CVE-2019-11171

CWE-787Out-of-bounds Write3 documents3 sources
Severity
9.8CRITICAL
EPSS
0.5%
top 32.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Baseboard Management Controller Firmware
Timeline
PublishedNov 14
Latest updateMay 24

Description

Heap corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via network access.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5intel(r)_bmcSee provided reference

🔴Vulnerability Details

2
GHSA
GHSA-c22w-rvfr-jr97: Heap corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, e2022-05-24
CVEList
CVE-2019-11171: Heap corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, e2019-11-14
CVE-2019-11171 (CRITICAL CVSS 9.8) | Heap corruption in Intel(R) Baseboa | cvebase.io