Multiple vulnerabilities in Intel Server Boards, Server Systems and Compute Modules
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2020-24474 CVE-2020-24473 CVE-2020-24475 |
| CWE-ID | CWE-119 CWE-665 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
Intel Server System R1000WF Hardware solutions / Firmware Intel Server System R2000WF Hardware solutions / Firmware Intel Server Board S2600WF Hardware solutions / Firmware Intel Server Board S2600ST Hardware solutions / Firmware Intel Compute Module HNS2600BP Hardware solutions / Firmware Intel Server Board S2600BP Hardware solutions / Firmware Baseboard Management Controller (BMC) Hardware solutions / Firmware |
| Vendor | Intel |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU54153
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-24474
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to escalate privileges on the system.
The vulnerability exists due to a boundary error in the BMC firmware for some Intel Server Boards, Server Systems and Compute Modules. An authenticated attacker on the local network can trigger memory corruption and gain elevated privileges on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Server System R1000WF: All versions
Intel Server System R2000WF: All versions
Intel Server Board S2600WF: All versions
Intel Server Board S2600ST: All versions
Intel Compute Module HNS2600BP: All versions
Intel Server Board S2600BP: All versions
Baseboard Management Controller (BMC): before 2.48.ce3e3bd2
CPE2.3- cpe:2.3:h:intel:intel_server_system_r1000wf:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_server_system_r2000wf:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_server_board_s2600wf:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_server_board_s2600st:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_compute_module_hns2600bp:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_server_board_s2600bp:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:baseboard_management_controller_bmc:*:*:*:*:*:*:*:*
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU54154
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-24473
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in the BMC firmware for some Intel Server Boards, Server Systems and Compute Modules. A local user can trigger memory corruption and gain elevated privileges on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Server System R1000WF: All versions
Intel Server System R2000WF: All versions
Intel Server Board S2600WF: All versions
Intel Server Board S2600ST: All versions
Intel Compute Module HNS2600BP: All versions
Intel Server Board S2600BP: All versions
Baseboard Management Controller (BMC): before 2.48.ce3e3bd2
CPE2.3- cpe:2.3:h:intel:intel_server_system_r1000wf:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_server_system_r2000wf:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_server_board_s2600wf:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_server_board_s2600st:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_compute_module_hns2600bp:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_server_board_s2600bp:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:baseboard_management_controller_bmc:*:*:*:*:*:*:*:*
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Initialization
EUVDB-ID: #VU54155
Risk: Low
CVSSv4.0: 0.2 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-24475
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper initialization in the BMC firmware for some Intel Server Boards, Server Systems and Compute Modules. A local administrator can gain elevated privileges on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Server System R1000WF: All versions
Intel Server System R2000WF: All versions
Intel Server Board S2600WF: All versions
Intel Server Board S2600ST: All versions
Intel Compute Module HNS2600BP: All versions
Intel Server Board S2600BP: All versions
Baseboard Management Controller (BMC): before 2.48.ce3e3bd2
CPE2.3- cpe:2.3:h:intel:intel_server_system_r1000wf:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_server_system_r2000wf:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_server_board_s2600wf:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_server_board_s2600st:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_compute_module_hns2600bp:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_server_board_s2600bp:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:baseboard_management_controller_bmc:*:*:*:*:*:*:*:*
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
