Critical Flaw Found in Intel Server Board Firmware – Update Now!

CVECVE-2023-22661
CVSScvssV3_1: 8.2
SourceCVE-2023-22661

Intel has disclosed a buffer overflow vulnerability in the BMC (Baseboard Management Controller) firmware used on some of their server boards. The BMC is a chip used for remote management of servers and works independently of the main server firmware/OS.

An attacker with local access to the server via a physical console or remote management interface could potentially exploit this flaw. By sending a specially crafted request, they may be able to overflow a buffer and execute arbitrary code with root/administrator privileges on the BMC. This would allow complete takeover of the remote management functions.

While remote code execution on the BMC alone may not immediately compromise the main server OS, it could be used as a stepping stone for further attacks. The attacker would then have a way to persist even if the server is rebooted or its OS is reinstalled. They could also potentially access and leak sensitive diagnostic information, firmware updates or interrupt normal server operations.

The CVSS score of 8.2 indicates this vulnerability is considered highly critical. Intel has released updated firmware versions to address this issue. Server administrators should check if their Intel server boards are affected and upgrade the BMC firmware to the latest version immediately. Enabling strong passwords, disabling unnecessary services and keeping systems up-to-date can help mitigate risks from exploits of this vulnerability.

References