CVE-2018-12173
published 2018-10-10CVE-2018-12173: Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an…
high7.6CVSS 3.0
AVPACLPRNUINSCCHIHAH
Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| intel | compute_module_hns2600bp_firmware | < 00.01.0014 | 00.01.0014 |
| intel | compute_module_hns2600bpr_firmware | < 00.01.0014 | 00.01.0014 |
| intel | server_board_s2600bp_firmware | < 00.01.0014 | 00.01.0014 |
| intel | server_board_s2600bpr_firmware | < 00.01.0014 | 00.01.0014 |
| intel | server_board_s2600st_firmware | < 00.01.0014 | 00.01.0014 |
| intel | server_board_s2600str_firmware | < 00.01.0014 | 00.01.0014 |
| intel | server_board_s2600wf_firmware | < 00.01.0014 | 00.01.0014 |
| intel | server_board_s2600wfr_firmware | < 00.01.0014 | 00.01.0014 |
| intel | server_system_h2000g_firmware | < 00.01.0014 | 00.01.0014 |
| intel | server_system_h2000gr_firmware | < 00.01.0014 | 00.01.0014 |
| intel | server_system_r1000wf_firmware | < 00.01.0014 | 00.01.0014 |
| intel | server_system_r1000wfr_firmware | < 00.01.0014 | 00.01.0014 |
| intel | server_system_r2000wf_firmware | < 00.01.0014 | 00.01.0014 |
| intel | server_system_r2000wfr_firmware | < 00.01.0014 | 00.01.0014 |
| intel_corporation | intel_server_boards_firmware | — | — |