Vulnerabilities > CVE-2019-0099 - Unspecified vulnerability in Intel Server Platform Services Firmware

CVSS 6.8 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

intel

NVD

Published: 2019-05-17

Updated: 2020-08-24

Summary

Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Vulnerable Configurations

Part	Description	Count
OS	Intel Intel Server Platform Services Firmware 3.0.6.267.4 Intel Server Platform Services Firmware 4.0 Intel Server Platform Services Firmware 4.00.04.367 Intel Server Platform Services Firmware 4.00.04.382 Intel Server Platform Services Firmware 4.00.04.383 Intel Server Platform Services Firmware 4.01.00.152.0 Intel Server Platform Services Firmware 4.01.02.173 Intel Server Platform Services Firmware 4.01.02.174 Intel Server Platform Services Firmware 5.00.04.012 Intel Server Platform Services Firmware Sps_E3_04.01.00.000.0 Intel Server Platform Services Firmware Sps_E3_04.01.04.085.0 Intel Server Platform Services Firmware Sps_E3_04.01.04.086.0 Intel Server Platform Services Firmware Sps_E3_04.01.04.700.0	13

Summary

Vulnerable Configurations

References