Vulnerability Description
Improper input validation in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | S2600Stqr Firmware | < 02.01.0012 |
| Intel | S2600Stqr | - |
| Intel | S2600Stbr Firmware | < 02.01.0012 |
| Intel | S2600Stbr | - |
| Intel | S2600Bpsr Firmware | < 02.01.0012 |
| Intel | S2600Bpsr | - |
| Intel | S2600Bpbr Firmware | < 02.01.0012 |
| Intel | S2600Bpbr | - |
| Intel | S2600Bpqr Firmware | < 02.01.0012 |
| Intel | S2600Bpqr | - |
| Intel | S2600Wftr Firmware | < 02.01.0012 |
| Intel | S2600Wftr | - |
| Intel | S2600Wf0R Firmware | < 02.01.0012 |
| Intel | S2600Wf0R | - |
| Intel | S2600Wfqr Firmware | < 02.01.0012 |
| Intel | S2600Wfqr | - |
Related Weaknesses (CWE)
References
- https://security.netapp.com/advisory/ntap-20200814-0001/Third Party Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00367.PatchVendor Advisory
- https://security.netapp.com/advisory/ntap-20200814-0001/Third Party Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00367.PatchVendor Advisory
FAQ
What is CVE-2020-12299?
CVE-2020-12299 is a vulnerability with a CVSS score of 8.2 (HIGH). Improper input validation in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access.
How severe is CVE-2020-12299?
CVE-2020-12299 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-12299?
Check the references section above for vendor advisories and patch information. Affected products include: Intel S2600Stqr Firmware, Intel S2600Stqr, Intel S2600Stbr Firmware, Intel S2600Stbr, Intel S2600Bpsr Firmware.