PT-2023-12747 · Intel · Intel Server System M70Klp Family Bios

Dmitry Frolov

Publicado

2023-11-14

Atualizado

2024-08-30

CVE-2022-24379

CVSS v3.1

7.5

Alta

Vetor

AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Intel(R) Server System M70KLP Family BIOS firmware versions prior to 01.04.0029

Description The issue is related to improper input validation in the BIOS firmware, which may allow a privileged user to potentially enable escalation of privilege via local access.

Recommendations For versions prior to 01.04.0029, update the BIOS firmware to version 01.04.0029 or later to resolve the issue.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2022-24379

Produtos afetados

Intel Server System M70Klp Family Bios

PT-2023-12747 · Intel · Intel Server System M70Klp Family Bios

CVE-2022-24379

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4