Privilege Escalation Risk in Intel Server Boards
CVE-2020-12301

8.2HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Server Board Families Advisory
Vendor: CVE Published:; 13 August 2020

What is CVE-2020-12301?

Improper initialization in the BIOS firmware of Intel's Server Board Families, including S2600ST, S2600BP, and S2600WF, can be exploited by a privileged user with local access, potentially enabling escalation of privileges. This vulnerability allows unauthorized actions, which could impact system integrity and confidentiality. Users are advised to review their systems and assess the need for firmware updates as recommended by the vendor to mitigate associated risks.

Affected Version(s)

Intel(R) Server Board Families Advisory See provided reference

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20200814-0001/

x_refsource_CONFIRM

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 13, 2020
Vulnerability Reserved
Apr 28, 2020