Intel Server Firmware Update Utility Privilege Escalation Vulnerability

A privilege escalation vulnerability has been identified in Intel Server Firmware Update Utility (SysFwUpdt) versions prior to 16.0.12. This vulnerability arises from improper input validation and may allow a system software adversary with privileged user access to escalate privileges. The issue can potentially be exploited through local access, without special internal knowledge, and requires no user interaction. The vulnerability could impact the confidentiality, integrity, and availability of the affected system.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a user to gain elevated rights or access within the system.

Remediation

Users are advised to update the Intel Server Firmware Update Utility to version 16.0.12 or later. The update is available for download from the Intel Download Center. Additionally, users of Intel Server Board M50CYP Family, D50TNP Family, D50DNP Family, and M50FCP Family should update to the latest versions of the BIOS and System Firmware Update Package (SFUP) available for their respective boards.