Out of Bounds Write in Intel Server Board BMC Firmware
CVE-2023-22442

7.9HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Server Board Bmc Firmware
Vendor: CVE Published:; 10 May 2023

Summary

An out of bounds write vulnerability exists in some Intel Server Board BMC firmware versions prior to 2.90. This vulnerability could allow a privileged user to escalate their privileges through local access, leading to potential unauthorized actions within the system. System administrators should review their BMC firmware versions and apply updates to mitigate any risks associated with this vulnerability.

Affected Version(s)

Intel(R) Server Board BMC firmware before version 2.90

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.9

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
May 10, 2023
Vulnerability Reserved
Feb 1, 2023