Cyber Resilience

CVE-2023-31276

High

Published: 12 February 2025

Published
12 February 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0006 19.8th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-31276 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Intel (inferred from references). Its CVSS base score is 8.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 19.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and AC-6 (Least Privilege).

Deeper analysis

CVE-2023-31276 is a heap-based buffer overflow vulnerability (CWE-122) in the Baseboard Management Controller (BMC) firmware for several Intel server boards, including the Intel Server Board S2600WF, S2600ST, and S2600BP prior to version 02.01.0017, as well as the Intel Server Board M50CYP and D50TNP prior to version R01.01.0009. Published on 2025-02-12, it carries a CVSS v3.1 base score of 8.2 (AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H), indicating high severity due to its potential for significant confidentiality, integrity, and availability impacts with a changed scope.

A privileged user with local access can exploit this vulnerability by triggering the heap-based buffer overflow in the BMC firmware, potentially enabling escalation of privileges. The attack requires high privileges (PR:H) and local access (AV:L) with low complexity (AC:L) and no user interaction (UI:N), allowing the attacker to gain elevated control over the affected system.

Intel's security advisory (INTEL-SA-00990) details the issue and recommends updating the BMC firmware to version 02.01.0017 or later for the S2600WF, S2600ST, and S2600BP models, and to version R01.01.0009 or later for the M50CYP and D50TNP models as the primary mitigation.

EU & UK References

Vulnerability details

Heap-based buffer overflow in BMC Firmware for the Intel(R) Server Board S2600WF, Intel(R) Server Board S2600ST, Intel(R) Server Board S2600BP, before version 02.01.0017 and Intel(R) Server Board M50CYP and Intel(R) Server Board D50TNP before version R01.01.0009 may allow a privileged…

more

user to enable escalation of privilege via local access.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Heap buffer overflow in BMC firmware directly enables local privilege escalation by a privileged user.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-24067Shared CWE-122
CVE-2026-24283Shared CWE-122
CVE-2026-40407Shared CWE-122
CVE-2026-20840Shared CWE-122
CVE-2025-24995Shared CWE-122
CVE-2025-21418Shared CWE-122
CVE-2026-20864Shared CWE-122
CVE-2025-26634Shared CWE-122
CVE-2025-24066Shared CWE-122
CVE-2026-25188Shared CWE-122

Affected Assets

Intel
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the heap-based buffer overflow vulnerability in BMC firmware by requiring timely identification, testing, and application of Intel's recommended firmware updates.

prevent

Implements memory protections such as ASLR and non-executable memory segments that mitigate exploitation of the heap buffer overflow even prior to full patching.

prevent

Enforces least privilege to restrict the number and scope of high-privilege (PR:H) accounts with local access that could exploit the vulnerability for escalation.

References