7.7
HIGH
CVE-2023-30768
Intel Server Board S2600WT BIOS Privilege Escalation Vulnerability
Description

Improper access control in the Intel(R) Server Board S2600WTT belonging to the Intel(R) Server Board S2600WT Family with the BIOS version 0016 may allow a privileged user to potentially enable escalation of privilege via local access.

INFO

Published Date :

May 12, 2023, 3:15 p.m.

Last Modified :

Nov. 7, 2023, 4:14 a.m.

Remotely Exploitable :

No

Impact Score :

6.0

Exploitability Score :

1.1
Affected Products

The following products are affected by CVE-2023-30768 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Intel server_board_s1200v3rpl_firmware
2 Intel server_board_s1200v3rpm_firmware
3 Intel server_board_s1200v3rpo_firmware
4 Intel server_board_s1200v3rps_firmware
5 Intel server_board_s1400fp2_firmware
6 Intel server_board_s1400fp4_firmware
7 Intel server_board_s1400sp4_firmware
8 Intel server_board_s1400sp2_firmware
9 Intel server_board_s1600jp2_firmware
10 Intel server_board_s1600jp4_firmware
11 Intel server_board_s2400bb4_firmware
12 Intel server_board_s2400ep2_firmware
13 Intel server_board_s2400ep4_firmware
14 Intel server_board_s2400sc2_firmware
15 Intel server_board_s2600co4_firmware
16 Intel server_board_s2600coe_firmware
17 Intel server_board_s2600coeioc_firmware
18 Intel server_board_s2600cp2_firmware
19 Intel server_board_s2600cp2ioc_firmware
20 Intel server_board_s2600cp2j_firmware
21 Intel server_board_s2600cp4_firmware
22 Intel server_board_s2600cp4ioc_firmware
23 Intel server_board_s2600gl_firmware
24 Intel server_board_s2600gz_firmware
25 Intel server_board_s2600ip4_firmware
26 Intel server_board_s2600ip4l_firmware
27 Intel workstation_board_w2600cr2_firmware
28 Intel workstation_board_w2600cr2l_firmware
29 Intel server_board_s2600jf_firmware
30 Intel server_board_s2600wp_firmware
31 Intel server_board_s4600lh2_firmware
32 Intel server_board_s4600lt2_firmware
33 Intel server_board_s2600wpf_firmware
34 Intel server_board_s2600wpq_firmware
35 Intel server_board_s2600jff_firmware
36 Intel server_board_s2600jfq_firmware
37 Intel server_board_s2600cw2r_firmware
38 Intel server_board_s2600cw2sr_firmware
39 Intel server_board_s2600cwtr_firmware
40 Intel server_board_s2600cwtsr_firmware
41 Intel server_board_s2600cw2s_firmware
42 Intel server_board_s2600cwt_firmware
43 Intel server_board_s2600cwts_firmware
44 Intel server_board_s2600cw2_firmware
45 Intel server_board_s2600kpfr_firmware
46 Intel server_board_s2600kpr_firmware
47 Intel server_board_s2600kptr_firmware
48 Intel server_board_s2600kp_firmware
49 Intel server_board_s2600kpf_firmware
50 Intel server_board_s2600tpnr_firmware
51 Intel server_board_s2600tpfr_firmware
52 Intel server_board_s2600tpr_firmware
53 Intel server_board_s2600tpf_firmware
54 Intel server_board_s2600tp_firmware
55 Intel server_board_s2600wtts1r_firmware
56 Intel server_board_s2600wt2r_firmware
57 Intel server_board_s2600wttr_firmware
58 Intel server_board_s2600wt2_firmware
59 Intel server_board_s2600wtt_firmware
60 Intel server_board_s1200btlrm_firmware
61 Intel server_board_s1200btlr_firmware
62 Intel server_board_s1200btsr_firmware
63 Intel server_board_s1200btl_firmware
64 Intel server_board_s1200bts_firmware
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-30768.

URL Resource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00056.html Mitigation Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-30768 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2023-30768 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Nov. 07, 2023

    Action Type Old Value New Value
    Added CWE Intel Corporation CWE-284
  • Initial Analysis by [email protected]

    May. 24, 2023

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00056.html No Types Assigned https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00056.html Mitigation, Vendor Advisory
    Added CWE NIST NVD-CWE-noinfo
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s1200v3rpl_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0006 OR cpe:2.3:h:intel:server_board_s1200v3rpl:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s1200v3rpm_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0006 OR cpe:2.3:h:intel:server_board_s1200v3rpm:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s1200v3rpo_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0006 OR cpe:2.3:h:intel:server_board_s1200v3rpo:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s1200v3rps_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0006 OR cpe:2.3:h:intel:server_board_s1200v3rps:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s1400fp2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s1400fp2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s1400fp4_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s1400fp4:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s1400sp4_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s1400sp4:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s1400sp2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s1400sp2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s1600jp2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s1600jp2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s1600jp4_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s1600jp4:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2400bb4_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2400bb4:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2400bb4_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2400bb4:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2400ep2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2400ep2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2400ep4_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2400ep4:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2400sc2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2400sc2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600co4_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600co4:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600coe_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600coe:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600coeioc_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600coeioc:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600cp2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600cp2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600cp2ioc_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600cp2ioc:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600cp2j_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600cp2j:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600cp4_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600cp4:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600cp4ioc_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600cp4ioc:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600gl_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600gl:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600gz_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600gz:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600ip4_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600ip4:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600ip4l_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600ip4l:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:workstation_board_w2600cr2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:workstation_board_w2600cr2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:workstation_board_w2600cr2l_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:workstation_board_w2600cr2l:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600jf_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600jf:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600wp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600wp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s4600lh2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s4600lh2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s4600lt2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s4600lt2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600wpf_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600wpf:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600wpq_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600wpq:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600jff_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600jff:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600jfq_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0005 OR cpe:2.3:h:intel:server_board_s2600jfq:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600cw2r_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600cw2r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600cw2sr_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600cw2sr:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600cwtr_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600cwtr:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600cwtsr_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600cwtsr:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600cw2s_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600cw2s:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600cwt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600cwt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600cwts_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600cwts:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600cw2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600cw2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600kpfr_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600kpfr:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600kpr_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600kpr:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600kptr_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600kptr:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600kp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600kp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600kpf_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600kpf:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600tpnr_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600tpnr:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600tpfr_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600tpfr:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600tpr_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600tpr:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600tpf_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600tpf:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600tp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600tp:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600wtts1r_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600wtts1r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600wt2r_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600wt2r:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600wttr_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600wttr:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600wt2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600wt2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s2600wtt_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0018 OR cpe:2.3:h:intel:server_board_s2600wtt:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s1200btlrm_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0044 OR cpe:2.3:h:intel:server_board_s1200btlrm:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s1200btlr_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0044 OR cpe:2.3:h:intel:server_board_s1200btlr:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s1200btsr_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0044 OR cpe:2.3:h:intel:server_board_s1200btsr:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s1200btl_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0044 OR cpe:2.3:h:intel:server_board_s1200btl:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:intel:server_board_s1200bts_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 0044 OR cpe:2.3:h:intel:server_board_s1200bts:-:*:*:*:*:*:*:*
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-30768 is associated with the following CWEs:

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.04 }} 0.00%

score

0.07061

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability