CVE-2023-29164 HIGH

CVE-2023-29164

Vendor N/A

Product Intel(R) Server Board S2600WF, Intel(R) Server Board S2600ST, Intel(R) Server Board S2600BP, Intel(R) Server Board M50CYP and Intel(R) Server Board D50TNP

Weakness CWE-284

Published February 12, 2025

Last update February 13, 2025

View on NVD All CVEs

CVSS base score

7.3/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality Low

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N

What the vulnerability does

01Description

Improper access control in BMC Firmware for the Intel(R) Server Board S2600WF, Intel(R) Server Board S2600ST, Intel(R) Server Board S2600BP, before version 02.01.0017 and Intel(R) Server Board M50CYP and Intel(R) Server Board D50TNP before version R01.01.0009 may allow an authenticated user to enable escalation of privilege via local access.

Key dates

02Disclosure timeline

February 12, 2025 CVE published

February 13, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-29164

Related vulnerabilities

Identifiers

CVE CVE-2023-29164

CWE CWE-284

CVSS 7.3 / HIGH

Affected versions