Skip to main content

Server Board S1200V3Rpl Firmware CVE-2023-30768

MEDIUM
Improper Access Control (CWE-284)
2023-05-12 secure@intel.com
Privilege Escalation Intel Authentication Bypass Server Board S1200V3Rpl Firmware Server Board S1200V3Rpm Firmware Server Board S1200V3Rpo Firmware Server Board S1200V3Rps Firmware Server Board S1400Fp2 Firmware Server Board S1400Fp4 Firmware Server Board S1400Sp4 Firmware Server Board S1400Sp2 Firmware Server Board S1600Jp2 Firmware Server Board S1600Jp4 Firmware Server Board S2400Bb4 Firmware Server Board S2400Ep2 Firmware Server Board S2400Ep4 Firmware Server Board S2400Sc2 Firmware Server Board S2600Co4 Firmware Server Board S2600Coe Firmware Server Board S2600Coeioc Firmware Server Board S2600Cp2 Firmware Server Board S2600Cp2Ioc Firmware Server Board S2600Cp2J Firmware Server Board S2600Cp4 Firmware Server Board S2600Cp4Ioc Firmware Server Board S2600Gl Firmware Server Board S2600Gz Firmware Server Board S2600Ip4 Firmware Server Board S2600Ip4L Firmware Workstation Board W2600Cr2 Firmware Workstation Board W2600Cr2L Firmware Server Board S2600Jf Firmware Server Board S2600Wp Firmware Server Board S4600Lh2 Firmware Server Board S4600Lt2 Firmware Server Board S2600Wpf Firmware Server Board S2600Wpq Firmware Server Board S2600Jff Firmware Server Board S2600Jfq Firmware Server Board S2600Cw2R Firmware Server Board S2600Cw2Sr Firmware Server Board S2600Cwtr Firmware Server Board S2600Cwtsr Firmware Server Board S2600Cw2S Firmware Server Board S2600Cwt Firmware Server Board S2600Cwts Firmware Server Board S2600Cw2 Firmware Server Board S2600Kpfr Firmware Server Board S2600Kpr Firmware Server Board S2600Kptr Firmware Server Board S2600Kp Firmware Server Board S2600Kpf Firmware Server Board S2600Tpnr Firmware Server Board S2600Tpfr Firmware Server Board S2600Tpr Firmware Server Board S2600Tpf Firmware Server Board S2600Tp Firmware Server Board S2600Wtts1R Firmware Server Board S2600Wt2R Firmware Server Board S2600Wttr Firmware Server Board S2600Wt2 Firmware Server Board S2600Wtt Firmware Server Board S1200Btlrm Firmware Server Board S1200Btlr Firmware Server Board S1200Btsr Firmware Server Board S1200Btl Firmware Server Board S1200Bts Firmware
6.7
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.7 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
May 12, 2023 - 15:15 nvd
MEDIUM 6.7

DescriptionNVD

Improper access control in the Intel(R) Server Board S2600WTT belonging to the Intel(R) Server Board S2600WT Family with the BIOS version 0016 may allow a privileged user to potentially enable escalation of privilege via local access.

AnalysisAI

Improper access control in the Intel(R) Server Board S2600WTT belonging to the Intel(R) Server Board S2600WT Family with the BIOS version 0016 may allow a privileged user to potentially enable. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-284. Improper access control in the Intel(R) Server Board S2600WTT belonging to the Intel(R) Server Board S2600WT Family with the BIOS version 0016 may allow a privileged user to potentially enable escalation of privilege via local access. Affected products include: Intel Server Board S1200V3Rpl Firmware, Intel Server Board S1200V3Rpm Firmware, Intel Server Board S1200V3Rpo Firmware, Intel Server Board S1200V3Rps Firmware, Intel Server Board S1400Fp2 Firmware. Version information: version 0016.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2023-30768 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy