What is the severity of CVE-2023-31276?

CVE-2023-31276 has been classified with a high severity rating due to the potential for a privileged user to exploit a heap-based buffer overflow.

How do I fix CVE-2023-31276?

To mitigate CVE-2023-31276, update the affected Intel Server Board firmware to version 02.01.0017 or later for S2600WF, S2600ST, S2600BP, and version R01.01.0009 or later for M50CYP and D50TNP.

Which Intel Server Boards are affected by CVE-2023-31276?

CVE-2023-31276 affects Intel Server Board S2600WF, S2600ST, S2600BP, M50CYP, and D50TNP prior to their respective patched firmware versions.

What type of vulnerability is CVE-2023-31276?

CVE-2023-31276 is a heap-based buffer overflow vulnerability that can be exploited by a privileged user.

Can CVE-2023-31276 allow unauthorized access?

While CVE-2023-31276 requires a privileged user to exploit it, it can potentially be used to escalate privileges and perform unauthorized actions.

Vulnerability/
CVE-2023-31276

high

8.4

CWE

122 119

12/2/2025

13/2/2025

CVE-2023-31276: Buffer Overflow

First published: Wed Feb 12 2025(Updated: )

Heap-based buffer overflow in BMC Firmware for the Intel(R) Server Board S2600WF, Intel(R) Server Board S2600ST, Intel(R) Server Board S2600BP, before version 02.01.0017 and Intel(R) Server Board M50CYP and Intel(R) Server Board D50TNP before version R01.01.0009 may allow a privileged user to enable escalation of privilege via local access.

Credit: secure@intel.com

Affected Software	Affected Version	How to fix
Intel Server Board S2600WF Firmware	<02.01.0017
Intel Server Board S2600ST Firmware	<02.01.0017
Intel Server Board S2600BPBR	<02.01.0017
Intel M50cyp	<R01.01.0009
Intel Server Board D50TNP	<R01.01.0009

Never miss a vulnerability like this again

Reference Links

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-00990.html

Frequently Asked Questions

What is the severity of CVE-2023-31276?
CVE-2023-31276 has been classified with a high severity rating due to the potential for a privileged user to exploit a heap-based buffer overflow.
How do I fix CVE-2023-31276?
To mitigate CVE-2023-31276, update the affected Intel Server Board firmware to version 02.01.0017 or later for S2600WF, S2600ST, S2600BP, and version R01.01.0009 or later for M50CYP and D50TNP.
Which Intel Server Boards are affected by CVE-2023-31276?
CVE-2023-31276 affects Intel Server Board S2600WF, S2600ST, S2600BP, M50CYP, and D50TNP prior to their respective patched firmware versions.
What type of vulnerability is CVE-2023-31276?
CVE-2023-31276 is a heap-based buffer overflow vulnerability that can be exploited by a privileged user.
Can CVE-2023-31276 allow unauthorized access?
While CVE-2023-31276 requires a privileged user to exploit it, it can potentially be used to escalate privileges and perform unauthorized actions.

agent/weakness
agent/references
agent/type
agent/description
agent/first-publish-date
agent/softwarecombine
collector/nvd-api
source/NVD
agent/severity
agent/source
agent/author
agent/event
agent/tags
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/intel
canonical/intel server board s2600wf firmware
canonical/intel server board s2600st firmware
canonical/intel server board s2600bpbr
canonical/intel m50cyp
canonical/intel server board d50tnp

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.