Multiple vulnerabilities in Intel Server Products UEFI Firmware
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2024-22382 CVE-2024-23487 CVE-2024-24981 CVE-2024-23980 CVE-2024-22095 CVE-2023-22662 |
| CWE-ID | CWE-20 CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
UEFI firmware Hardware solutions / Firmware Intel Server D50DNP Hardware solutions / Firmware Intel Server M50FCP Hardware solutions / Firmware Intel Server D50FCP Hardware solutions / Firmware Intel Server Board S2600BP Hardware solutions / Firmware |
| Vendor | Intel |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU89747
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-22382
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in PprRequestLog module. A local administrator can pass specially crafted input to the application and gain elevated privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsUEFI firmware: All versions
Intel Server D50DNP: All versions
CPE2.3 External linkshttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU89749
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-23487
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in UserAuthenticationSmm driver. A local administrator can pass specially crafted input to the application and gain elevated privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsUEFI firmware: All versions
Intel Server D50DNP: All versions
CPE2.3 External linkshttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU89750
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-24981
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in PfrSmiUpdateFw driver. A local administrator can pass specially crafted input to the application and gain elevated privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsUEFI firmware: All versions
Intel Server M50FCP: All versions
CPE2.3 External linkshttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Buffer overflow
EUVDB-ID: #VU89751
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-23980
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in PlatformPfrDxe driver. A local administrator can trigger memory corruption and execute arbitrary code on the target system with elevated privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsUEFI firmware: All versions
Intel Server D50FCP: All versions
CPE2.3 External linkshttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU89754
Risk: Low
CVSSv4.0: 2 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-22095
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in PlatformVariableInitDxe driver. A local administrator can pass specially crafted input to the application and gain elevated privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsUEFI firmware: All versions
Intel Server D50DNP: All versions
CPE2.3 External linkshttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Input validation error
EUVDB-ID: #VU89755
Risk: Low
CVSSv4.0: 0.7 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-22662
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input of EpsdSrMgmtConfig. A local administrator can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsUEFI firmware: All versions
Intel Server Board S2600BP: All versions
CPE2.3- cpe:2.3:h:intel:uefi_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:h:intel:intel_server_board_s2600bp:*:*:*:*:*:*:*:*
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
