CVE-2020-12380

Out of bounds read in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.

Published: Feb 17, 2021
Updated: Apr 13, 2023
CVE: CVE-2020-12380
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-125

Affected Software
References

Software	From	Fixed in
intel / bmc_firmware	-	2.47

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00434.html

Vulnerability Database

290,206

CVE-2020-12380