Intel: Security Alert Concerning S4500/S4600 Series Firmware SSD for Data Centers
Releasing firmware updates to mitigate this potential vulnerability
This is a Press Release edited by StorageNewsletter.com on July 18, 2019 at 2:34 pmFrom Intel Corp.’ Security Center
A potential security vulnerability in Intel Corp.‘s SSD for data centers S4500/S4600 Series firmware may allow escalation of privilege. The company is releasing firmware updates to mitigate this potential vulnerability.
| Intel ID: | INTEL-SA-00267 |
|---|---|
| Advisory Category: | Firmware |
| Impact of vulnerability: | Escalation of Privilege |
| Severity rating: | MEDIUM |
| Original release: | 07/09/2019 |
| Last revised: | 07/09/2019 |
Vulnerability details:
-
CVEID: CVE-2018-18095
Description: Improper authentication in firmware for SSD DC S4500 Series and SSD DC S4600 Series before SCV10150 may allow an unprivileged user to potentially enable escalation of privilege via physical access. -
CVSS Base Score: 5.3 Medium
-
CVSS Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Affected Products:
-
SSD DC S4500 Series firmware before SCV10150.
-
SSD DC S4600 Series firmware before SCV10150.
Recommendations:
The company recommends updating SSD DC S4500 Series and SSD DC S4600 Series firmware to SCV10150 or later.
Updates are available for download at this location.
Acknowledgements:
This issue was found internally by Intel.
The company, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.
Revision history
|
Revision |
Date |
Description |
|
1.0 |
07/09/2019 |
Initial Release |
Subscribe to our free daily newsletter
