Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intel bmc firmware vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-24473
Out of bounds write in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Baseboard Management Controller Firmware
7.8
CVSSv3
CVE-2020-12377
Insufficient input validation in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Bmc Firmware
7.8
CVSSv3
CVE-2020-12380
Out of bounds read in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Bmc Firmware
7.5
CVSSv3
CVE-2020-11487
NVIDIA DGX servers, DGX-1 with BMC firmware versions before 3.38.30. DGX-2 with BMC firmware versions before 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerability in the AMI BMC firmware in which the use of a hard-coded RSA 1024 key with weak c...
Intel Bmc Firmware
7.5
CVSSv3
CVE-2020-11616
NVIDIA DGX servers, all BMC firmware versions before 3.38.30, contain a vulnerability in the AMI BMC firmware in which the Pseudo-Random Number Generator (PRNG) algorithm used in the JSOL package that implements the IPMI protocol is not cryptographically strong, which may lead to...
Intel Bmc Firmware
7.5
CVSSv3
CVE-2020-11615
NVIDIA DGX servers, all BMC firmware versions before 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure.
Intel Bmc Firmware
7.5
CVSSv3
CVE-2020-11489
NVIDIA DGX servers, all DGX-1 with BMC firmware versions before 3.38.30 and all DGX-2 with BMC firmware versions before 1.06.06, contain a vulnerability in the AMI BMC firmware in which default SNMP community strings are used, which may lead to information disclosure.
Intel Bmc Firmware
7.5
CVSSv3
CVE-2013-4786
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote malicious users to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.
Oracle Fujitsu M10 Firmware
Intel Intelligent Platform Management Interface 2.0
1 EDB exploit
1 Github repository
7.1
CVSSv3
CVE-2023-22442
Out of bounds write in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.
Intel Server System D50tnp1mhcrlc Firmware
Intel Server System D50tnp1mhcpac Firmware
Intel Server System D50tnp2mhsvac Firmware
Intel Server System D50tnp2mhstac Firmware
Intel Server System D50tnp1mhcrac Firmware
Intel Server System D50tnp2mfalac Firmware
Intel Server System M50cyp1ur204 Firmware
Intel Server System M50cyp1ur212 Firmware
Intel Server System M50cyp2ur312 Firmware
Intel Server System M50cyp2ur208 Firmware
6.7
CVSSv3
CVE-2023-25545
Improper buffer restrictions in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.
Intel Server System D50tnp1mhcrlc Firmware
Intel Server System D50tnp1mhcpac Firmware
Intel Server System D50tnp2mhsvac Firmware
Intel Server System D50tnp2mhstac Firmware
Intel Server System D50tnp1mhcrac Firmware
Intel Server System D50tnp2mfalac Firmware
Intel Server System M50cyp1ur204 Firmware
Intel Server System M50cyp1ur212 Firmware
Intel Server System M50cyp2ur312 Firmware
Intel Server System M50cyp2ur208 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »