Critical Flaw Afflicts Several Intel Motherboards and Server Systems
Intel issued a warning regarding a rare, critical severity vulnerability affecting several of its motherboards, server systems and compute modules. The flaw could allow an unauthenticated, remote hacker to get escalated privileges.
Researcher, Dmytro Oleksiuk, discovered the flaw. The flaw exists in the firmware of Emulex Pilot 3, which is a service processor that monitors the physical state of a computer, network server or other hardware devices via specialized sensors. Emulex Pilot 3 is used by several motherboards. Also affected are several server operating systems, and some Intel compute modules, which provide various functions.
The critical flaw stems from improper authentication in Intel products before version 1.59. By bypassing authentication, a hacker could have access to the KVM console of the server. The KVM console can access the system consoles of network devices to monitor and control their functionality. The KVM console provides an access point to the display, keyboard and mouse of the remote server. The flaw is dangerous since hackers don't need to be authenticated. They still need to be in the same network segment as the vulnerable servers. The exploit is simple and very reliable because it's a design flaw.
Intel also fixed bugs for 22 CVEs affecting its server board, systems and compute modules. Another high-severity flaw fixed is a heap-based overflow that’s exploitable as an authenticated user. Other flaws that Intel patched which enabled escalated privileges include an incorrect execution-assigned permission in the file system and a buffer overflow in daemon.
Affected server systems include the followingR1000WT, R2000WT, R1000SP, LSVRP and LR1304SP. Intel motherboards affected by the flaws are S2600WT, S2600CW, S2600KP, S2600TP, S1200SP, S2600WF, S2600ST and S2600BP.Compute modules affected include HNS2600KP, HNS2600TP and HNS2600BP.