Heap Corruption in Intel Baseboard Management Controller Firmware
CVE-2019-11171

9.8CRITICAL

Key Information:

Vendor: Intel
Status: Intel(r) Bmc
Vendor: CVE Published:; 14 November 2019

What is CVE-2019-11171?

A vulnerability exists in the Intel Baseboard Management Controller firmware, leading to potential heap corruption. This issue may allow an unauthenticated user to exploit network access, which could result in information disclosure, escalation of privileges, or denial of service. It highlights critical security implications for systems reliant on this firmware.

Affected Version(s)

Intel(R) BMC See provided reference

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2019
Vulnerability Reserved
Apr 11, 2019