PT-2018-1598 · Intel · Intel Baseboard Management Controller (Bmc) Firmware

Published

2018-09-11

Updated

2019-10-03

CVE-2018-12171

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Intel Baseboard Management Controller (BMC) firmware versions prior to 1.43.91f76955

Description The issue is related to privilege escalation in the Intel Baseboard Management Controller (BMC) firmware, caused by privilege management errors. This may allow an unprivileged user to potentially execute arbitrary code or perform a denial of service over the network.

Recommendations For Intel Baseboard Management Controller (BMC) firmware versions prior to 1.43.91f76955, update to version 1.43.91f76955 or later to resolve the issue.

Fix

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

BDU:2018-01155

CVE-2018-12171

Affected Products

Intel Baseboard Management Controller (Bmc) Firmware

PT-2018-1598 · Intel · Intel Baseboard Management Controller (Bmc) Firmware

CVE-2018-12171

Weakness Enumeration

Related Identifiers

Affected Products

References · 5