CVE-2023-30768 — HIGH (7.7)

Q: How severe is CVE-2023-30768?

CVE-2023-30768 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-30768?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Server Board S1200V3Rpl Firmware, Intel Server Board S1200V3Rpl, Intel Server Board S1200V3Rpm Firmware, Intel Server Board S1200V3Rpm, Intel Server Board S1200V3Rpo Firmware.

Vulnerability Description

Improper access control in the Intel(R) Server Board S2600WTT belonging to the Intel(R) Server Board S2600WT Family with the BIOS version 0016 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Score

7.7

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Intel	Server Board S1200V3Rpl Firmware	< 0006
Intel	Server Board S1200V3Rpl	-
Intel	Server Board S1200V3Rpm Firmware	< 0006
Intel	Server Board S1200V3Rpm	-
Intel	Server Board S1200V3Rpo Firmware	< 0006
Intel	Server Board S1200V3Rpo	-
Intel	Server Board S1200V3Rps Firmware	< 0006
Intel	Server Board S1200V3Rps	-
Intel	Server Board S1400Fp2 Firmware	< 0005
Intel	Server Board S1400Fp2	-
Intel	Server Board S1400Fp4 Firmware	< 0005
Intel	Server Board S1400Fp4	-
Intel	Server Board S1400Sp4 Firmware	< 0005
Intel	Server Board S1400Sp4	-
Intel	Server Board S1400Sp2 Firmware	< 0005
Intel	Server Board S1400Sp2	-
Intel	Server Board S1600Jp2 Firmware	< 0005
Intel	Server Board S1600Jp2	-
Intel	Server Board S1600Jp4 Firmware	< 0005
Intel	Server Board S1600Jp4	-

Related Weaknesses (CWE)

CWE-284

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00056.MitigationVendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00056.MitigationVendor Advisory

FAQ

What is CVE-2023-30768?

CVE-2023-30768 is a vulnerability with a CVSS score of 7.7 (HIGH). Improper access control in the Intel(R) Server Board S2600WTT belonging to the Intel(R) Server Board S2600WT Family with the BIOS version 0016 may allow a privileged user to potentially enable escalat...

How severe is CVE-2023-30768?

CVE-2023-30768 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-30768?

Check the references section above for vendor advisories and patch information. Affected products include: Intel Server Board S1200V3Rpl Firmware, Intel Server Board S1200V3Rpl, Intel Server Board S1200V3Rpm Firmware, Intel Server Board S1200V3Rpm, Intel Server Board S1200V3Rpo Firmware.