CVE-2020-12374

CWE-120Classic Buffer Overflow3 documents3 sources
Severity
6.7MEDIUM
EPSS
0.1%
top 76.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel BMC Firmware
Timeline
PublishedFeb 19
Latest updateMay 24

Description

Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages1 packages

NVDintel/bmc_firmware< 2.47

Patches

Patch: www.intel.comPatch: www.intel.com

🔴Vulnerability Details

2
GHSA
GHSA-xwxx-8397-833r: Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 22022-05-24
CVEList
CVE-2020-12374: Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 22021-02-19
CVE-2020-12374 (MEDIUM CVSS 6.7) | Buffer overflow in the BMC firmware | cvebase.io