Intel Server Boards and Systems Privilege Escalation Vulnerability in Firmware Update Utility
Vulnerability
A vulnerability allowing privilege escalation has been identified in the System Firmware Update Utility (SysFwUpdt) for certain Intel Server Boards and Intel Server Systems, prior to version 16.0.12. This vulnerability arises from incorrect permission assignments for critical resources, which may be exploited by a system software adversary with privileged user access. The attack, characterized by low complexity, could potentially occur through local access, without special internal knowledge, and requires passive user interaction. If exploited, this vulnerability could significantly impact the system's confidentiality, integrity, and availability.
Impact
Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a user to gain elevated rights or access within the system.
Remediation
Users are advised to update the System Firmware Update Utility (SysFwUpdt) for Intel Server Boards and Intel Server Systems to version 16.0.12 or later. The update is available for download from the Intel Download Center.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.