Improper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may allow a privileged user to potentially enable escalation of privilege via local access.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 12 Sep 2024 19:15:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo

Wed, 14 Aug 2024 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Intel
Intel server Board S2600st Firmware
CPEs cpe:2.3:o:intel:server_board_s2600st_firmware:*:*:*:*:*:*:*:*
Vendors & Products Intel
Intel server Board S2600st Firmware
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 14 Aug 2024 14:00:00 +0000

Type Values Removed Values Added
Description Improper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may allow a privileged user to potentially enable escalation of privilege via local access.
Weaknesses CWE-20
References
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H'}

cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: intel

Published:

Updated: 2024-08-22T03:55:15.276Z

Reserved: 2024-03-15T03:00:05.755Z

Link: CVE-2024-28947

cve-icon Vulnrichment

Updated: 2024-08-14T14:09:44.466Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-14T14:15:26.017

Modified: 2024-09-12T18:52:38.433

Link: CVE-2024-28947

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.