CVE-2020-12374: Buffer Overflow
First published: Fri Feb 19 2021(Updated: )
Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Bmc Firmware | <2.47 | |
| Intel Hns2600bpb | ||
| Intel Hns2600bpb24 | ||
| Intel Hns2600bpblc | ||
| Intel Hns2600bpblc24 | ||
| Intel Hns2600bpq | ||
| Intel Hns2600bpq24 | ||
| Intel Hns2600bps | ||
| Intel Hns2600bps24 | ||
| Intel R1208wfqysr | ||
| Intel R1208wftys | ||
| Intel R1208wftysr | ||
| Intel R1304wf0ys | ||
| Intel R1304wf0ysr | ||
| Intel R1304wftys | ||
| Intel R1304wftysr | ||
| Intel R2208wf0zs | ||
| Intel R2208wf0zsr | ||
| Intel R2208wfqzs | ||
| Intel R2208wfqzsr | ||
| Intel R2208wftzs | ||
| Intel R2208wftzsr | ||
| Intel R2224wfqzs | ||
| Intel R2224wftzs | ||
| Intel R2224wftzsr | ||
| Intel R2308wftzs | ||
| Intel R2308wftzsr | ||
| Intel R2312wf0np | ||
| Intel R2312wf0npr | ||
| Intel R2312wfqzs | ||
| Intel R2312wftzs | ||
| Intel R2312wftzsr | ||
| Intel S2600stb | ||
| Intel S2600stq | ||
| Intel S2600wf0 | ||
| Intel S2600wfq | ||
| Intel S2600wft |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-12374?
CVE-2020-12374 is a buffer overflow vulnerability in the BMC firmware for some Intel Server Boards, Server Systems, and Compute Modules.
What is the severity of CVE-2020-12374?
The severity of CVE-2020-12374 is medium with a CVSS score of 6.7.
How can a privileged user potentially exploit CVE-2020-12374?
A privileged user can potentially enable escalation of privilege via local access.
Which software versions are affected by CVE-2020-12374?
BMC firmware versions before 2.47 on some Intel Server Boards, Server Systems, and Compute Modules are affected by CVE-2020-12374.
Where can I find more information about CVE-2020-12374?
You can find more information about CVE-2020-12374 on the Intel Security Center advisory page: [Link](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html)
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/weakness
- agent/event
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel bmc firmware
- canonical/intel hns2600bpb
- canonical/intel hns2600bpb24
- canonical/intel hns2600bpblc
- canonical/intel hns2600bpblc24
- canonical/intel hns2600bpq
- canonical/intel hns2600bpq24
- canonical/intel hns2600bps
- canonical/intel hns2600bps24
- canonical/intel r1208wfqysr
- canonical/intel r1208wftys
- canonical/intel r1208wftysr
- canonical/intel r1304wf0ys
- canonical/intel r1304wf0ysr
- canonical/intel r1304wftys
- canonical/intel r1304wftysr
- canonical/intel r2208wf0zs
- canonical/intel r2208wf0zsr
- canonical/intel r2208wfqzs
- canonical/intel r2208wfqzsr
- canonical/intel r2208wftzs
- canonical/intel r2208wftzsr
- canonical/intel r2224wfqzs
- canonical/intel r2224wftzs
- canonical/intel r2224wftzsr
- canonical/intel r2308wftzs
- canonical/intel r2308wftzsr
- canonical/intel r2312wf0np
- canonical/intel r2312wf0npr
- canonical/intel r2312wfqzs
- canonical/intel r2312wftzs
- canonical/intel r2312wftzsr
- canonical/intel s2600stb
- canonical/intel s2600stq
- canonical/intel s2600wf0
- canonical/intel s2600wfq
- canonical/intel s2600wft