Insufficient Access Protection in Intel Server Board Firmware: Potential Arbitrary Code Execution and Information Disclosure

Insufficient Access Protection in Intel Server Board Firmware: Potential Arbitrary Code Execution and Information Disclosure

CVE-2018-12173 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.

Learn more about our Cis Benchmark Audit For Server Software.