Potential Denial of Service Vulnerability in Intel SPS Firmware
CVE-2023-29153

4.9MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Sps Firmware
Vendor: CVE Published:; 14 February 2024

Summary

The vulnerability involves uncontrolled resource consumption present in certain Intel SPS firmware versions, specifically prior to SPS_E5_06.01.04.002.0. This issue allows a privileged user to exploit the vulnerability, potentially leading to a denial of service via network access. Organizations utilizing affected versions of Intel's SPS firmware may face disruption in services, highlighting the importance of immediate updates and patching measures to secure their systems against unauthorized access and resource exhaustion.

Affected Version(s)

Intel(R) SPS firmware before version SPS_E5_06.01.04.002.0

References

https://www.intel.com/content/www/us/en/security-center/a...

https://security.netapp.com/advisory/ntap-20240322-0005/

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 14, 2024
Vulnerability Reserved
Aug 2, 2023