A potential security vulnerability in the Intel® Server Board S2600ST & S2600WF families may allow escalation of privilege.** **Intel is releasing firmware updates to mitigate this potential vulnerability.
CVEID: CVE-2020-0572
Description: Improper input validation in the firmware for Intel® Server Board S2600ST & S2600WF families may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 7.5 High
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Intel® Server Board S2600ST family.
Intel® Server Board S2600WF family.
Intel recommends updating the Intel® Server Board S2600ST firmware to version 02.01.0011 or later and the Intel® Server Board S2600WF firmware to version 02.01.0012 or later.
Intel would like to thank Alexander Ermolov and Maksim Malyutin for reporting this issue.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.