Buffer Overflow Vulnerability in Intel Server Boards and Systems
CVE-2020-24474

8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Server Boards, Server Systems And Compute Modules
Vendor: CVE Published:; 9 June 2021

What is CVE-2020-24474?

A buffer overflow vulnerability exists in the BMC firmware for certain Intel Server Boards, Server Systems, and Compute Modules prior to version 2.48.ce3e3bd2. An authenticated user with adjacent access could exploit this flaw to potentially escalate their privileges, thereby gaining unauthorized access to sensitive system functionalities. It's critical for users to apply the latest firmware updates to safeguard against this vulnerability.

Affected Version(s)

Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2021
Vulnerability Reserved
Aug 19, 2020