Server Board S2600St Firmware
CVE-2020-0572
MEDIUM
Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Improper input validation in the firmware for Intel(R) Server Board S2600ST and S2600WF families may allow a privileged user to potentially enable escalation of privilege via local access.
AnalysisAI
Improper input validation in the firmware for Intel(R) Server Board S2600ST and S2600WF families may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-20. Improper input validation in the firmware for Intel(R) Server Board S2600ST and S2600WF families may allow a privileged user to potentially enable escalation of privilege via local access. Affected products include: Intel Server Board S2600St Firmware, Intel Server Board S2600Wf Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Heap-based buffer overflow in the firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before ve
Incorrect execution-assigned permissions in the file system for some Intel(R) Server Boards, Server Systems and Compute
Heap-based overflow for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an
Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 m
Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allo
Improper authentication in socket services for some Intel(R) Server Boards, Server Systems and Compute Modules before ve
Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allo
Buffer overflow in daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may al
Buffer overflow in a daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may
Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 m
Improper input validation for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may al
Buffer overflow in subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may
Same weakness CWE-20 – Improper Input Validation
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today