Vulnerabilities > CVE-2020-8732 - Out-of-bounds Write vulnerability in Intel products

CVSS 5.8 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

low complexity

intel

CWE-787

NVD

Published: 2020-08-13

Updated: 2020-08-17

Summary

Heap-based buffer overflow in the firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

Vulnerable Configurations

Part	Description	Count
OS	Intel Intel Server Board S2600Wt Firmware * Intel Server System R1000Wt Firmware * Intel Server System R2000Wt Firmware * Intel Server Board S2600Cw * Intel Compute Module Hns2600Kp Firmware * Intel Server Board S2600Kp Firmware * Intel Compute Module Hns2600Tp Firmware * Intel Compute Module S2600Tp Firmware * Intel Server Board S1200Sp Firmware * Intel Server System Lr1304Sp Firmware * Intel Server System Lsvrp Firmware * Intel Server System R1000Sp Firmware * Intel Server Board S2600Wf Firmware * Intel Server System R1000Wf Firmware * Intel Server System R2000Wf Firmware * Intel Server Board S2600St Firmware * Intel Compute Module Hns2600Bp Firmware * Intel Server Board S2600Bp Firmware *	18
Hardware	Intel Intel Server Board S2600Wt2 - Intel Server Board S2600Wt2R - Intel Server Board S2600Wtt - Intel Server Board S2600Wttr - Intel Server System R1208Wt2Gs - Intel Server System R1208Wt2Gsr - Intel Server System R1208Wttgs - Intel Server System R1208Wttgsbpp - Intel Server System R1208Wttgsr - Intel Server System R1304Wt2Gs - Intel Server System R1304Wt2Gsr - Intel Server System R1304Wttgs - Intel Server System R1304Wttgsr - Intel Server System R2208Wt2Ys - Intel Server System R2208Wt2Ysr - Intel Server System R2208Wttyc1 - Intel Server System R2208Wttyc1R - Intel Server System R2208Wttys - Intel Server System R2208Wttysr - Intel Server System R2224Wttys - Intel Server System R2224Wttysr - Intel Server System R2308Wttys - Intel Server System R2308Wttysr - Intel Server System R2312Wttys - Intel Server System R2312Wttysr - Intel Compute Module Hns2600Kp - Intel Compute Module Hns2600Kpf - Intel Compute Module Hns2600Kpfr - Intel Compute Module Hns2600Kpr - Intel Server Board S2600Kp - Intel Server Board S2600Kpf - Intel Server Board S2600Kpfr - Intel Server Board S2600Kpr - Intel Server Board S2600Kptr - Intel Compute Module Hns2600Tp - Intel Compute Module Hns2600Tp24R - Intel Compute Module Hns2600Tp24Sr - Intel Compute Module Hns2600Tpf - Intel Compute Module Hns2600Tpfr - Intel Compute Module Hns2600Tpr - Intel Server Board S2600Tp - Intel Server Board S2600Tpf - Intel Server Board S2600Tpfr - Intel Server Board S2600Tpr - Intel Server Board S1200Spl - Intel Server Board S1200Splr - Intel Server Board S1200Spo - Intel Server Board S1200Spor - Intel Server Board S1200Sps - Intel Server Board S1200Spsr - Intel Server System Lr1304Spcfg1 - Intel Server System Lr1304Spcfg1R - Intel Server System Lr1304Spcfsgx1 - Intel Server System Lsvrp4304Es6Xx1 - Intel Server System Lsvrp4304Es6Xxr - Intel Server System R1208Sposhor - Intel Server System R1208Sposhorr - Intel Server System R1304Sposhbn - Intel Server System R1304Sposhbnr - Intel Server System R1304Sposhor - Intel Server System R1304Sposhorr - Intel Server Board S2600Wf0 - Intel Server Board S2600Wf0R - Intel Server Board S2600Wfq - Intel Server Board S2600Wfqr - Intel Server Board S2600Wft - Intel Server Board S2600Wftr - Intel Server System Lnetcnt3Y - Intel Server System Mcb2208Wfaf4 - Intel Server System Mcb2208Wfaf5 - Intel Server System Mcb2208Wfaf6 - Intel Server System Mcb2208Wfhy2 - Intel Server System Nb2208Wfqnfvi - Intel Server System R1208Wfqysr - Intel Server System R1208Wftys - Intel Server System R1208Wftysr - Intel Server System R1304Wf0Ys - Intel Server System R1304Wf0Ysr - Intel Server System R1304Wftys - Intel Server System R1304Wftysr - Intel Server System R2208Wf0Zs - Intel Server System R2208Wf0Zsr - Intel Server System R2208Wfqzs - Intel Server System R2208Wfqzsr - Intel Server System R2208Wftzs - Intel Server System R2208Wftzsr - Intel Server System R2224Wfqzs - Intel Server System R2224Wftzs - Intel Server System R2224Wftzsr - Intel Server System R2308Wftzs - Intel Server System R2308Wftzsr - Intel Server System R2312Wf0Np - Intel Server System R2312Wf0Npr - Intel Server System R2312Wfqzs - Intel Server System R2312Wftzs - Intel Server System R2312Wftzsr - Intel Server System Vrn2208Waf6 - Intel Server System Vrn2208Wfaf81 - Intel Server System Vrn2208Wfaf82 - Intel Server System Vrn2208Wfaf83 - Intel Server System Vrn2208Wfhy6 - Intel Server Board S2600Stb - Intel Server Board S2600Stbr - Intel Server Board S2600Stq - Intel Server Board S2600Stqr - Intel Compute Module Hns2600Bpb - Intel Compute Module Hns2600Bpb24 - Intel Compute Module Hns2600Bpb24R - Intel Compute Module Hns2600Bpblc - Intel Compute Module Hns2600Bpblc24 - Intel Compute Module Hns2600Bpblc24R - Intel Compute Module Hns2600Bpblcr - Intel Compute Module Hns2600Bpbr - Intel Compute Module Hns2600Bpq - Intel Compute Module Hns2600Bpq24 - Intel Compute Module Hns2600Bpq24R - Intel Compute Module Hns2600Bpqr - Intel Compute Module Hns2600Bps - Intel Compute Module Hns2600Bps24 - Intel Compute Module Hns2600Bps24R - Intel Compute Module Hns2600Bpsr - Intel Server Board S2600Bpb - Intel Server Board S2600Bpbr - Intel Server Board S2600Bpq - Intel Server Board S2600Bpqr - Intel Server Board S2600Bps - Intel Server Board S2600Bpsr -	127
Application	Intel Intel Server Board S2600Cw2 - Intel Server Board S2600Cw2R - Intel Server Board S2600Cw2S - Intel Server Board S2600Cw2Sr - Intel Server Board S2600Cwt - Intel Server Board S2600Cwtr - Intel Server Board S2600Cwts - Intel Server Board S2600Cwtsr -	8

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References