A potential security vulnerability in some Intel® Server Platform Services (SPS) firmware may allow denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability.
CVEID: CVE-2023-29153
Description: Uncontrolled resource consumption for some Intel® SPS firmware before version SPS_E5_06.01.04.002.0 may allow a privileged user to potentially enable denial of service via network access.
CVSS Base Score: 4.9 Medium
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Intel® SPS before SPS_E5_06.01.04.002.0.
Intel recommends that users of Intel® SPS update to the latest version provided by the system manufacturer that addresses these issues.
This issue was found internally by Intel. Intel would like to thank Tomasz Bagniuk, Piotr Dorozynski, and Witold Kryszak.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.