HIGH✓ PATCH🇬🇧 English

CVE-2024-39609

CVSS 8.7v4.0pub. 2024-11-13upd. 2024-11-19

Improper Access Control in UEFI firmware for some Intel(R) Server Board M70KLP may allow a privileged user to potentially enable escalation of privilege via local access.

oryginał EN
CVSS Vector
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Intel Server Board M70klp2sb

    HW
    Intel
    wszystkie wersje
  • Intel Server Board M70klp2sb Firmware

    OS
    Intel
    < 01.04.0030
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2022-24379HIGH7.5ten sam produkt

Improper input validation in some Intel(R) Server System M70KLP Family BIOS firmware before version 01.04.0029...

CVE-2022-29262HIGH7.9ten sam produkt

Improper buffer restrictions in some Intel(R) Server Board BIOS firmware may allow a privileged user to potent...

CVE-2022-29510HIGH7.5ten sam produkt

Improper buffer restrictions in some Intel(R) Server Board M10JNP2SB BIOS firmware before version 7.219 may al...

CVE-2022-33945HIGH8.2ten sam produkt

Improper input validation in some Intel(R) Server board and Intel(R) Server System BIOS firmware may allow a p...

CVE-2023-34431HIGH8.2ten sam produkt

Improper input validation in some Intel(R) Server Board BIOS firmware may allow a privileged user to potential...

CVE-2024-39609 — HIGH 8.7 | CVEbaza.pl