CVE-2020-12375
6.7
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.8 / Impact: 5.9
Source: NVD
Description
Heap overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.
Affected (1)
Products: Intel: Bmc Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.47 |
| Running on/with | Platform Versions |
|---|---|
Intel Hns2600bpb | All versions |
Intel Hns2600bpb24 | All versions |
Intel Hns2600bpb24r | All versions |
Intel Hns2600bpblc | All versions |
Intel Hns2600bpblc24 | All versions |
Intel Hns2600bpblc24r | All versions |
Intel Hns2600bpbr | All versions |
Intel Hns2600bpq | All versions |
Intel Hns2600bpq24 | All versions |
Intel Hns2600bpq24r | All versions |
Intel Hns2600bpqr | All versions |
Intel Hns2600bps | All versions |
Intel Hns2600bps24 | All versions |
Intel Hns2600bps24r | All versions |
Intel Hns2600bpsr | All versions |
Intel R1000wf | All versions |
Intel R1208wfqysr | All versions |
Intel R1208wftys | All versions |
Intel R1208wftysr | All versions |
Intel R1304wf0ys | All versions |
Intel R1304wf0ysr | All versions |
Intel R1304wftys | All versions |
Intel R1304wftysr | All versions |
Intel R2208wf0zs | All versions |
Intel R2208wf0zsr | All versions |
Intel R2208wfqzs | All versions |
Intel R2208wfqzsr | All versions |
Intel R2208wftzs | All versions |
Intel R2208wftzsr | All versions |
Intel R2224wfqzs | All versions |
Intel R2224wftzs | All versions |
Intel R2224wftzsr | All versions |
Intel R2308wftzs | All versions |
Intel R2308wftzsr | All versions |
Intel R2312wf0np | All versions |
Intel R2312wf0npr | All versions |
Intel R2312wfqzs | All versions |
Intel R2312wftzs | All versions |
Intel R2312wftzsr | All versions |
Intel S2600bpbr | All versions |
Intel S2600bpqr | All versions |
Intel S2600bpsr | All versions |
Intel S2600stb | All versions |
Intel S2600stq | All versions |
Intel S2600wf0 | All versions |
Intel S2600wfq | All versions |
Intel S2600wft | All versions |
References (2)
Source: secure@intel.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Timeline
No history available yet.