CVE-2024-31158

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 13, 2024
Updated: Nov 15, 2024
CWE ID 20

Summary

CVE-2024-31158 is a newly disclosed vulnerability affecting certain Intel(R) Server Board S2600BP Family products. The issue stems from improper input validation in the UEFI firmware, which could potentially enable a privileged user to escalate their privileges through local access. This vulnerability poses a significant risk to system security if exploited successfully, and affected organizations are urged to apply the forthcoming patch as soon as it becomes available.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share