S2600Stqr Firmware
CVE-2020-12299
HIGH
Severity by source
AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Improper input validation in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access.
AnalysisAI
Improper input validation in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-20. Improper input validation in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access. Affected products include: Intel S2600Stqr Firmware, Intel S2600Stbr Firmware, Intel S2600Bpsr Firmware, Intel S2600Bpbr Firmware, Intel S2600Bpqr Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in S2600Stqr Firmware
View allSame weakness CWE-20 – Improper Input Validation
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today