First published: Wed Jun 09 2021(Updated: )
Improper initialization in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable denial of service via local access.
Credit: secure@intel.com
Affected Software | Affected Version | How to fix |
---|---|---|
Intel Baseboard Management Controller Firmware | <2.48.ce3e3bd2 | |
Intel Compute Module HNS2600BPB24R Firmware | ||
Intel Compute Module hns2600bpbr | ||
Intel compute module hns2600bpq24r firmware | ||
Intel Compute Module hns2600bpqr | ||
Intel Compute Module HNS2600BPS24R Firmware | ||
Intel Compute Module hns2600bpsr | ||
Intel Server Board S2600BPB Firmware | ||
Intel Server Board S2600BPBR | ||
Intel Server Board S2600BPQ | ||
Intel S2600BPQR Firmware | ||
Intel Server Board S2600BPS Firmware | ||
Intel Server Board S2600BPSR Firmware | ||
Intel BBS2600STB | ||
Intel S2600STBR Firmware | ||
Intel Server Board S2600STQ | ||
Intel BBS2600STQR | ||
Intel S2600WF0 | ||
Intel Server Board S2600WF0R | ||
Intel S2600WFQ | ||
Intel S2600WFQR Firmware | ||
Intel S2600WFT | ||
Intel S2600WFTR | ||
Intel Server System R1208WFQYSR | ||
Intel Server System R1208WFTYSR | ||
Intel HPCR1208WFTYSR | ||
Intel Server System R1304WF0YS | ||
Intel Server System R1304WF0YSR | ||
Intel Server System R1304WFTYS | ||
Intel Server System R1304WFTYS | ||
Intel Server System R2208WF0ZS | ||
Intel hpcr2208wf0zsr | ||
Intel Server System R2208WFQZS | ||
Intel Server System R2208WFQZSR | ||
Intel Server System R2208WF TZS | ||
Intel Server System R2208WF TZS | ||
Intel Server System R2224WFQZS | ||
Intel R2224WFTZS | ||
Intel hpcr2224wftzsr | ||
Intel Server System R2308WFTZS | ||
Intel R2308WFTZSR | ||
Intel Server System R2312WF0NP | ||
Intel Server System R2312WF0NPR | ||
Intel Server System R2312WFQZS | ||
Intel hpcr2312wftzsr | ||
Intel Server System R2312WFTZSR |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-24475 refers to an improper initialization vulnerability in the BMC firmware for certain Intel Server Boards, Server Systems, and Compute Modules.
The severity of CVE-2020-24475 is medium with a CVSS score of 5.5.
CVE-2020-24475 may allow an authenticated user to potentially enable denial of service via local access.
To fix CVE-2020-24475, update the BMC firmware to version 2.48.ce3e3bd2 or later.
You can find more information about CVE-2020-24475 on the Intel Security Center Advisory page: [link](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00476.html)