1. Home
  2. CVE Database
  3. CVE-2018-12171
CRITICAL · 9.8

CVE-2018-12171

Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of serv...

Vulnerability Description

Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network.

CVSS Score

9.8

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
IntelBmc Firmware< 1.43.91f76955
IntelBbs2600Bpb-
IntelBbs2600Bpq-
IntelBbs2600Bps-
IntelBbs2600Stb-
IntelBbs2600Stq-
IntelHns2600Bpb-
IntelHns2600Bpb24-
IntelHns2600Bpblc-
IntelHns2600Bpblc24-
IntelHns2600Bpq-
IntelHns2600Bpq24-
IntelHns2600Bps-
IntelHns2600Bps24-
IntelR1208Wftys-
IntelR1304Wf0Ys-
IntelR1304Wftys-
IntelR2208Wf0Zs-
IntelR2208Wfqzs-
IntelR2208Wftzs-

References

FAQ

What is CVE-2018-12171?

CVE-2018-12171 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of serv...

How severe is CVE-2018-12171?

CVE-2018-12171 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2018-12171?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Bmc Firmware, Intel Bbs2600Bpb, Intel Bbs2600Bpq, Intel Bbs2600Bps, Intel Bbs2600Stb.