Privilege Escalation Vulnerability in Intel Server Board Firmware
CVE-2020-12300

8.2HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Server Board Families Advisory
Vendor: CVE Published:; 13 August 2020

What is CVE-2020-12300?

An uninitialized pointer vulnerability exists in the BIOS firmware for various Intel Server Board families, namely S2600CW, S2600KP, S2600TP, and S2600WT. This flaw may enable a privileged user to potentially escalate privileges via local access. Proper mitigation and updates are essential to secure affected systems.

Affected Version(s)

Intel(R) Server Board Families Advisory See provided reference

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20200814-0001/

x_refsource_CONFIRM

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 13, 2020
Vulnerability Reserved
Apr 28, 2020