high
7.6
CWE
732
Advisory Published
Updated

CVE-2018-12173

First published: Wed Oct 10 2018(Updated: )

Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.

Credit: secure@intel.com

Affected SoftwareAffected VersionHow to fix
Intel S2600BP Firmware<00.01.0014
Intel Server Board S2600BPBR
Intel Server Board S2600WF0R<00.01.0014
Intel Server Board S2600WF Firmware
Intel Server Board S2600ST Firmware<00.01.0014
Intel Server Board S2600ST Firmware
Intel Server Board S2600BPR Firmware<00.01.0014
Intel Server Board S2600BPR Firmware
Intel Server Board S2600WFR Firmware<00.01.0014
Intel Server Board S2600WFR Firmware
Intel Server Board S2600STR Firmware<00.01.0014
Intel Server Board S2600STR Firmware
Intel Compute Module hns2600bp firmware<00.01.0014
Intel Compute Module hns2600bp firmware
Intel Compute Module hns2600bpr firmware<00.01.0014
Intel Compute Module hns2600bpr firmware
Intel R2000WF firmware<00.01.0014
Intel Server System r2000wf firmware
Intel R1000WF Firmware<00.01.0014
Intel Server System r1000wf firmware
Intel Server System R1000WF<00.01.0014
Intel Server System R1000WFR
Intel Server System R2000WF<00.01.0014
Intel Server System R2000WF
Intel Server System H2000G Firmware<00.01.0014
Intel Server System H2000G Firmware
Intel Server System H2000GR Firmware<00.01.0014
Intel Server System H2000GR Firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2018-12173?

    CVE-2018-12173 is a vulnerability in the firmware of Intel Server Board, Intel Server System, and Intel Compute Module that may allow an unauthenticated attacker to execute arbitrary code, leading to information disclosure, privilege escalation, and denial of service.

  • How does CVE-2018-12173 affect Intel Server Board S2600bp firmware?

    CVE-2018-12173 affects Intel Server Board S2600bp firmware versions up to exclusive version 00.01.0014, potentially allowing an unauthenticated attacker to execute arbitrary code and gain unauthorized access.

  • How can I fix CVE-2018-12173 on Intel Server Board S2600bp firmware?

    To fix CVE-2018-12173 on Intel Server Board S2600bp firmware, update to firmware version 00.01.0014 or newer.

  • What is the severity of CVE-2018-12173?

    CVE-2018-12173 has a severity rating of 7.6, which is considered high.

  • Where can I find more information about CVE-2018-12173?

    You can find more information about CVE-2018-12173 on the official Intel Security Center Advisory page and the Lenovo Solutions page.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203