Daniel Medina Velazquez

**Name of the Vulnerable Software and Affected Versions** Intel(R) Server Board S2600WF versions prior to 02.01.0017 Intel(R) Server Board S2600ST versions prior to 02.01.0017 Intel(R) Server Board S2600BP versions prior to 02.01.0017 Intel(R) Server Board M50CYP versions prior to R01.01.0009 Intel(R) Server Board D50TNP versions prior to R01.01.0009 **Description** A heap-based buffer overflow in the BMC Firmware may allow a privileged user to enable escalation of privilege via local access. **Recommendations** For Intel(R) Server Board S2600WF versions prior to 02.01.0017, update to version 02.01.0017 or later. For Intel(R) Server Board S2600ST versions prior to 02.01.0017, update to version 02.01.0017 or later. For Intel(R) Server Board S2600BP versions prior to 02.01.0017, update to version 02.01.0017 or later. For Intel(R) Server Board M50CYP versions prior to R01.01.0009, update to version R01.01.0009 or later. For Intel(R) Server Board D50TNP versions prior to R01.01.0009, update to version R01.01.0009 or later.

**Name of the Vulnerable Software and Affected Versions** OpenBMC Firmware versions prior to egs-1.15-0 OpenBMC Firmware versions prior to bhs-0.27 **Description** The issue is an out of bounds read that may allow a privileged user to potentially enable information disclosure via local access. **Recommendations** For versions prior to egs-1.15-0, update to version egs-1.15-0 or later. For versions prior to bhs-0.27, update to version bhs-0.27 or later.

**Name of the Vulnerable Software and Affected Versions** Intel(R) Server Board BMC firmware versions prior to 2.90 **Description** The issue allows a privileged user to enable escalation of privilege via local access due to access of memory location after end of buffer in the firmware. **Recommendations** For versions prior to 2.90, update to version 2.90 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel(R) Server Board BMC firmware versions prior to 2.90 **Description** The issue is related to improper input validation in the firmware, which may allow a privileged user to enable information disclosure via local access. **Recommendations** For versions prior to 2.90, update to version 2.90 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel Baseboard Management Controller (BMC) firmware (affected versions not specified) **Description** The issue is related to memory corruption in the Intel Baseboard Management Controller firmware, which may allow an unauthenticated user to potentially enable denial of service via network access. It is also described as a buffer overflow vulnerability that can be exploited by a remote attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intel Baseboard Management Controller (affected versions not specified) **Description** The issue is related to an out of bound read in the Intel Baseboard Management Controller firmware. This may allow an unauthenticated user to potentially enable escalation of privilege via network access. The vulnerability is associated with a buffer read beyond the memory boundaries, which can be exploited by a remote attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.