What is the severity of CVE-2023-29164?

CVE-2023-29164 has a moderate severity level due to improper access control in the BMC Firmware.

How do I fix CVE-2023-29164?

To fix CVE-2023-29164, update the affected BMC Firmware to version 02.01.0017 or later, or version R01.01.0009 or later for Intel Server Boards M50CYP and D50TNP.

Which products are affected by CVE-2023-29164?

CVE-2023-29164 affects BMC Firmware for Intel Server Board S2600WF, S2600ST, S2600BP, M50CYP, and D50TNP before their respective patched versions.

What type of vulnerability is CVE-2023-29164?

CVE-2023-29164 is classified as an improper access control vulnerability.

Who is affected by CVE-2023-29164?

Authenticated users of the affected Intel Server Boards and BMC Firmware prior to the specified versions are vulnerable to CVE-2023-29164.

Vulnerability/
CVE-2023-29164

high

7.3

CWE

284

12/2/2025

13/2/2025

CVE-2023-29164

First published: Wed Feb 12 2025(Updated: )

Improper access control in BMC Firmware for the Intel(R) Server Board S2600WF, Intel(R) Server Board S2600ST, Intel(R) Server Board S2600BP, before version 02.01.0017 and Intel(R) Server Board M50CYP and Intel(R) Server Board D50TNP before version R01.01.0009 may allow an authenticated user to enable escalation of privilege via local access.

Credit: secure@intel.com

Affected Software	Affected Version	How to fix
BMC Firmware	<02.01.0017
Intel Server Board S2600WF Firmware	<02.01.0017
Intel Server Board S2600ST Firmware	<02.01.0017
Intel Server Board S2600BPBR	<02.01.0017
Intel Server Board M50CYP	<R01.01.0009
Intel Server Board D50TNP	<R01.01.0009

Never miss a vulnerability like this again

Reference Links

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-00990.html

Frequently Asked Questions

What is the severity of CVE-2023-29164?
CVE-2023-29164 has a moderate severity level due to improper access control in the BMC Firmware.
How do I fix CVE-2023-29164?
To fix CVE-2023-29164, update the affected BMC Firmware to version 02.01.0017 or later, or version R01.01.0009 or later for Intel Server Boards M50CYP and D50TNP.
Which products are affected by CVE-2023-29164?
CVE-2023-29164 affects BMC Firmware for Intel Server Board S2600WF, S2600ST, S2600BP, M50CYP, and D50TNP before their respective patched versions.
What type of vulnerability is CVE-2023-29164?
CVE-2023-29164 is classified as an improper access control vulnerability.
Who is affected by CVE-2023-29164?
Authenticated users of the affected Intel Server Boards and BMC Firmware prior to the specified versions are vulnerable to CVE-2023-29164.

collector/mitre-cve
source/MITRE
agent/weakness
agent/references
agent/type
agent/description
agent/first-publish-date
agent/guess-ai
agent/software-canonical-lookup
agent/softwarecombine
collector/nvd-api
source/NVD
agent/last-modified-date
agent/severity
agent/source
agent/author
agent/tags
agent/event
vendor/bmc
canonical/bmc firmware
vendor/intel
canonical/intel server board s2600wf firmware
canonical/intel server board s2600st firmware
canonical/intel server board s2600bpbr
canonical/intel server board m50cyp
canonical/intel server board d50tnp

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.