PT-2025-6483 · Intel · Intel Server Board S2600Bp+3
Benny Zeltser
+2
·
Published
2025-02-11
·
Updated
2025-02-13
·
CVE-2023-29164
CVSS v3.1
7.3
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Intel(R) Server Board S2600WF versions prior to 02.01.0017
Intel(R) Server Board S2600ST versions prior to 02.01.0017
Intel(R) Server Board S2600BP versions prior to 02.01.0017
Intel(R) Server Board M50CYP versions prior to R01.01.0009
Intel(R) Server Board D50TNP versions prior to R01.01.0009
Description
The issue is related to improper access control in the BMC Firmware for several Intel Server Board models. This may allow an authenticated user to enable escalation of privilege via local access.
Recommendations
For Intel(R) Server Board S2600WF versions prior to 02.01.0017, update to version 02.01.0017 or later.
For Intel(R) Server Board S2600ST versions prior to 02.01.0017, update to version 02.01.0017 or later.
For Intel(R) Server Board S2600BP versions prior to 02.01.0017, update to version 02.01.0017 or later.
For Intel(R) Server Board M50CYP versions prior to R01.01.0009, update to version R01.01.0009 or later.
For Intel(R) Server Board D50TNP versions prior to R01.01.0009, update to version R01.01.0009 or later.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel Server Board D50Tnp
Intel Server Board M50Cyp
Intel Server Board S2600Bp
Intel Server Board S2600Wf