Out of bounds write in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Link | Resource |
---|---|
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
01 Jul 2021, 19:55
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 7.8 |
References | (MISC) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html - Vendor Advisory | |
CPE | cpe:2.3:h:intel:server_board_s2600bpq:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_board_s2600bps:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r1304wftysr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r2208wfqzs:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r2224wfqzs:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r2308wftzs:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_board_s2600wftr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r1208wftys:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r2208wftzs:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r2312wf0npr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r2224wftzs:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r2208wf0zs:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r2312wftzs:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r2208wftzsr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:compute_module_hns2600bpq24r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_board_s2600stqr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_board_s2600wfqr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r1304wftys:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r1208wfqysr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r2208wfqzsr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_board_s2600bpbr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_board_s2600stq:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_board_s2600wf0r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_board_s2600bpsr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r2312wfqzs:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r2312wf0np:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_board_s2600bpqr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:compute_module_hns2600bpqr:-:*:*:*:*:*:*:* cpe:2.3:o:intel:baseboard_management_controller_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:intel:compute_module_hns2600bpb24r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r1208wftysr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_board_s2600stbr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r2308wftzsr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_board_s2600stb:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r1304wf0ysr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_board_s2600wfq:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_board_s2600wft:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r2312wftzsr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_board_s2600bpb:-:*:*:*:*:*:*:* cpe:2.3:h:intel:compute_module_hns2600bpbr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:compute_module_hns2600bpsr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_board_s2600wf0:-:*:*:*:*:*:*:* cpe:2.3:h:intel:compute_module_hns2600bps24r:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r1304wf0ys:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r2208wf0zsr:-:*:*:*:*:*:*:* cpe:2.3:h:intel:server_system_r2224wftzsr:-:*:*:*:*:*:*:* |
09 Jun 2021, 20:19
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-06-09 20:15
Updated : 2023-12-10 13:55
NVD link : CVE-2020-24473
Mitre link : CVE-2020-24473
CVE.ORG link : CVE-2020-24473
JSON object : View
Products Affected
intel
- server_board_s2600wfq
- server_system_r2208wftzsr
- server_board_s2600wf0r
- server_board_s2600stbr
- server_board_s2600wfqr
- server_board_s2600bpbr
- compute_module_hns2600bpb24r
- server_system_r1208wftys
- server_system_r2308wftzsr
- server_system_r1304wf0ysr
- server_board_s2600stq
- compute_module_hns2600bpqr
- server_board_s2600bps
- server_system_r1304wftysr
- server_board_s2600bpqr
- compute_module_hns2600bpsr
- compute_module_hns2600bpbr
- server_board_s2600bpb
- compute_module_hns2600bpq24r
- server_system_r2208wf0zs
- server_board_s2600bpsr
- server_board_s2600wft
- compute_module_hns2600bps24r
- server_board_s2600stb
- server_system_r1208wfqysr
- server_system_r2312wftzsr
- server_system_r1208wftysr
- server_system_r2312wfqzs
- server_system_r2208wfqzsr
- server_system_r2312wf0npr
- baseboard_management_controller_firmware
- server_system_r2208wfqzs
- server_system_r2308wftzs
- server_board_s2600stqr
- server_system_r2224wftzs
- server_system_r2224wftzsr
- server_system_r2224wfqzs
- server_system_r2208wftzs
- server_system_r2208wf0zsr
- server_system_r2312wftzs
- server_board_s2600wf0
- server_board_s2600bpq
- server_board_s2600wftr
- server_system_r1304wftys
- server_system_r1304wf0ys
- server_system_r2312wf0np
CWE
CWE-787
Out-of-bounds Write