Heap-Based Buffer Overflow Vulnerability in Intel Server Boards
CVE-2023-31276

8.4HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Server Board S2600wf, Intel(r) Server Board S2600st, Intel(r) Server Board S2600bp, Intel(r) Server Board M50cyp And Intel(r) Server Board D50tnp
Vendor: CVE Published:; 12 February 2025

Summary

A heap-based buffer overflow vulnerability exists in the BMC Firmware affecting several Intel Server Boards, allowing a privileged user to exploit this flaw to escalate privileges through local access. This presents significant security risks for systems running affected versions, as it can be leveraged by attackers with physical or local access to gain unauthorized control over the affected systems.

Affected Version(s)

Intel(R) Server Board S2600WF, Intel(R) Server Board S2600ST, Intel(R) Server Board S2600BP, Intel(R) Server Board M50CYP and Intel(R) Server Board D50TNP See references

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Jun 9, 2023