CVE-2018-12173

CVE Database · CVE-2018-12173

CVE-2018-12173

· N/AModified

CVSS v3.1

N/A

EPSS

0.41%

Published

Oct 10, 2018

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.

Weaknesses (CWE)

CWE-732

Affected Products (28)

intel · server_board_s2600bp_firmware (up to 00.01.0014)vulnerable

intel · server_board_s2600bp

intel · server_board_s2600wf_firmware (up to 00.01.0014)vulnerable

intel · server_board_s2600wf

intel · server_board_s2600st_firmware (up to 00.01.0014)vulnerable

intel · server_board_s2600st

intel · server_board_s2600bpr_firmware (up to 00.01.0014)vulnerable

intel · server_board_s2600bpr

intel · server_board_s2600wfr_firmware (up to 00.01.0014)vulnerable