
Information Exposure (CWE-200)
2018-07-10 secure@intel.com
4.6
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
4.6 MEDIUM
AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Jul 10, 2018 - 21:29 nvd
MEDIUM 4.6

DescriptionNVD

Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access.

AnalysisAI

Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access. Affected products include: Intel Core I7, Intel Core I5, Intel Core I3, Intel Core I9, Intel Core M3.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.

CVE-2017-5753 MEDIUM POC
5.6 Jan 04

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of

CVE-2017-5754 MEDIUM
5.6 Jan 04

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized discl

CVE-2018-3639 MEDIUM POC
5.5 May 22

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addres

CVE-2018-9056 MEDIUM POC
5.6 Mar 27

Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an atta

CVE-2018-3615 HIGH
7.3 Aug 14

Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow u

CVE-2018-12169 HIGH
7.6 Sep 21

Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generatio

CVE-2021-0114 MEDIUM
6.7 Aug 16

Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an

CVE-2021-0144 MEDIUM
6.7 Jul 14

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enabl

CVE-2018-3646 MEDIUM
5.6 Aug 14

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure

CVE-2018-3620 MEDIUM
5.6 Aug 14

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure

CVE-2018-3693 MEDIUM
5.6 Jul 10

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of

CVE-2018-3665 MEDIUM
5.6 Jun 21

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentia

Share

CVE-2018-3619 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy