What is CVE-2018-12171?

CVE-2018-12171 is a critical-severity vulnerability in Intel Bbs2600bpb. CVSS score: 9.8/10. Published 2018-09-12.

How severe is CVE-2018-12171?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Vulnerability in Intel Bbs2600bpb

CVE-2018-12171

Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network.

EPSS: 0.021 (79.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Intel Bbs2600bpb
Intel Bbs2600bpq
Intel Bbs2600bps
Intel Bbs2600stb
Intel Bbs2600stq
Intel Bmc_firmware
Intel Hns2600bpb
Intel Hns2600bpb24
Intel Hns2600bpblc
Intel Hns2600bpblc24

References

secure@intel.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2018-12171?: CVE-2018-12171 is a critical-severity vulnerability in Intel Bbs2600bpb. CVSS score: 9.8/10. Published 2018-09-12.
How severe is CVE-2018-12171?: Critical severity. CVSS v3 base score is 9.8 out of 10.