CVE-2023-31189

Name of the Vulnerable Software and Affected Versions Intel Server Product OpenBMC versions prior to egs-1.09

Description The issue is related to improper authentication in the OpenBMC firmware, which may allow an authenticated user to escalate their privileges via local access. This is due to weaknesses in the authentication procedure.

Recommendations For versions prior to egs-1.09, update to version egs-1.09 or later to resolve the issue. As a temporary workaround, consider restricting local access to the OpenBMC firmware to minimize the risk of exploitation.